Information is vulnerable at many points in an infrastructure, from where it is entered on an end user device, through the various servers where it is processed, to where it is stored on a database. Compliance policies set minimum standards for information security at every one of these points and many of the requirements and controls contain references to specific technologies.
There are a bewildering array of products on the market that provide security at one or more of these points but, we believe that a technology which can provide multiple layers of security at every point in the infrastructure in a co-ordinated way, will definitely Optimise your efforts to Secure your information and satisfy multiple compliance related needs at the same time.
Fortinet is a worldwide provider of network security appliances and a market leader in unified threat management (UTM). Their products and subscription services provide broad, integrated and high-performance protection against dynamic security threats while simplifying the IT security infrastructure. Fortinet's flagship FortiGate security platforms offer a powerful blend of ASIC-accelerated performance, integrated multi-threat response, and constantly-updated, in-depth threat intelligence. Employing innovative technologies for networking, security and content analysis, Fortinet systems integrate the industry's broadest suite of security technologies, including firewall, VPN, antivirus, intrusion prevention (IPS), Web filtering, antispam, and traffic shaping, all of which can be deployed individually to complement legacy solutions or combined for a comprehensive threat management solution. The company complements these solutions with an array of management, analysis, e-mail, database and end-point security products. To date, Fortinet has shipped more than 500,000 appliances to more than 75,000 customers worldwide.
Opt-Sec are proud to have been partnered with FortiNet for the last 3 years. We leverage FortiNet's wide range of appliances to add advanced security protection to our customer's infrastructure while at the same time, meeting and exceeding numerous compliance requirements and controls.
If you are currently reviewing any of your security technologies, we would be happy to discuss how the products and services in the FortiNet range can help.
Almost all attacks on information are perpetrated at the point of entry into a system, whether that is entry into a network at a gateway, or entry into a server on the network, or entry into an application on the server. Compliance policies will therefore focus a lot of attention on the technology that is used at the points, recommending the highest level of authentication of users.
Recognised best practice in authentication technologies is what is known as "Two Factor Authentication", with the two factors being "something that you have - like a Token" combined with "something only you know - a PIN number". Whilst these systems are undoubtedly secure, they are also very expensive and, for many organisations, the additional workload of managing the Tokens, is too much of an investment in resource and effort. From a compliance perspective, many will opt for lower levels of authentication as an "acceptable risk". In addition, whilst Tokens are appropriate for remote access into the network, they could be considered overkill for authenticating internal access such as to a database or an application. In the interests of Optimising your efforts to Secure your information, we therefore have a preference for technology that CAN be Two Factor when it needs to be, but that can also provide the best possible alternative when the circumstances allow.
Established in 2000 and a member of the worldwide Marr Group of companies, Swivel is pioneering network security solutions. Based on patented technology, Swivel’s multi-factor tokenless authentication solution, PINsafe, is successfully providing peace of mind to organisations of all shapes and sizes. The Swivel PINsafe solution provides authentication for access via VPNs, Websites and Corporate Web-Applications, by using mobile devices and web-browsers. PINsafe is designed to combat threats ranging from skimming, phishing and spyware to shoulder-surfing and key-logging. Its unique combination of registered PINs and randomly generated security strings delivered simply to the user makes it the safest, easiest, most reliable and cost-effective authentication solution available.
Opt-Sec have been working with Swivel for over 4 years and have found it the ideal solution for strong authentication, not only to access Opt-Sec Compliance Systems, but also as a way of satisfying the various levels of authentication specified in the requirements and controls of a compliance policy, all from a single solution.
"Opt-Sec are a key partner for Swivel Secure and we have been thoroughly impressed with their understanding of our PINsafe technology. We would recommend Opt-Sec to any potential Swivel customers as a good place to source your software and receive a very high level of support" Sarah McNicol, UK Country Manager - Swivel Secure Ltd
If you are currently reviewing any of your authentication technologies, we would be happy to discuss how the Swivel PINSafe solution can help.
A major aspect of information security involves the logging of activity on devices and the gathering of information from the technological systems deployed. There are various monitoring and reporting systems available but, in order to satisfy the needs of all requirements and controls of a compliance policy you need to collect multiple data types including Log, Configuration, Asset and Vulnerability data.
When working through the various requirements and controls of a compliance policy, you will most likely find that you can already satisfy some of these logging and monitoring requirements with your existing systems. To gather the rest of the data, you will need a number of monitoring systems which each gather one or two of the data types. Typically, the systems capable of covering all of these data types in one are very complex systems which gather far more information than is necessary to simply meet the standards for compliance. Therefore, to Optimise your efforts to Secure your information, the ideal solution would be a monitoring system that can be configured to gather only the specific data that your existing systems do not already gather for you, or that you would prefer to be gathered by a separate system.
Pervade Software's monitoring solutions are completely configurable. They are shipped as a 'blank canvas', waiting for you to programme in your exact needs.
Their unique "Data Collector" is very small, at only 4MB, and once deployed onto a network, in a physical or virtualised host, it can gather information agentlessly in the background, with minimal impact on production systems. You can tell it exactly what information to gather by detailing your needs in a Central Controller. The Data Collector will take its instructions from this controller and will then send the information back, fully encrypted, across any network connection, without needing any changes to firewalls or gateway systems.
Their versatile "System Analyzer" software can be added to the solution to provide enhanced features such as Charting, Trend Analysis, Baselining, Reporting & Alerting. As with the Data Collector, this system will only work on the data you specifically ask it to, and will only do what you configure it to do for you.
Opt-Sec have worked extensively with Pervade Software for more than 4 years and the flexibility and configurability of their solutions is unparallelled in the industry, allowing you to create systems that do precicely what you need them to do in order to meet and exceed the requirements and controls of your chosen compliance system.
"Opt-Sec have proved to be an invaluable partner. Having spent many years working behind the scenes producing systems for other organisations, we have only recently "productized" some of our own systems and started to market them directly. We were extremely impressed with Opt-Sec's knowledge and experience of bringing technologies to market in EMEA and they have proved very exciting to work with. Their "results driven approach" is a perfect match for our optimistic goals and we are enjoying a very fruitful partnership" Lewis Collins, Sales Director - Pervade Software Ltd
If you are currently reviewing of your monitoring of systems, we would be happy to discuss how Pervade Software's unique systems can help.
Although some of the devices on your network can provide the level of logging and monitoring needed to satisfy the requirements and controls of a compliance policy, and other systems can be deployed to gather the rest, this approach rapidly becomes unmanageable as the number of devices and the scale of the network increases.
For many, who have embraced the ideals of Information Security Management, the minimum standards of logging and monitoring for compliance purposes do not go far enough. The only way to ensure that ALL systems which handle or manage sensitive information are as secure as possible is to have a single view of all potential threats to the entire network.
To Optimise your efforts to Secure your information in a large distributed network, we would always recommend a single system as opposed to attempting to collate information from multiple systems.
SecureVue from eIQnetworks provides comprehensive information security management and compliance reporting from a single console. Using an integrated data model, SecureVue goes beyond traditional SIEM products, log management tools, and other security point solutions by providing users with the ability to monitor and audit multiple data types including log, vulnerability, configuration, asset, performance and network behavioral anomaly data across the enterprise.
Opt-Sec sold the very first SecureVue system to be deployed outside the US and have worked in full partnership with eIQnetworks ever since.
“Opt-Sec have played a key role in taking our flagship product SecureVue to market throughout Europe. As a truly unique technology product, SecureVue requires our partners to have a deep understanding of multiple market sectors and IT disciplines as well as the infrastructure to support our clients to the level that we expect. Opt-Sec has all of these qualities and are an asset to eIQnetworks throughout Europe. We recemmend Opt-Sec to any potential customers" John Sullivan, VP of Field Operations - eIQ Networks Inc
If you are currently reviewing any of your Information Security Management approaches, or if you would like to consolidate and improve your "Situational Awareness", we would be happy to discuss how SecureVue from eIQnetworks can help.
Information security would be a lot simpler if people didn't have to keep accessing the information and the risk increases exponentially when a large number of people need to access the information from outside of the network.
When gateway appliances are targeted at guarding the gateway and network servers are targeted at serving the network, there is often a disconnect between one device trying to providing speedy open delivery and another device trying to lock down the access. When Optimising your efforts to Secure your information a balance has to be found between these opposing forces so that thousands of users can access information as quickly as possible but with the highest possible levels of security being applied with the minimum of management.
The BIG-IP from F5 Networks is the only device in the industry that can do everything. It delivers high availability, improved performance, application security, and access control, all in one unit. A single BIG-IP device can do the work of a dozen single-purpose products and, more importantly, it can do that work in an efficient, cohesive manner. Microsoft, Oracle, and SAP all recommend F5 to their customers and continually develop joint innovation and integration with F5 through strategic partnerships. Many of the world’s leading organizations rely on F5 solutions, including all of the top 15 global commercial banks, all of the top 10 fixed AND mobile global service providers, all of the top 5 US Internet search providers and 14 of the 16 Web hosting and hosted cloud systems.
Opt-Sec leverage F5 load balancing technologies to help our larger customers to offer our Opt-Sec Compliance Systems to vast numbers of end users. Our SAQ Manager solution can be scaled to manage the compliance of tens or even hundreds of thousands of users.
If you are currently reviewing any of your gateway or outward facing systems, we would be happy to discuss how the BIG-IP from F5 Networks can help.
Opt-Sec have an enviable record of successfully introducing new and innovative products and technologies into a range of hungry markets across Europe (including the emerging Eastern European countries), the Middle East and Africa.
We have initiated, grown and developed strong relationships with Specialists, Value Added Resellers, Systems Integrators, Managed Service Providers and particularly Managed Security Service Providers in many countries and we are leveraging those relationships to introduce new offerings to new customers.
Opt-Sec Sales Directors have made ground-breaking sales in fresh markets of Security Products, Monitoring Solutions, Bandwidth Optimisation Technologies, Replication and Recovery Systems, Performance Tuning Engines and Test & Demo Network Software.
Opt-Sec Technical Directors have adopted a wide range of innovative new technologies, grasping alternative approaches and leading edge thinking with lightening speed to hit the ground running in support of the Sales Directors and Channel Sales Partners in less time than it would take to employ and train a new employee. We currently manage complete deployments of these technologies for and on behalf of a range of vendors.
Opt-Sec Marketing Directors have condensed technical capabilities and product messaging into value propositions and run targeted campaigns into select lists of prospects to gain early adopters, case studies and reference sites that form the springboard for crossing the chasm into the EMEA markets.
If you have an innovative new tchnology and you are currently contemplating how you might introduce it into the lucrative EMEA marketplaces with the minimum risk and cost, Opt-Sec can help and we are waiting for your call.