Any business Internet connection, regardless of who provides it, requires dependable perimeter protection as a minimum requirement. Small to medium businesses cannot always justify the total cost of ownership of a hardware-based firewall solution, nor do they necessarily have the resources in terms of IT and networking skills to manage policy and maintain updates to the firewall platform.
For our business Internet and wide area network customers, we provide a perimeter firewall service, based upon a geographically diverse, high-availability platform which is fully managed in terms of monitoring, policy change management and maintenance of underlying infrastructure. This scalable, reliable, multi-customer security platform is an ideal entry-level firewall solution for small businesses who desire a simple-to-implement, hands-off approach to protecting their Internet perimeter.
- Dedicated, single firewall on premise
- High availability firewalls on premise
- Branch office firewalls
- Centralised, hosted firewall(s) for your Wide Area Network (e.g. MPLS WAN)
- Secure, remote-access solutions including multi-factor authentication
- Multi-site Internet-based VPNs
- Universal Threat Management (UTM), advanced firewall
- Intrusion detection / protection service
- Cisco Firepower solutions
- Geo-blocking of inbound traffic
The Internet perimeter is a vitally important element in protecting your business from external attack. We can help mitigate this risk with the provision of an advanced, dedicated firewall, configured and managed to meet your needs.
Every business is different, so we take a consultative approach to understanding your likely exposure and existing technology landscape. We help protect customers with single-site business Internet connectivity, as well as multi-site organisations that require centralised, high-availability perimeter firewalls deployed at the heart of their network. There is no one-size-fits-all answer to Internet perimeter security, so once we have a good understanding of your requirements, we’ll recommend a firewall solution to fit your needs.
Today’s flexible working environment requires networks to be equally so. Locked down, inflexible networks prevent offices from allowing users to make use of all of their devices whenever they need them. Cisco Identity Service Engine is a network administration engine which allows organisations to manage end user devices being used on the network. Our NOC team is skilled in providing management of this service, allowing organisations to better protect their networks when confronting the challenges of Bring-Your-Own-Device networking.
Secure remote access
For businesses with mobile and remote users, access to business applications and data needs to be secure. For those with secured core networks, alternative solutions are needed to allow those remote users access. By providing the use of Virtual Private Networks (VPN) or Two-Factor Authentication (2FA), we can ensure our customers’ security remains intact, as well as the security of their remote user traffic, despite being beyond the protected core environment.
Assessing current level of risk or exposure to threats can be a complex procedure. The question is: where to start? A high-level, structured questionnaire might reveal key areas of focus, kick-start the process and help address the most pressing risk.
Simply adding boxes or software does not always result in reduced risk. Our approach in reviewing your IT risk is consultative, honest and in-depth, giving you the knowledge needed to need to reduce risk, and followed up with appropriate, affordable solutions.
How we work
We generally look at likelihood of a cyber incident and impact on the business when evaluating a business’ exposure to cyber risk.
- Likelihood can be measured by how well cyber protection mechanisms (firewalls, anti-virus, patching, etc.) are implemented. UK certifications like Cyber Essentials can give a good indication if a business has reasonable protection mechanisms in place.
- Impact is measured by looking at how the business operates in terms of reliance on the confidentiality, integrity and availability of IT systems and data. In other words, looking for what potential threats there are to the business and which of these would have the largest negative impact. International certifications like ISO27001 will add business risk analysis to what is offered through Cyber Essentials.
Vulnerability scanning and penetration testing
For an independent and thorough assessment of your Internet perimeter security, we can arrange for a vulnerability scan of your attack surface, encompassing all of your Internet-facing IP address space. You might wish to include elements of authenticated systems, allowing us to go one step deeper into your Internet-facing infrastructure. For example, for a user area of a website that requires basic username / password credentials, we can recreate a username / password breach and assess any exposure beyond the login.
Our trusted consultants can:
- Perform vulnerability scanning on network and software elements. This non-intrusive method provides analysis of the vulnerabilities found on specific network elements, without the vulnerabilities themselves being exploited
- Perform penetration testing, providing detailed documented findings and identification of the vulnerabilities that were exploited, with recommendations for improvements