Managed Firewall Services
Our Managed Firewall Services take a Zero-trust approach to protect your business against threat
Firewalls are the first point of defence for any organisation to protect their environment. As part of our initial managed firewall services design we will work closely with you to configure an environment based on the zero-trust model to ensure that your firewalls provide the highest security whilst allowing for optimal network connectivity to achieve your business goals. If your network carries card payment data, rest assured that Hughes by default designs PCI DSS compliance as an integral part of the network security concept.
The managed firewall service focuses on three core components of the overall security implementation: Segmentation, Configuration and Patch Management
In order to ensure security hygiene, the implementation is carried out according to a hierarchal access and configuration methodology, which limits access by authenticating and authorising at the required level. All access and configuration changes are tracked and logged, providing detailed historical accounting for troubleshooting purposes, forensics, auditing and compliance.
Segmenting your data
Making sure that different types of data are treated differently is a key element of Managed Firewall Services. To achieve this we use segmentation. This enables the separation of the highly secure subnet from those that are less critical, enforced by strict policies that regulate inter-segment communication and controlling traffic transport path and destination. Segmentation also limits the damage that could be caused by viruses and malware preventing the failure from spreading to other parts of the network.
Also, if a segment is compromised it is easier and faster to discover and respond to a threat that is already isolated by the nature of the design. Segmentation is necessary for the branch location LAN / WLAN but should also be extended and enforced across the core of the network and up to resources in the data centre and in the cloud.
Security conscious configuration
Setting up your network in a zero-trust environment means that all aspects of the network need to be considered with this in mind.
This means an essential component of firewall management is the configuration of secure connectivity from the branch site to central resources or other branch locations.
With many years of experience in designing and delivering managed firewall services to highly distributed organisations who handle large volumes of sensitive data we can deliver the right design for your business.
We approach this by tunnelling the traffic and securing the data transmission using encryption. Encryption techniques mean that it is more difficult for intruders to your network to access your vital data. End-to-end encryption at the network and application level, such as email encryption and secure file transfer (SFTP), combined with multi-VPN tunnelling (tunnel in tunnel) for transmission segmentation allow for higher data transmission security.
Keeping up to date
We all know that the threat from attack is a moving feast. Those who want to access and use our data for malicious purposes are finding more and more creative ways to gain access to our systems. This means that what might have protected us yesterday will not protect us tomorrow. Keeping your protection credentials current is therefore a vital component of any managed firewall service.
Our managed firewall services includes the implementation of platform patches in a timely manner as soon as they are released by the OEM. Patches or updates could be security updates, bug fixes, software improvements, and critical vulnerability mitigation. It is imperative that all applicable licences are tracked and renewed on time so that services such as updates and unified threat prevention (UTP) services are not discontinued. We will manage all of this for you a part of the service so you can have peace of mind that your network is always benefiting from the latest levels of protection.