Managed Firewall
Technical Features
The Next Generation Firewall and its features:
Can be positioned as transparent bump-in-the-wire, to segment a flat network, or as a layer three routing device, sitting between all vlans.
Inspects and controls L3 and L4 traffic based on IP addresses, protocols and ports.
Provides for network address translation.
Identifies standard and custom applications, categorizes URLs and detects anomalous behavior to allow or deny the traffic.
Employs a constantly updating anti-malware, content and vulnerability databases to ensure the latest known threats are blocked.
Employs a sandboxing engine to detect and prevent unknown and previously unseen threats.
Provides for secure site-to-site VPN connectivity using IPSEC.
Provides for secure remote access VPN connectivity, allowing roaming users to have persistent connection to on-premise resources, or always-on Internet access security.
Our Service
We will fully manage the firewall service, from its inception to its removal, including:
High Level Design - to ensure the service fits in your overall infrastructure design - this includes sizing, feature selection, high-availability, position in the network, licensing, and the process wrap around the service.
Low Level Design - to ensure all details for the successful implementation of the service are captured - this include the creation of physical placement and connectivity design, logical network configuration, configuration standards - such as naming and security policy, security, NAT, QoS policy configurations.
Implementation - we will plan and drive the implementation efforts, to match your schedules.
24/7 Operations - Monitoring, Incident Management, Service Request Fulfillment, Change Management, Patching and Upgrades, on-site hardware support.
Configuration and security policy auditing - where we will ensure the device configuration and policy are up to your requirements and are reviewed regularly.
Retirement of configuration and full service decommissioning.
Benefit
You employ best of breed technology vendors - such as Palo Alto Networks, CheckPoint, Cisco.
You have access to a pool of experienced and certified engineers that will design and deploy firewalls and security policies according to industry best practices.
You choose where and how the firewalls are deployed, using our expert advice.
You can choose from flexible management bundles or unlimited, whatever meets your needs best.
Our Approach
We work with Palo Alto Networks, Cisco and CheckPoint Software Technologies products.
We make it simple for you, while providing the flexibility you need. In case of a new deployment:
We assign an expert to participate in the design phase to capture all requirements and design the right solution for you.
We can resell hardware and licenses or you can buy them yourselves, whichever makes sense financially for you.
We work with our on-site partners or we can use your own on-site staff to install the appliances and provide hands and eyes support.
We will configure the appliances according to the design and will operate them according to the service of your choosing.
In case of looking to outsource the management of an existing service:
We will assign an expert to discover the environment, the design of the service.
We will do an initial health and security check-up to understand and align you and us on the state of the service.
We will then move on to operate the service according to the tier of your choosing.
Operations Bundles
All operation bundles include:
One major upgrade per year.
Installation of critical security patches .
Annual device health check and security policy tuning.
24/7 Monitoring of device availability and performance.
24/7 Monitoring of device audit logs
Unlimited incident handling.
Monthly Report for service statistics including, requests, incidents, changes, and relevant service statistics, such as blocked threats, application usage statistics, performance, etc.
Cheap and Simple
Includes 5 policy changes per month
Suitable for static deployments, where not too many changes are expected post the initial deployment. Such as corporate office firewalls or firewalls protecting a single application workload.
Double, but not a Trouble
When you have a dynamic office environment that will require more frequent access control changes, or a more frequently changing application workload.
Includes 10 policy changes per month.
Make us Sweat
Unlimited policy changes
If you are a company with global presence in multiple countries with ever changing requirements or the firewall is protecting multiple workloads in your data centers. No fear! We have experience with operating firewalls protecting hundreds of multi tier application workloads.
Additional Service Options
Introduce new feature
We will design and integrate any previously unused or newly released features, according to your schedules and considering your change management process. We will then operate them as part of the standard operations bundles.
Major Upgrade
If you want to have it first, you may need to do more than 1 major upgrade per year. We've got you covered!
Policy Audit
In case you need more frequent policy audits. We've got you covered!
Traffic and firewall log monitoring
This is not actually part of the firewall service. Check out our Managed Detection and Response service for more details!