Managed Firewalls

Managed Firewall Services

New York Technology Company has vast experience with many firewalls including Checkpoint offerings, Cisco Pix, ASA, Juniper Netscreen, Nortel Contivity, Stonesoft Stonegate, Raptor, Sidewinder and others.

Corporations rely heavily on highly available, secure computing environments to effectively and safely conduct business. Firewalls are one of the key components of a secure network as they protect critical information assets.

Firewalls are configured to allow wanted traffic in and to keep unwanted traffic out. However, firewalls need to be continously updated to support the changing needs of a business. Tasks such as adding new VPN users, protecting against new attacks, allowing application access to and from distinct locations. A firewall when managed properly can protect your security posture to a great degree.

Firewall management can become resource intensive and requires a high skill level. Because of the complexity involved, a majority of firewall breaches are caused by mis-configuration of firewall rules and policies.

A compromise can cost you millions of dollars in losses, investor confidence and penalties if under regulation. E-Fensive can review your existing policies and offer exact solutions to fit your need. We offer a firewall review product as well as a managed firewall service.

Did you know, the average cost of an experience firewall engineer can exceed $80,000.00 (US). Choosing a managed firewall service provider can save you money in the long run. Aside from the savings, experts who already manage hundreds of firewalls have experienced many attack vectors and are aware of the ever changing threats. Let us assist you in safeguarding your infrastructure.

Supported Platforms / Technologies / Methodologies

The list above is not all inclusive but merely a fraction of the devices we currently maintain and manage. We have extensive experience with other solutions so feel free to contact us regarding your existing infrastructure.

Security Auditing

Concerned with compliance? You should be. Corporations face a multitude of regulatory issues, from SOX, HIPAA, GLBA, PCI DSS and the list continues to grow.

Meeting the vast requirements of compliance regulations is not as expensive as NOT meeting them. As of June 30th 2008, PCI DSS Section 6.6 is now required, which means that companies who deal with credit or debit cards online must use an application layer firewall or have a complete website assessment to remain PCI compliant.

“acquirers failing to provide confirmation that their level 1 and 2 merchants are not storing full track data, CVV2 or PIN data by March 31, 2007, will be eligible for fines up to $10,000 a month per merchant, subject to escalation in the event material progress toward compliance is not made in a timely manner,”

“Acquirers will be fined between $5,000 and $25,000 a month for each of its level 1 and 2 merchants who have not validated by Sept. 30, 2007, and Dec. 31, 2007, respectively.”

Sources:

PCI Security Standards
PCI Answers

Our team can assist you with forward facing documentation for any auditing firm and guarantee compliance is met. We follow a structured methodology compromised of CoBIT, NIST, ITIL, ISO guidelines, recommendations and practices. We will assist your existing staff assess the current posture of your infrastructure and will make recommendations based on our findings.

Infrastructure Auditing

  • Passwords
  • Access Control
  • Logging
  • Computers and laptops
  • Mail servers
  • SAN and NAS equipment
  • Routers and networking equipment
  • Printers
  • Cameras, digital or analog, with company-sensitive photographs
  • Data-sales, customer information, employee information
  • Company smartphones/PDAs
  • VoIP phones, IP PBXs, related servers
  • VoIP or regular phone call recordings and records
  • Email
  • Log of employees daily schedule and activities
  • Web pages
  • Web servers
  • Security cameras
  • Employee access cards
  • Access points (i.e., any scanners that control room entry)
  • Wireless Access Points

This list can become extensive as an audit is essentially an assessment of how effective an organization’s security policy is being implemented, whether or not a policy even exists. It is after all possible to find a vast number of organizations nowadays where there are no security policies.