Cyber Security Services

 

External Vulnerability Scanning

Free monthly scans of your public-facing IP addresses to assist in securing the external parameter of your network and raise security awareness. You will receive a report after each scan documenting exposed services and vulnerabilities that includes your publicly accessible IP addresses and associated risks for each listed in order from high to low. The report contains:

· Vulnerability description

· The solution or workaround

· Vulnerability detection method

· Reference, web link to information source when available

This is a free service to all members. Sign up HERE

 

INTERNAL VULNERABILITY ASSESSMENT

An internal network scan documenting exposed services and vulnerabilities. Recommended remediation action is included along with the following information:

· Vulnerability description

· The solution or workaround

· Vulnerability detection method

· Reference, web link to information source when available

Fees are based on the number of IPs, class of network (B or C), or the number of subnets. This service is available as a monthly subscription or on an as-needed basis.

 

PHISHING TRAINING

Test your organization’s exposure to phishing through an email campaign targeting your entire organization or a specific sub-set of users with near real-time results.  Information gathered builds a better picture of your organizational awareness and helps determine if further training is required.

A fee applies for each campaign launched

 
 
 

OFF-SITE SYSTEM LOGGING SERVICES

Off site log storage for your network devices and servers. The integrity of your internal logging servers cannot be trusted if your network is compromised. The first thing most hackers do is alter local log files to hide their presence. An easy way to protect against this tactic is keeping logs remotely as well as locally. Not only do you gain redundancy but also add an extra layer of security as any differences that arise from comparing the local and remote logs highlights suspicious activity.

Fees cover storage costs based on the number of logged services, size of collected logs, and length of retention.

 
 
 

INTERNET INTRUSION DETECTION

Real-time scanning on all traffic to and your network. Your traffic already flows through our core network so we can monitor without additional delay or load on your systems unlike 3rd party cloud services that tunnel traffic off-site. Our SOC monitors these events and will alert you if a high-risk anomaly is detected. This service includes:

• Deep packet inspection

• Attack and anomaly detection

• Event correlation

• Security Incident and Event Management (SIEM)

Fees are based on the member’s Internet bandwidth allocation.

 
 
 

EXTERNAL DMZ

Host your publicly accessible servers offsite to ensure that in an event your system is compromised the damage to your internal network is minimal.

Fees based per device and its “U-size”.

 
 
 

HOST BASED INTRUSION DETECTION

A security solution capable of detecting threats, intrusion attempts, system anomalies, poorly configured applications, and unauthorized user actions at the host level while providing a framework for incident response and regulatory compliance. A lightweight agent is installed to monitor the system and trigger automatic responses as needed. The agent is compatible with Windows, Linux, Mac OS X, AIX, Solaris, HP-UX, and can be configured and managed from LARG*net’s monitoring server. The agent’s core capabilities are:

• Log and events data collection

• File and registry keys integrity monitoring

• Inventory of running processes and installed applications

• Monitoring of open ports and network configuration

• Detection of rootkits or malware artifacts

• Configuration assessment and policy monitoring

• Execution of active responses

An annual fee applies to each monitored host.

 
 
 

CENTRALIZED FIREPOWER MANAGEMENT

Offload the management of your Cisco Firepower Management Center and Sourcefire devices to us! Migrate to our shared infrastructure to reduce your operating costs or we can take over administration and updating on your existing infrastructure. Our staff internally tests updates and patches before deploying to your organization to reduce the risk of downtime from potential bugs.

A monthly fee applies for each managed device.

 
 

LARG*feed

LARG*feed is a security threat feed designed by LARG*net and tailored to the unique needs of our membership. We deployed “honeypots” pretending to be Exchange Servers, files servers, and other common services to collect information on malicious behaviours and their originating source IP addresses. This information is automatically uploaded into LARG*feed to create a unique collection of threat intelligence that is highly relevant to our membership. You can take advantage of this service by simply configuring the feed’s address on your Intrusion Prevention System of choice, such as Firepower, and the updates are added to your firewall automatically.

We beta tested the threat feed for TWO YEARS and are highly confident in the results! With multiple honeypots deployed and several members already subscribed to LARG*feed, we collect:

  • 180,000+ Indicators and

  • Block over 50,000 potential incidents every day.

The threat intelligence is highly localized and precise because the honeypots are deployed within LARG*net and participating members’ IP space. Leveraging these tools to immediately blocks attackers requires no extra effort by your on-site teams.

This service costs $2,000/year and covers:

  • Hardware

  • Maintenance

  • Development costs.

Additionally, if your organization chooses to opt in to host a local honeypot, LARG*net provides the hardware and its management. The information from your honeypot not only provides improved site-specific threat intelligence but adds to the overall quality of the service.