SECURITY SERVICES Overview

 
 

Free External vulnerability scanning

We offer free regular scans of member’s public facing IP addresses to find potential vulnerabilities. Our goal is to assist our members to secure the external parameter of their network and to raise security awareness.

The benefit of this service is that members will improve their external security which protects against the random bot and worm attacks. In addition to more advanced threats who found vulnerable services via search engine.

Email: security@largnet.ca to sign up.

 

Internal vulnerability assessment

We will perform scans within a member’s internal network to assess various risks and vulnerabilities, providing a report with recommended actions.

Identical to the above external service, we scan the devices to find network based vulnerabilities. The vast majority of vulnerabilities are internal, often workstations or unpatched old servers.

Discovering these vulnerabilities and fixing them is very important because these kinds of vulnerabilities are often easily exploitable by an intruder which will give them a foothold on the network.

 

Log monitoring

A member would subscribe to this service and have their devices send logging information to our resources. Benefits of this service to our members include not having to purchase or administer internal logging servers, or in the case of a breach, logged data would be secured on LARG*net resources.

 

Intrusion detection

This will be a real-time scans on all data flowing to or from a member. This breaks down to several components:

·         Deep packet inspection.

·         Attack and anomaly detection.

·         Event correlation.

·         Security Incident and Event Management (SIEM).

This is your fundamental bread and butter of network security. Every organization needs someone analyzing intrusion detection and SIEM.

 

Centralized Firepower Management

Many of our members have Cisco ASA devices deployed as their firewalls. These devices also act as an Intrusion Prevention System (IPS), running Cisco’s Firepower on separate servers. LARG*net would be able to centrally administer, patch, and update member ASA devices and eliminate the member requirement for management servers.

Most importantly a centralized rich threat dashboard with the ability to track advanced persistent threats even during attacks. The ability to globally block attackers for all members at once is optimal.

 

Centralized patch management

LARG*net would be able to offer patch management for member desktop systems. This service would push patches to a computer system for pre-defined operating system and software packages, keeping each system up-to-date and secure. 

 

External DMZ

This service would allow a member to have servers and services open to the Internet hosted on a network external to theirs. In the case of a breach or attack on one of these services, the harm would be contained outside of the member’s network, minimizing or even mitigating further damage to their internal network.