24 x 7 Service Management and Monitoring
The earthwave SIG is managed and monitored 24/7 from redundant earthwave Security Operation Centres (SOC’s). earthwave’s expert staff of security analysts is available 24/7 to provide management, monitoring, and support, thereby relieving customers of the unrelenting and time-consuming responsibility of safeguarding corporate information assets.
The earthwave SOC's, serve as home to earthwave's security analysts, as well as customer engineering groups. Designed for maximum redundancy, earthwave's multi-million dollar, state-of-the-art SOC's contain redundant, discrete power sources, fire suppression systems, three-factor biometric personnel screening and VPN termination points that allow interoperability with nearly any client network. The earthwave SOC is the engine enabling earthwave Managed Security Services. The SOC combines the capabilities of multiple Security Operations Centres (SOCs), advanced analysis and correlation, artificial intelligence, industry-leading security expertise and a high impact Web-based management portal in a single unified system. The SOC has been designed to reduce the complexity and burden of manual data analysis and improve the accuracy of security event identification, incident escalation and remediation.
Real-time Threat Analysis and Incident Response
The earthwave 24 x 7 Security Analysts constantly monitor, analyse and report on all security matters affecting the customer gateway. Our team consists of industry certified engineers, with significant experience in analysing attack patterns and malicious activity, enabling them to effectively distinguish between false positives and real security incidents.
earthwave deploys leading Correlation, Data Mining and External Threat & Verification techniques. Our 24x7 Watch Team continuously monitors systems under earthwave's management. Detected incidents are immediately processed, and incident detection and response procedures initiated. As part of this process client technical and on-call representatives are advised and kept informed during the course of the incident with formal post-incident reporting and forensics data provided.
Managed Firewall Service
The earthwave SIG offers 3-tiers of redundant and multi-vendor Firewalls. Security best practice suggests that no connections should be allowed directly from un-trusted to trusted networks, rather such connections should be broken or proxied via intermediate semi-trusted or DMZ segments. The earthwave SIG allows applications to be deployed with the Presentation, Application and Database layers totally segregated and protected by firewall and intrusion prevention, reverse proxy, and web application firewall technologies.
Managed IPSec VPN and SSL VPN Remote Access Service
earthwave deploys standards based site-to-site & client remote access VPNs to secure the integrity of information transmitted over public and private networks. By leveraging dedicated VPN technology, this service creates cost-efficient trust relationships for critical online business operations acting across multiple locations. In addition, we help coordinate VPN communications with client business partners and other third-party participants.
Managed Network Intrusion Detection and Prevention Service
This service supplements your firewall protection by adding Network Intrusion Detection and Prevention services to the gateway architecture and quietly monitoring network and server traffic, watching for suspicious activity and stopping attacks in progress. By strategically placing intrusion detection sensors on critical segments, earthwave security operations experts can manage the devices around the clock, proactively watching for security violations or misuse that originate from inside or outside the network. Alarms automatically signal suspicious activity, prompting quick response and escalation as required.
Furthermore, Host Intrusion Detection and Prevention Services are available to customers where we host your servers within the earthwave SIG.
Managed Mail Protection Service
The Managed Mail Protection Service provides automatic, real-time protection against virus and spam threats at the email gateway through continuous scanning, virus detection, cleansing, and quarantining; policy management; and delivery of the latest virus definition updates.
Managed Web Protection Service
The Managed Web Protection Service delivers the capabilities for organisations to protect themselves against web based threats, meet legal and regulatory requirements, implement productivity saving policies and manage the intellectual property passing through their network.
Managed Secure Mail Service
The Managed Secure Mail Service provides an enterprise secure messaging solution for protecting e-mail and files shared internally and across company boundaries. It combines strong content security authentication, encryption, and data integrity checking with an unprecedented set of rights management features. Two protection levels Secure Delivery and Secure Content give you the flexibility to apply the appropriate amount of security on a message-by-message basis.
Managed Authentication Service
Your company needs to provide remote network access to employees, business partners, suppliers and customers. At the same time, you must ensure your network cannot be compromised by unauthorised access. User authentication is a key component of any corporate security strategy. With the Managed Authentication Service, you can control and authorise access to corporate resources, intellectual property and mission-critical business applications using best-practice Two Factor Authentication methods. The service provides the answer to the question is the person who is attempting to access protected files and/or resources an authentic user or an impostor?
Managed Distributed Denial of Services Protection
Using sophisticated traffic anomaly detectors this service proactively identifies threats, improves overall network performance and mitigates DDoS attacks before reaching your network. The detector analyses NetFlow statistics from the earthwave SIG core routers and performs flow level attack analysis to identify targeted attacks. In addition to this a profile based anomaly baseline allows differences in network behavior to be detected, even if the underlying attack has never been seen before. This information is relayed back upstream to the mitigation device for remediation. A remediation process can be initiated automatically, by the earthwave SOC or by the customer using the MSS Client Portal.
Managed Reverse Proxy Service
The Managed Reverse Proxy Service securely isolates general-purpose servers from direct Internet access, acting as an intermediary between web servers and the external clients who attempt to access them. Robust authentication and policy support, using an organisation’s existing security framework, enable customers to enforce granular control over user access. For additional protection, earthwave provides optional real-time virus scanning of all content uploaded to web servers.
Furthermore at the heart of the Managed Reverse Proxy Service are patented proxy caching technology and an optimised TCP stack for efficient web content acceleration. The integrated cache allows 60-90% of an application’s web objects to be cached and served directly to users, significantly enhancing site performance and scalability. Optional hardware-accelerated SSL services offload CPU-intensive encryption operations from web servers as well.
Managed Web Application Firewall Service
earthwave Web Application Firewall Management Service offers a managed solution for efficient deployment, management and monitoring of web application firewall device(s). Delivered through market-leading technology, proven processes and skilled personnel, the service simplifies the use of web application firewall technology to help protect online applications against sophisticated application level attacks like SQL injection and Crosssite scripting, theft and leakage of data from online applications, and satisfies the PCI DSS (Payment Card Industry Data Security Standard) 6.6 application security requirement.
earthwave Web Application Firewall Management Service complements application strategies and investments such as secure software development life cycle (SDLC), code review and application tests as well as network centric security investments including firewalls, IDS, database and log management technologies.
Secure Hosting is typically provided in conjunction with Gateway Services, but may be provided as a stand-alone service. Secure Hosting is provided for organisations wishing to have either a website or server hosted in a DSD certified and ASIO T4 accredited secure environment.
Rack space is available in either a full rack or half-rack configuration. We can provide a secure (hardened) server for the hosted applications or you can provide the server which we will harden to the appropriate level.
The hosted device can be managed by earthwave on your behalf or you can remotely manage it yourself. Tailored solutions for your requirements can be arranged to suit organisational and compliance needs.
Where we deploy the server, the following options are also available:
- Health and performance monitoring
- Availability monitoring
- Load balancing
- Reverse Proxy
- Secure content administration
- Backup and recovery services
- Virus and local firewall protection services
- Patch management services
- Host intrusion detection & prevention services
- Local firewall, spyware and virus protection
FedLink uses the Internet to provide government approved connectivity between departments and agencies. This leads to significant savings on the cost of leased lines for secure communications. By using the Internet, FedLink provides a cost-effective solution that can reach regionally-based agencies, service providers and overseas. FedLink Agencies can communicate between themselves up to the PROTECTED level depending on their internal network and gateway classification. The security of FedLink comes from the IPSec international standard. IPSec creates authenticated, encrypted links between participating agencies to create a Virtual Private Network (VPN) across the public Internet.