Core Infrastructure Security
Until recently, the “perimeter” was the boundary between the corporate workspace and the Internet. Internal systems were “trusted,” while anything outside was “untrusted”. To protect the corporate network from external systems, a firewall was typically implemented at the perimeter to grant or deny access based on a defined set of rules.
The perimeter, as we knew it, has dissolved. People are connecting to corporate networks wherever, whenever and however they choose. Companies in all industries need to adapt to this reality in order to protect the integrity of their business and the financial well-being of their customers.
Addressing the threats presented by mobile devices, cloud services and the Internet of things (IoT) is a critical challenge. The rate of change not only in threats but in the tools at our disposal, and heightened demands from users are pushing us to make changes at an alarming pace. A successful strategy for securing data and minimizing data breach damage does not lose sight of traditional perimeter defenses and core infrastructure security controls. Continued investment in perimeter defense is like keeping your doors locked—some of the threats you face could bypass them, but why let them in without a fight?
Forsythe offers best-in-class technology solutions and expert managed, implementation and advisory services, as well as customized testing in our state-of-the-art Technology Evaluation Center (TEC) to help you address all aspects of infrastructure security.
Key focus areas include:
The bad guys ultimately need to pass through the perimeter in order to exfiltrate the data they are trying to steal. The firewall market has progressed through the explosion of cloud computing, SaaS, and mobile devices, and next-generation firewalls (NGFWs) have become the standard-bearers for perimeter defense. NGFWs include not only firewall, intrusion prevention and application control features, but also features to detect and protect against advanced malware. They help with traditional ingress monitoring, and egress visibility, which is crucial in the effort to identify breaches.
Forsythe partners with the leading NGFW manufacturers and offers customized product testing and expert advisory services that include internal and external vulnerability assessments, security architecture and configuration evaluations, virtual infrastructure security assessments and network and security design assessments.
Intrusion Detection & Prevention Systems (IDPS)
To combat today’s threats, network security defenses need to identify and mitigate both known and unknown (zero-day) attacks. Network intrusion detection and prevention systems inspect traffic that has passed through frontline devices such as firewalls, and identify anomalous behavior. They detect threats through a variety of methods that can include signatures, protocol anomaly detection, behavioral monitoring or heuristics, and can also block attacks.
Forsythe partners with the leading providers of intrusion prevention systems, and offers customized IPS product testing as well as managed IPS services, implementation services and advisory services that include network and security design assessments.
Secure Web Gateway (SWG)
As highly mobile workforces, customers, and supply chains continue to demand anytime, anywhere access to business tools, Web security has become more important than ever. Secure Web gateway solutions utilize URL filtering, malware detection and application control technology to protect organizations and enforce Internet policy compliance.
Forsythe offers customized SWG testing in our state of the art Technology Evaluation Center and expert implementation and advisory services. We help you identify threats arising from Internet browsing and gain visibility into user activity so you can take measures to mitigate them.
Network Access Control (NAC)
As smartphones and tablets become constant companions, cyber attackers are using every avenue available to break into them. Many people expect that iPhone or Android devices are secure by default, when in reality it is up to the user to make security configuration changes. Network access control technology helps to address “bring your own device” (BYOD) threats by controlling the access of personally owned devices.
Forsythe partners with the leading providers of NAC solutions. We conduct customized NAC product testing and offer expert implementation and advisory services, including NAC readiness assessments. We can help you leverage NAC to achieve real-time visibility into the users, devices, operating systems and applications that are connected to your network.
Defending a large network has never been harder. Cyber attackers are using social media profiles to harvest information and craft targeted phishing emails designed to entice employees into clicking on weaponized links or attachments. The modern business reality is this: all it takes in one person—one click—to expose your entire network and every piece of information on it to data loss. Secure email gateways consolidate inbound threat protection, outbound encryption, advanced compliance, data loss prevention and administration into a single solution.
Forsythe offers leading-edge email security solutions, proof-of-concept testing, and expert implementation and advisory services designed to help you defend against the latest email security threats.
The number of Internet of Things (IoT) devices online has led to a rise in Distributed Denial of Service (DDoS) attacks. DDoS attacks send high amounts of traffic to a website to overwhelm it and the company's network, so the site won’t work and the company cannot serve its customers.
Forsythe offers solutions from all of the leading on-premise and in-cloud DDoS defense providers, and our Security Services team conducts expert DDoS threat assessments. Our consultants work with you to determine the best approach to helping your organization mitigate DDoS attacks successfully, so you can defend against known and emerging threats and maintain business continuity–no matter what.