RackFoundry TSM 24/7 is great for organizations that would like to manage TSM internally, but would like the added benefit of having our Security Operations Center monitor your environement 24/7/365 to identify any malicious activity. With RackFoundry TSM 24/7, RackFoundry's Security Operations Center continuously monitor your environment, review alerts, and help you update policies & correlation rules to ensure that you are protected. No threat goes unnoticed. It's a great solution for those that want full control over their network and environment, but may not have enough resources to monitor their environment 24/7/365.
24/7/365 Monitoring and Alerting by Security Operations Center
Customized Alert Response by phone, email, and text
You maintain full control over your network
Threat triage by our security experts
Dark web monitoring through RackFoundry Dark Web Intelligence (DWI)
Complete security in a single unified solution
A holistic security methodology to give you complete real-time security coverage from the edge to the end-points.
Security Incident and Event Management (SIEM)
Traditionally SIEM is a highly complex technology where, while it can be easy to deploy, is also extremely difficult to decipher when an alert comes in. Our SIEM module simplifies this by providing you with actionable data in clear simple terms, and at any time you can hit the Ask an Expert button for help from our Security Operations Center! We provide both "self-response" and "fully-managed" options for our technology, meaning you can choose to receive the alerts yourself (via email, SMS or phone call), or you can have us handle it, make sure it's a real threat, and contact you day and night as needed to mitigate a situation. Our SIEM features host-based intrusion detection plugins, as well as both file integrity monitoring and file audit data, as well as feeding information in to other modules - like our IDS/IPS - further improving correlated detection. SIEM is a key technology for detecting threats across your network - with this module you won't be left in the dark wondering what's going on out there!
Log data is often ignored, especially considering the volume of log data generated every minute of every day by every system on your network. However, log data is a virtual treasure trove of information waiting to be leveraged. Our Aggregated Logging module allows you pull all your log sources in, and as well as being used by our SIEM module when enabled, also allows you to quickly search through logs for keywords, and correlate what's found against every source being fed in to the system. This way you can see if an issue happening on one system is happening elsewhere at the same time, or being caused by another system at the same time. You can also setup keyword-based policies that will alert you to specific events whenever they happen. Logs are a powerful source of information - don't let this precious resource go to waste!
Detecting malicious activity is all well and good, but every second counts when your network is under threat. Our IDS/IPS module delivers real-time protection, blocking malicious traffic as needed in a highly targeted way. Based on commercial SNORT rules, as well as threat feeds from multiple internal and third-party research groups, catching zero-day attacks in the act becomes that bit easier. Don't be left without protection when that attack hits you at 3AM on Saturday night!
Web Application Firewall (WAF)
Web applications are a special case of the IDS/IPS model. With websites becoming more and more complex, the ever increasing attack surface area given by these websites gives hackers a virtual candy store of options to attack your infrastructure. Our WAF module specifically analyzes web traffic for malicious activity, and stops the requests in their tracks if found. Rules are continuously updated to provide complete coverage, and custom rules - like blocking specific paths, adding redirects and forcing HTTPS - can easily be added too.
Waiting around for some malicious activity to occur is all well and good, but why not seek out vulnerabilities before they become issues? Our vulnerability scanning module will scan through your entire network periodically, finding unauthorized systems, vulnerable services, test systems that have long been forgotten, and services that should not be available. When an open port is found, a full battery of tests are performed to work out any vulnerabilities that might be present. For example, if the scanner finds a website, a full web scan is performed seeking out vulnerabilities before hackers can find them! Don't sit around waiting to be compromised - active scans are essential as part of a complete security posture.
Firewall technology performs all the standard firewall functions that you would expect - multiple zones, policy rules, network address translation, and port address translation - applied to either inbound or outbound traffic, and granular down to protocol and ports. Additionally, full IPv6 support and deep packet inspection round out the functionality of this powerful firewall module.
Virtual Private Network (VPN)
VPN's are a doorway in to your otherwise secure network. All businesses need it as the need for remote working only increases, but do you know what risks your users are bringing in to your network? Terminate all your VPN traffic in one place with this module, and have all traffic inspected for any malicious behavior. Fully integrated with Active Directory and OpenLDAP, leverage your existing user authentication systems - or use the built-in standalone authentication. Highly secure, and based on high encryption SSL technology, make sure your users can connect securely wherever they may be.
Our Security Operations Center monitors and maintains your appliance so that you can be assured that everything is running optimally. Our expert staff can assist in anything from adding firewall rules to triaging alerts - or you can do it all yourself! Security is a highly specialized field, and keeping up is a full-time job. Don't risk your entire business - make sure you have experts on hand when you need them!
We understand that perimeter devices are critical to the running of your business. Therefore we provide optional fully redundant options, allowing you to protect yourself from rare hardware failures and maintain continuous operation. Additionally, our inline devices come as standard with redundant power supplies and cooling to ensure non-stop operation.