Network Security Solutions
Somerville is at the forefront of providing Network Security Solutions. Today if your IT Network is not secure tomorrow will not exist. In an increasingly hostile world, securing information technology assets is the most important issue for running a successful brand, business, culture and future.
Somerville provides a comprehensive range of Network Security Solutions and Products backed by best of breed vendors, such as:
- Firewall - Keep unauthorized users off your network.
- Virtual Private Network (VPN) - Provide employees, customers, and partners with secure access to your network.
- Intrusion Prevention - Detect and stop threats before they harm your network.
- Content Security - Protect your network from viruses, spam, spyware, and other attacks.
- Secure Wireless Network - Provide safe network access to visitors and employees on the go.
- Identity Management - Control who and what can access the network.
- Compliance Validation - Ensure that any device accessing the network meets your security requirements.
In addition to providing leading edge security technology via top tier Security Vendors, we also provide additional value to our clients through specialised services that minimize business risk. These services cover:
- Security Policy Design/Review
- Penetration Testing & Security Auditing
- Vulnerability Assessment
- Network Architecture & Configuration Auditing
- PCI DSS Compliance
- Physical Security Review
Our methodology to deliver these services takes a four-step proactive systematic approach to designing a best practices Network Security Solution that suits your business requirements: Preparation, Prevention, Response and Optimisation.
Prior to implementing a security policy, you must cover the following 3 steps:
- Create usage policy statements. We recommend creating usage policy statements that outline users' roles and responsibilities with regard to security. This document will provide your business with an understanding of your security policies, its purpose and guidelines for improving your security practices.
- Conduct a risk analysis. The intent of a risk analysis is to identify portions of your network, assign a threat rating to each portion, and apply an appropriate level of security. This helps maintain a workable balance between security and required network access.
- Establish a security team structure. Create a cross-functional security team with participants from each of your company's operational areas. The security team will have three areas of responsibility: policy development, practice, and response.
Prevention is broken down into two parts: approving security changes and monitoring security of your network.
- Approving Security Changes. These are changes to your network equipment that have a possible impact on the overall security of your network. Your security policy should identify specific security requirements in non-technical terms.
- Monitoring Security of your Network. This is similar to network monitoring, except it focuses on detecting changes in the network that indicate a security threat/violation. The starting point for security monitoring is determining what is a threat/violation.
Response is broken down into three parts: security violations, restoration, and review.
- Security Violation. When a violation is detected, the ability to protect network equipment, determine the extent of the intrusion, and recover normal operations is paramount. Having these decisions made proactively makes responding to an intrusion much more manageable.
- Restoration. Somerville's experience will assist your business in how you conduct, secure, and make available normal backups. Most systems have their own means and procedures for backing up. Your security policy should act as a meta-policy, detailing each system's security conditions that are required upon restoration to provide normal network operations.
- Review. This is the final effort in creating and maintaining a reliable security policy. Somerville's methodology for review focuses on three things: policy, posture, and practice. Your security policy is a living document that adapts to the ever-changing IT environment constantly reviewed against known best practices to keep the network up to date. A review of network and security posture assessments is recommended annually. A review and practice of what to do during a security violation takes the form of a drill or test to ensure that staff have a clear understanding of what is required.