The ALEF WaveShield service enables smaller organizations with up to 50 employees to create a local data network in their office, its secure connection to the Internet and an above-standard high level of security of the entire network and end users' devices. All this without initial investment.
We will install a LAN network in your office and connect your local devices to it, such as a server, printer or data storage. Furthermore, we will deploy a secure connection of your organisation to the Internet and launch a high transmission capacity WiFi network. Thanks to Cisco Systems’ security solutions forming the basis of this service, all parts of the network, including end user devices (PCs, laptops, laptops, cell phones), will be protected from a vast majority of malicious software used by attackers for engaging in cyber attacks. Moreover, the ALEF WaveShield protects end devices regardless of whether they are connected to a LAN or connect to the Internet from some other location.
We use a combination of cloud products offered by Cisco Systems – Advanced Malware Protection for Endpoints (AMP4E), Umbrella and Meraki, providing features going beyond standard technologies available on the market. Thanks to ALEF’s security and network monitoring, we provide customers with very strong and continuous protection against security incidents, supervision of the operation of their LAN and WiFi networks, including support for resolving technical problems, if any.
INCLUDED IN THE SERVICES
- Delivery of hardware and initial service setup by our technicians
- Provision of a LAN local data network for selected central IT devices of the organisation and WiFi for 50 users
- Secure connection of the organisation to the Internet via a firewall (we assume the customer arranges a data line from an Internet Service Provider)
- Continuous protection of end user devices from cyber attacks, regardless of whether these users are connected to the Internet in the office or stay outside it (e.g. home office)
- Secure remote connection of users to the office via VPN (Virtual Private Network)
- Remote security monitoring of your network and end devices in 8×5 mode
- Remote monitoring of the operability of the hardware supplied by us and, in the event of its failure, replacement with a new one in the 8×5×NBD mode
- Access to our Servicedesk for troubleshooting technical problems to the extent of 4 hours per year
- Supplied hardware rental as part of the service
WE OFFER SECURITY MONITORING IN TWO VARIANTS – BASIC AND PLUS
ALEF WaveShield Basic | This variant includes:
- Initial activation of AMP4E and Umbrella, where our professional team analyses the current protection status of your network and end devices, proposes the best possible scenario for implementing these two cloud products and fine tunes them to your needs.
- Continuous and automatic protection of end devices from security attacks. The protection works even where a user works outside the company, e.g. home office.
- Continuous monitoring and evaluation of security incidents detected by AMP4E and Umbrella on your end devices by the security team at ALEF Security Operations Center (SOC) in 8×5 mode.
- Basic analysis of detected security incidents on end devices, particularly malware, command and control callbacks, cryptomining.
- Distribution of regular weekly reports featuring an overview of security events detected on your endpoint devices.
- Forwarding of information on the occurrence, impact and security risk of a confirmed security incident, including proposals on how to proceed in a specific matter.
ALEF OctoShield Plus | This variant includes the ALEF Incident Response service:
- Resolution of security incidents, including implementation of corrective measures by the ALEF CSIRT security team, which is a registered member of the Trusted Introducer international organisation specialising in cyber security
- In-depth analysis of the malicious code identified in your network by the ALEF CSIRT team
- Security Scan, i.e. regular preventive daily or monthly security scanning of your communication and system infrastructure by a specialised tool; we will provide you with an overview of vulnerabilities of your network and an assessment of their criticality.
The Cisco Umbrella technology is irreplaceable as the first line of your network’s defence against Internet threats. It uses the basic building blocks of the Internet for this purpose – DNS and IP layer. By securing these two components using the so-called reputation, the Umbrella is able to block requests for malicious or undesirable data sources even before any connection with them is established.
The Umbrella is particularly suitable for end stations moving outside the corporate network, which under normal circumstances provides users with central protection (so-called roaming computers). It operates as a secure Internet gateway using redirection of DNS traffic to Cisco Systems’ cloud servers that – thanks to advanced analytics and machine learning – are able to assess whether any queried domain is secure, malicious or suspicious. Moreover, any suspicious domains may be redirected to a cloud proxy for in-depth inspection of whether any transmitted data content (files, scripts, etc.) is in fact secure.
Each day, the Umbrella’s global infrastructure evaluates more than 125 billion DNS queries, which allows unique tracing of relationships between domains, IP addresses, networks and malware throughout the Internet as a whole. Similar to how Amazon’s systems are able to create customer purchasing patterns and predict their next purchases, the Umbrella learns from online activity of users and creates formulas for automatic uncovering of the attacker’s infrastructure. In this manner, it is ready for the next attacks and predictive blocking of all data sources known to it.
CISCO UMBRELLA'S PROPERTIES
Reduces malware infections by up to 98%
- Allows filtering up to 60 different domain categories
- Detects any use of cloud applications and displays their use report
Prevents data leaks from your network or devices
- Protects users both inside and outside the corporate network
- To maintain high level security of end devices, there is no need to have them connected to the corporate network via VPN
Cisco Advanced Malware Protection for Endpoints (AMP4E)
In a rapidly evolving world of malware, the threats get more sophisticated and it is ever more difficult to detect them. The most advanced 1 % of these threats could be ultimately able to enter your network and remain undetected. However, AMP4E provides comprehensive protection even against this 1 % threat. This security software prevents device intrusion, blocks malware at the entry and continuously monitors and analyses any activity of files and processes so that it is able to quickly detect and remedy any threats that have managed to avoid the first line of defence.
Its biggest advantage over traditional antivirus solutions is its immediate response to threats (no signatures being downloaded) and blocking of all files that form part of a malware campaign, even if by themselves they are not exhibiting any bad activity. AMP4E allows so-called “Threat Hunting”, which is the most modern method of looking for signs of cyber threats or ongoing attacks in a large pile of data from end devices.
In the world of IT, Cisco Meraki technology is synonymous with the concept of network elements managed in the cloud. As part of the ALEF StreamShield service, we will rent you Meraki hardware offering the following features:
- router with two 1xGbit/s WAN ports
- stateful firewall
- WiFi access point in 2:2 UL/DL MU-MIMO 802.11ax standard for max. 100 users
- switches with ten 1xGbit/s LAN ports (of which two ports with PoE+)
- VPN site-to-site and IPSec