FortKnox: SLA Specific Security Services on Cloud

Customer Testimonial

FortKnox Security on Cloud

FortKnox is a SLA specific security package, which delivers a comprehensive review and assessment of current security environment. Security exposures and risks are identified within network and system using industry standard tools.

It gives the benefit of an external security review of environment to analyze and measure level of security versus industry standards and best practices. FortKnox combines various methods to deliver complete security to your IT environment.

The process of operating system hardening makes the OS more secure. The vulanerability assessment process involves a combination of automated scanning and manual assessment. Once the scan is completed by the tool i.e. discovery of the vulnerabilities, manual assessment is done which involves prioritization, evaluation and reporting.

Port scanning is a technique which is used to determine the open ports in any server. Patch management is an area of systems management that involves acquiring, testing, and installing multiple patches to an administered computer system.

Highlights

Title Description
IDS Monitoring Monitoring of logs generated by IDS to detect any malicious or illegal network traffic or attacks
Syslog Monitoring Syslog monitoring is the real time monitoring of events generated. The events or logs include system, security and application logs
Configuration Check Configuration check provides an ongoing server assessment in terms of change management and tracking deficiencies or weaknesses within the target server
Conduit Review The firewall conduit review or the firewall policy review is the verification of the firewall policies applied in the firewall for a customer
Penetration Testing Penetration testing provides a hacker’s eye view of the server, in terms of the ways it can be hacked from outside. Penetration testing also recommends steps to be adhered for guarding against the vulnerabilities found during the test
Executive Summary Report The Fortknox executive summary report is a report on the services offered on a monthly basis

Plans & Packages

The plans and packages are based on single server to any number of servers.

To know more about the prices, please click on “Have us call you” or email us at connect@cloudinfinit.com.

Resources

Detailed Descriptions

FortKnox is a SLA specific security package which delivers a comprehensive review and assessment of a current security environment. Security exposures and risks are identified within a customer's network and system using industry standard tools. It gives the customer the benefit of an outside security review of their environment which analyzes and measures their level of security versus industry standards and best practices.

The Fort Knox service package comprises of the following services:

  • “Operating System ‘OS’ Hardening”: provides the comprehensive security check of the operating system environment against the best practices mentioned in the advisories released by CERT (Computer Emergency Response Team) and other well known vendors. Sify SOC team engages with customer to ensure that the system is hardened and is not venerable to any loopholes. The process of hardening will be carried out with the customer approval on the Initial Recommendations report, which details all vulnerable ports or services running in the server. Reports on patch status and vulnerability assessment will also be sent to the customer as they form an integral part of the hardening technique. OS Hardening is a onetime activity done on the server before it moves into production and is undertaken with each reinstallation or new server movement.
  • Vulnerability Assessment “VA”: provides comprehensive vulnerability discovery, prioritization, remediation, dynamic protection, verification, and customizable reporting via internal/external scanning combined with Web-driven case management workflows. Sify SOC team will undertake Vulnerability Assessment of customer environment on monthly basis. After the analysis of the vulnerabilities, recommendations are communicated to the customer on a monthly* basis as part of the Executive Summary Report “ESR” schedule through email.
  • Port Scanning: provides discovery, remediation of threats associated with the applications or services running using the ports on the server. Server port scanning process is carried out once in 7 days after previous port scan activity. The customer would be communicated immediately if there are any vulnerable ports are open. The port scan report will be part of the executive summary report; which is sent to the customer on a monthly* basis through e-mail.
  • Patch Management: provides systems management that involves acquiring, testing, and installing multiple patches to an administered computer system. Patch management tasks include: maintaining current knowledge of available patches, deciding what patches are appropriate for particular systems, ensuring that patches are installed properly, testing systems after installation and maintaining a patch test report.
  • Intrusion Detection / Prevention Service “IDPS”: provides organizations with 24x7 monitoring of logs generated by IDPS to detect any malicious or illegal network traffic or attacks. Sify SOC teams monitoring and support of the network intrusion detection and protection devices early-warning global threat visibility, event monitoring, correlation and attack recognition to provide thorough and accurate incident detection and escalation. The traffic pattern is analyzed 24 x 7 to differentiate between the false positives and the real alerts. Sify SOC team intimates customers about any unusual traffic pattern and as a security measure it is blocked at the firewall level.
  • Syslog Monitoring: Syslog monitoring is the real time monitoring of events generated. The events or logs include system, security and application logs. Sify SOC team will perform analysis of logs during monitoring and will communicate to the customer, if any critical events are found. Critical syslog event and recommendation are sent in e-mail during the months ESR.
  • Configuration Checks: provides an ongoing server assessment in terms of change management and tracking deficiencies or weaknesses within the target server. Configuration check is carried out every fortnight to track any change in the servers. Configuration check report generated contains configuration of server audit which was done during the server hardening process, OS details, System Configurations, IP configurations, Active port connections, Open services, user accounts, and list of processes, admin shares, applications and patch status. If any changes are detected while comparison of the configuration checks report then it is communicated to the customer.
  • Conduit Review: provides verification of the firewall policies applied in the firewall for a customer. The conduit review is done on a monthly basis to identify the changes which might have taken place after the last review. The customer is notified for any critical findings during the review.
  • Penetration Testing “PT”: provides localized, time-constrained and authorized attempt to breach the architecture of a network and system using attacker techniques. Our Penetration Testing relates the most accurate and comprehensive view of an organization's information security stance, as it evaluates the entire system, exploiting vulnerabilities to determine how an unauthorized user can gain control of information assets. Penetration test is carried out in the customer servers once in a quarter with prior customer consent.
  • Web Integrity: provides security to the web servers exposed to public network by checking various parameters of web servers on periodic basis. The Web Integrity protection service is based on leading tools to do comprehensive security review of web server stance and Sify SOC teams expertise to analyze and exploit any vulnerability in the code of web application. The service offers comprehensive checking of various parameters including Version Check, CGI Tester, Parameter manipulation, Multi request parameter manipulation, File checks, File uploads, Directory checks, Text search, Weak passwords, GHDB Google Hacking Database, and Port scanner and network alerts.
  • Executive Summary Report “ESR”: The FortKnox Executive summary report is a report on the services offered to a customer on a monthly basis. The report is a comprehensive report of all the FortKnox services (activities) performed on the customer server in a month.

SLA

Service Parameter SLA Attribute SLA Indicators Guarantee
FortKnox Elements ESR (Executive Service Report) Monthly Every Month
Operating System Hardening One time First time and as and when new system is added
Vulnerability Assessment Monthly Every Month as defined
Port Scanning Weekly Once in every 7 days or as specified in schedule
Patch Management Monthly Once in a month and as and when patches are applied
IDS / IPS Monitoring 24x7 Real time – 24x7
Syslog Monitoring Incident Notification
Mitigation
As per matrix defined
Configuration checks Fortnight Every 15 days
Conduit review Monthly  
Penetration Testing Quarterly Once in every 3 months as per customer consent

To explore more on plan & packages for subscription or for trial of services – Login to cloudinfinit portal now

Sify Awards & CertificationsSify Awards & CertificationsSify Awards & CertificationsSify Awards & CertificationsSify Awards & CertificationsSify Awards & Certifications

MenuNavigationScrollingScrollingScrollingScrollingScrolling

Marketing Automation Platform Marketing Automation Tool