Get started now RackFoundry TSM MDR is a holistic cybersecurity solution to detect, respond, and prevent cyber-attacks. Your network security will be managed by our elite Security Operations Center 24/7/365. Not only does our security experts respond to alerts, they proactively hunt for threats and vulnerable areas within your network to detect issues before they occur. Our security experts investigate behavioral anomalies, which could be indicators of previous unknown attacks. You get enterprise-grade security no matter the size of your organization.
Your Technical Account Manager (TAM) will regularly review your network security posture with you and will present any findings, along with recommended steps to improve your overall security posture. Unlike any other MDR solution, you own the RackFoundry TSM appliance with a perpetual license and have complete access to your console so you can review any findings and monitor any changes made by our Security Operations Center.
Assigned Technical Account Manager
Architectural Analysis with included Penetration Tests
Compliance assistance and reporting
TSM Health Checks and State of the Environment Reports
Dark web monitoring through RackFoundry Dark Web Intelligence (DWI)
Complete security in a single unified solution
A holistic security methodology to give you complete real-time security coverage from the edge to the end-points.
Security Incident and Event Management (SIEM)
Traditionally SIEM is a highly complex technology where, while it can be easy to deploy, is also extremely difficult to decipher when an alert comes in. Our SIEM module simplifies this by providing you with actionable data in clear simple terms, and at any time you can hit the Ask an Expert button for help from our Security Operations Center! We provide both "self-response" and "fully-managed" options for our technology, meaning you can choose to receive the alerts yourself (via email, SMS or phone call), or you can have us handle it, make sure it's a real threat, and contact you day and night as needed to mitigate a situation. Our SIEM features host-based intrusion detection plugins, as well as both file integrity monitoring and file audit data, as well as feeding information in to other modules - like our IDS/IPS - further improving correlated detection. SIEM is a key technology for detecting threats across your network - with this module you won't be left in the dark wondering what's going on out there!
Log data is often ignored, especially considering the volume of log data generated every minute of every day by every system on your network. However, log data is a virtual treasure trove of information waiting to be leveraged. Our Aggregated Logging module allows you pull all your log sources in, and as well as being used by our SIEM module when enabled, also allows you to quickly search through logs for keywords, and correlate what's found against every source being fed in to the system. This way you can see if an issue happening on one system is happening elsewhere at the same time, or being caused by another system at the same time. You can also setup keyword-based policies that will alert you to specific events whenever they happen. Logs are a powerful source of information - don't let this precious resource go to waste!
Detecting malicious activity is all well and good, but every second counts when your network is under threat. Our IDS/IPS module delivers real-time protection, blocking malicious traffic as needed in a highly targeted way. Based on commercial SNORT rules, as well as threat feeds from multiple internal and third-party research groups, catching zero-day attacks in the act becomes that bit easier. Don't be left without protection when that attack hits you at 3AM on Saturday night!
Web Application Firewall (WAF)
Web applications are a special case of the IDS/IPS model. With websites becoming more and more complex, the ever increasing attack surface area given by these websites gives hackers a virtual candy store of options to attack your infrastructure. Our WAF module specifically analyzes web traffic for malicious activity, and stops the requests in their tracks if found. Rules are continuously updated to provide complete coverage, and custom rules - like blocking specific paths, adding redirects and forcing HTTPS - can easily be added too.
Waiting around for some malicious activity to occur is all well and good, but why not seek out vulnerabilities before they become issues? Our vulnerability scanning module will scan through your entire network periodically, finding unauthorized systems, vulnerable services, test systems that have long been forgotten, and services that should not be available. When an open port is found, a full battery of tests are performed to work out any vulnerabilities that might be present. For example, if the scanner finds a website, a full web scan is performed seeking out vulnerabilities before hackers can find them! Don't sit around waiting to be compromised - active scans are essential as part of a complete security posture.
Firewall technology performs all the standard firewall functions that you would expect - multiple zones, policy rules, network address translation, and port address translation - applied to either inbound or outbound traffic, and granular down to protocol and ports. Additionally, full IPv6 support and deep packet inspection round out the functionality of this powerful firewall module.
Virtual Private Network (VPN)
VPN's are a doorway in to your otherwise secure network. All businesses need it as the need for remote working only increases, but do you know what risks your users are bringing in to your network? Terminate all your VPN traffic in one place with this module, and have all traffic inspected for any malicious behavior. Fully integrated with Active Directory and OpenLDAP, leverage your existing user authentication systems - or use the built-in standalone authentication. Highly secure, and based on high encryption SSL technology, make sure your users can connect securely wherever they may be.
Our Security Operations Center monitors and maintains your appliance so that you can be assured that everything is running optimally. Our expert staff can assist in anything from adding firewall rules to triaging alerts - or you can do it all yourself! Security is a highly specialized field, and keeping up is a full-time job. Don't risk your entire business - make sure you have experts on hand when you need them!
We understand that perimeter devices are critical to the running of your business. Therefore we provide optional fully redundant options, allowing you to protect yourself from rare hardware failures and maintain continuous operation. Additionally, our inline devices come as standard with redundant power supplies and cooling to ensure non-stop operation.