Our Thinking | Intercity Technology

Discovering managed, cloud-based next-generation cybersecurity

Written by Nick Ward | Nov 19, 2018 9:30:23 AM

Cloud computing is commonplace within the public sector, but have you considered the benefits of using cloud-based security to protect the perimeter of hybrid cloud computing and on-premise networks?

You probably know about our managed firewall services but might not know about Touch Secure - our managed, cloud-based, next-generation firewall service (NGFW) which secures your network perimeter, independent of location.

How we started

Sometimes the best way to find out whether a product will succeed is to sell the concept before building it: that’s exactly what happened with Touch Secure.

Last summer, our public-sector account team were with a customer discussing their IT issues, which included traditional firewalls. Their biggest challenge was growth in client Internet usage, which was overwhelming network capacity. As the firewalls became exhausted, performance dropped and users became frustrated.

They had a small team, multiple sites and a base of almost 1,000 clients. As they were kept busy managing applications and data critical to the day-to-day running of the organisation, outsourcing management of their cybersecurity was something they were keen to do.

Our solution: Touch Secure

If you’re familiar with the basic principle of cloud computing – a centralised computing resource, partitioned into separate virtual servers – then think of Touch Secure as being similar, except it uses a centralised firewall resource, partitioned into separate virtual firewalls.

A key difference is that Touch Secure provides next-generation cybersecurity measures. What are these? Whereas traditional firewalls allow/block packets based on port, protocol, source/destination addresses, NGFWs examine packet payload, protecting against user behaviour, whether accidental or malicious.

A key difference is that Touch Secure provides next-generation cybersecurity measures.

The main measures are email filtering, web filtering and application control:

  • Email filtering is an anti-spam and anti-virus feature which examines email, searching for and removing any viruses, Trojans and worms. It also filters unsolicited marketing, phishing and spam messages.
  • Web filtering restricts or controls what a user may access on the Internet. This improves security, prevents inappropriate activities and increases productivity.
  • Application control detects and takes action against network traffic based on the application that generated it, such as a Facebook posting or a Dropbox file sync.

Sandboxing

This may be new to you, but with the increasing threat from zero-day exploits, particularly ransomware, it’s important to understand what it does. Code spans a continuum from known good to known bad - the mid-point is unknown code. Firewalls cannot stop the most sophisticated attacks because they rely on identifying known attack indicators.

On encountering unknown code, a firewall sends it to the sandbox for analysis, entailing teasing it into exposing itself. On identifying new malware, the sandbox quarantines and sends it to the sandbox manufacturer, which sends a signature update to its global base.

Monitoring & Self-Service

Outsourcing cybersecurity management doesn’t mean that customers lose visibility. Our OnePortal provides real-time visibility of events and user security incidents. We’re adding self-serve capabilities enabling administrators to make changes like traffic-shaping users and managing session concurrency. Administrators therefore retain visibility and control of routine tasks, leaving us to take care of managing the underlying cybersecurity service.