• Home
• Solutions
  • Advance Exchange Services
  • Broadband Communications
  • Data & IP Services
  • VPN (Dedicated / Remote)
  • Internet Access
  • Managed Network Services
  • Online Storage Solutions
  • Onsite Service & Support
  • PCI & EMV Compliance
  • Professional Services
  • Repair Services
  • Secure Gateways
  • Security Services
  • Staging and Configuration
  • Transactional Services
  • Warehousing / Inventory
  • Warranty Management
  • Wireless
• Products
  • GPRS Router
  • GSM / GPRS Terminal
  • NSI ConvSSL
  • NSI SSL Gateway
  • SonicWALL TZ 170 Series
• Corporate
• Contact

Client Sign-In

Security Services

Effective security depends on a full understanding of your risk

You can never eliminate risk. Our goal is to make sure you have the policies, procedures, and systems in place to effectively and efficiently mitigate risks within the context of your specific risk tolerance.

We take a business-driven approach to security. We assess your organization's individual risk profile before we make recommendations about the optimal security plan for your organization. Often this approach reveals that many organizations are spending too much on resources protecting some assets while putting too little emphasis on others.

We aim to:

• Make the most of your existing assets using the people, technologies, and budgets already in place
• Help you align your security requirements to industry standards
• Give you a competitive advantage through proven information security
• Help you control the costs and pain around reactive, symptom-driven information security approaches

Our professional services consultants offer advice and practical assistance with:

• Strategy and planning
• Security assessments, consulting and training
• Technical design, implementation & deployment

Top

Life Cycle Management

Mitigate Risk

NSI follows a standard five-step process to help ensure that the solutions we recommend meet your individual needs.

• Evaluate
• Determine what you currently have in place, your vulnerabilities, your assets, and your overall risk in context with your risk tolerance.
• Design
• Map assets, resources, processes, technologies and plans to address your security needs by priority.
• Integrate
• Span security throughout critical business applications, networks and your extended enterprise for greater visibility into risks and a more complete approach.
• Manage
• Security is not a one-time effort. We can help you manage your technology and programs to enable you to maintain the right level of security, where you need it.
• Report
• Our reporting is designed to give you a clear view of what you need to know about the effectiveness of your security practices.

You must identify your vulnerabilities before you can mitigate the risk

Whether you are a business or government agency, you need to operate in an increasingly unpredictable security environment in order to maintain your customer focus. That means making sure you understand your threat and vulnerability landscape.

Our threat and vulnerability management services provide your organization with the preventative, detective, and corrective measures you need to help limit the frequency and impact of security incidents.

The right combination of services for your business

Top

Application Security Reviews

Typically the first plan of action for determining vulnerabilities, this service offers a detailed security analysis of an application, its supporting infrastructure, and its security development lifecycle. It is designed to help establish a solid application security foundation and baseline, and to build and maintain security applications.

What we evaluate:

• Security-relevant people, processes and procedures
• Application infrastructure
• Application source code
• Application functions

Top

Application Vulnerability Assessment

We analyze your applications - including your web and externally accessible applications.

The assessment includes:

• Input validation
• Access controls
• Forceful browsing
• Cookie manipulation
• Session management
• Encryption
• Password policies
• Information disclosure
• Known vendor vulnerabilities
• Code reviews (if applicable)

Top

Network Vulnerability Assessments

We provide 5 distinct Network Vulnerability Assessments:

• Internal
• External
• Dial-Up
• Wireless
• Discovery

After the initial information gathering phase we test all assets identified and provide a list of potential vulnerabilities and risks. Then we validate the list to verify that the vulnerabilities are real and recommend how to remediate issues based on which can have the most impact to your organization.

Top

Penetration Testing

Here, we test your systems to determine if vulnerabilities are present and if your systems might be attacked by known exploits, automated malcode threats or malicious internet users.

As part of your penetration testing service, we will:

• Verify which systems on your network are active and what services are running
• Identify potential security vulnerabilities and provide remediation advice
• Rate vulnerabilities by severity to help you prioritize mitigation efforts

The penetration test includes both manual and automated tests:

• Port scanning and banner capture to identify services available on hosts
• Vulnerability assessment of identified services
• Firewall checks pertinent to the type and release of firewalls employed by the business
• Password authentication tests
• Network protocol-based tests
• Protocol spoofing checks
• Network device checks
• DNS checks
• Mail relay checks

Top

VoIP Assessment

Evaluates your VoIP infrastructure security posture from architectural and technical perspectives, offering a comprehensive approach to identify, assess and mitigate potential threats to VoIP systems.

The VoIP Assessment targets a wide range of potential security threats inherent in traditional voice and IP-based data networks including fraud, privacy, denial of service and viruses on premise-based and hosted VoIP systems. The analysis consists of a four-part evaluation:

• VoIP Architecture Review
• Network and Device Penetration Testing and Risk Assessment
• Evaluation of Standards, Policies and Procedures
• Discussion of Findings and Action Plan

Top

Wireless Assessment

Our wireless security assessment is modular and can be adapted to meet your risk profile and budgetary requirements. Some of the key areas covered by our offering are:

• Discovery of all wireless access points and clients
• Validation of wireless network perimeter
• Vulnerability and penetration testing of access points
• Configuration review of access points and wireless clients

Hardware used for assessment includes:

• Laptops
• PDAs (Palm, iPaq)
• RF amplifiers
• PCMCIA wireless network cards
• Omni-directional/directional antennas

Software used for assessment includes:

• Nmap
• Ethereal
• Firewalk
• Hping
• Kismet
• AirSnort
• Proprietary scripts

Services and/or features are not available in all countries, and may be procured from in-country provider in select countries. Please consult your NSI representative for service availability.

Top

Helping reduce information security risks

Our Professional Services team can help you address the information security regulations and industry standards that affect your business. We provide the information and reports you need to complement your ongoing security compliance efforts, and help you establish a comprehensive security program based on the specific needs of your business.

NSI can help you address your information security needs within most regulations and directives including: Basel II, BS 7799/ISO 17799, ISO 27001; HIPAA, PCI Data Standards, SAFE, GLB, FISMA, ACSII 33 and others.

Our Professional Services teams can also help with:

• Business Continuity Planning
• I-Rap Assessments
• General policy, procedure and standards development

Top

Comprehensive Security - 24/7

• Information security solutions across the technology stack
• From the desktop or Internet storefront, through your systems and applications, along the network and around the world, our Managed Security Services can help you secure virtually every touch point – so you continue to earn the trust of customers and partners.
• Designed to your specific business needs and risk tolerance
• We can design, develop, implement and manage a full complement of alert systems, assessments and processes - specific to protecting your most critical assets. And you can see what we are tracking and where your organization is at risk through a comprehensive online dashboard.
• Flexibility to outsource, co-manage or self-administer
• NSI has the flexibility to offer Managed Security Services outside of the traditional outsourcing relationship. We can partner with you to build and maintain world-class security capabilities within your organization, or we can supply the right level of support you need – for example, you provide the first line support and delivery functions and leverage the resources and management expertise of our 24/7 secure operations centers.
• Global services at a local level
• Whether you choose our monitoring service only, or monitoring and management, both are supported from our seven Secure Operating Centers around the world – and with 1100+ security professionals specializing in root cause analysis, we can provide fast and precise recommendations for remediation and actively handle security incidents as they occur.
• Choice of network vs. CPE based solutions
• We are product and vendor neutral which means we will manage information security for equipment you already own, we can help you procure the right devices for your needs, or you can take advantage of the efficiencies offered by our services hosted within our global IP network.

Top

Secure your most valuable assets

Our proprietary technology platform, which supports all our Managed Security Service offerings, collects, processes and monitors billions of events to filter out those threats that may put your business at risk. This allows our security analysts to focus on recommending corrective actions and mitigating threats. Through our dashboard, you can view your company's security posture and the effectiveness of your security devices at various levels - from the big-picture view all the way down to the details of an individual security incident.

Our technology platform helps improve risk insight, enhance decision making, and drive fast remediation for your day-to-day operations to give you a better understanding of your risk and help allocate the right resources against the most dangerous threats.

• 24 X 7 management and monitoring operations with near real-time and historical trend reports
• Addresses threats with a quick, proportionate response
• Operates out of our redundant, disaster-resilient security operations centers
• Supports an extensive list of leading intrusion detection and prevention device types and firewalls
• Provides early warnings on newly discovered vulnerabilities via Web console and e-mail

Top

Managed Security Services

An effective Managed Security Solution recognizes the unique needs of each individual organization. We can deliver management programs within the context of your risk tolerance and tailor the level of service you need - from basic monitoring to proactive management. Our services in the following areas can be combined as needed to address your specific needs:

• DOS Defense
• Our network based Detection and Mitigation Services scrutinize network traffic in real time and help preempt a broad range of denial-of-service attacks before they impact your network. And our engineers remain ready to alert and advise if you are under attack.
• Anti-Virus, Anti-Spam, Anti-Spyware
• Choose from network based services that scan email before it reaches your network, to highly configurable URL filtering services, to monitoring and management services for your existing AV gateway. We can help you control the risks inherent to email and the Internet.
• Image and Content Control
• Malicious and inappropriate content entering and leaving your company via email can be a significant risk. We have a both network and CPE based solutions that help you better enforce your policies and usage guidelines without hindering your employees’ productivity.
• Firewall/ Router/ VPN
• We can monitor and manage your existing firewalls, routers and VPN servers – including application level firewalls. And with our Enterprise Firewall offering we bundle the hardware into the service. We support SSL or IPSec VPN services.
• Intrusion Detection and Protection
• Firewalls are part of the solution, but pre-empting sophisticated attacks requires intelligent network intrusion protection services. Our Network Intrusion Detection and Protections services (NIDS / NIPS) offer ongoing configuration and signature updates of your NIDS and NIPS sensors. Through the use of our Security Event Analysis Machine, we can interpret a myriad of information captured by the sensors, define the type of attack or event that is occurring and create an appropriate alert or response. With our Host Intrusion Detection and Protection Services (HIDS / HIPS), we can monitor and manage all of your host agents through the central HIDS/HIPS Management Station.
• Unified Threat Management Security Appliance
• UTM security appliances combine a number of security functions into one appliance. The most common functions are firewall, VPN, IPS, Anti-Virus, Anti-Spam and Content Screening. If you’ve invested in these devices we can provide monitoring and management services much as we would for each individual device itself.
• Proxy Service
• Our Managed Proxy Service monitors the availability and health of your gateway proxy, whether it’s running on a general purpose operating system or as a dedicated appliance. We monitor your platform 24x7, and will inform you of any security incidents. You can also use the NSI Security Dashboard to proactively track the health of your proxy server at all times.

Top