Frequently Asked Questions
1. How will you process my security device
logs – will you analyze and correlate, or just simply reformat and deliver
them to me?
Raw security
data is meaningless without expert analysis.
On any given day, firewalls and intrusion detection systems reveal thousands
of potentially suspicious activities across a single enterprise system.
Other managed security providers simply reformat raw data and return
it directly to clients. The trouble is, security data requires skilled
analysis before any action can be taken. And by the time a real attack
is detected, it may be too late to avoid damage.
Filter technology
does not pinpoint threats.
Other managed security services providers are trying to figure out how
to reduce the thousands of false positives that can hide real threats
to today’s networks and systems. While some are able to filter information,
they still leave the client with the time-consuming burden of constantly
interpreting large numbers of suspicious logs.
Axxera analysis enables Proactive Information Protection
Axxera provides the only Real-Time Information Protection for your network available today. If there’s one real threat hiding in a flood of possibilities that needs attention, Axxera has the technology and expertise to find it. And if a series of apparently innocent activities reveals a more malicious pattern, Axxera will pick that up too. Axxera offers the only service that correlates historical and current security logs from devices across your enterprise to identify potential attacks before they happen.
2. How do you monitor the security devices
across my enterprise?
Complete
Analysis
Only Axxera’s technology platform has the scope and intelligence to
mine and examine every single log. We monitor for any threat to your
system, including malicious programs, brute force activities, DOS/DDOS
attacks, signs of scans, or any other potentially threatening behavior.
Progressive
Threat Model
Sophisticated hacker attacks take time to develop and are usually launched
in stages. Most organizations ignore the seemingly harmless non-threatening
scans circulating on the Internet. However, these threats are often
the building blocks of a more concentrated, potentially devastating
attack. Axxera’s progressive threat model allows us to correlate more
sophisticated actions with the earlier activities to help identify which
combinations of attacks require immediate action to prevent.
Response
Axxera aggregates and analyzes data produced across our entire client
base. We can identify new attack signatures and strategies and address
emerging threats before they become a problem. If an attack occurs,
our security team works closely with you to define the scope of the
security breach, recommend actions to minimize damage, preserve evidence,
and eliminate vulnerabilities that contributed to the event.
3. How does your service impact my in-house
security staff?
Outsourced
protection for any size organization
Axxera's Proactive Managed Security Services are ideal for large organizations
with dedicated information security personnel as well as smaller companies
with limited resources. Axxera's services allow large organizations
to focus their security staff on strategic issues such as policy development
instead of focusing on cumbersome security review and analysis. For
smaller organizations, Axxera’s service is a completely outsourced solution
that offers total information protection.
Axxera dramatically
increases the efficiency of in-house resources.
Through the proprietary Central Intelligence technology platform, Axxera
collects security data through secure connections to your security devices,
including firewalls, intrusion detection systems (IDSs), VPNs, and other
applications. The technology platform then mines the data for suspicious
events using a variety of expert system and anomaly-based advanced tool
and correlates them to other signs of attack, and presents them to our
analysts, customers and Law Enforcement.
Proactive
Query and Analysis Tools
Axxera’s security experts interpret the data in real time, using advanced
query and analysis tools and prioritize the results according to a constantly
evolving threat model, customized to your needs. The result: a dramatically
reduced monitoring, management, investigation and predictive analysis
burden for your IT staff.
4. How will you provide my IS staff with
continuous access to relevant Proactive data?
The Secure
Internet Interface
Axxera’s Secure Internet Interface provides access to the tools you
need to keep your network secure. Users can view information and security
events from their networks. These events are prioritized according to
urgency and presented with comments from SOC analysts.
Carrier-Class
Scalability
We support multiple security technologies, including a wide variety
of firewalls, intrusion detection systems, virtual private networks,
and other security products. With architecture that enables distributed
processing, we can handle large amounts of information in Proactive,
and our system can grow with your business.
Reliable
Architecture
The Central Intelligence technology platform and Security Operations
Centers feature maximum redundancy and a complete failover process to
ensure 100% uptime for your network protection solution. And our processing
model can dynamically reroute customer data to different Axxera Security
Operations Centers within our architecture if conditions demand.
5. What actions will you take when you
identify an attack on my network?
Read Between the Lines
With a normalized view of all network security data, the technology
platform detects suspicious patterns of activity over different systems.
These patterns often escape unnoticed by conventional event-by-event
analysis processing.
Correlate
Results
Some managed security providers provide you with simple keyword searching,
not true security log correlation. Axxera does more than identify similar
activity. We analyze firewall evidence, IDS evidence, and VPN evidence,
as well as data from other security sources, and we correlate results
to create a complete picture of the activity that threatens your network.
Respond
to Threats, On the Spot
Axxera has the expertise and procedures in place to find the action-issues
as they appear and address the problems before they escalate. We assess
severity, provide recommendations, and take immediate action for every
security event that is considered malicious.
6. How will you help me design a comprehensive
security strategy and program?
Assessments
and Testing
Axxera’s assessments and security audits provide comprehensive reviews
of all possible technical and administrative vulnerabilities that can
be leveraged to launch an attack against your critical systems. Our
controlled penetration tests probe systems across your enterprise to
reveal vulnerabilities on Internet gateways, system hosts, and dial-up
access points. We then work with you to develop solutions.
Development
and Implementation
Axxera consultants work closely with you to design effective security
architecture and integrate best-of-breed security technologies. We also
work with your IT staff to develop and implement practical security
policies that carefully balance your information access needs with high-level
security requirements.
Security
Policy Development
Axxera works
with your team to develop and implement practical security policies
and procedures that achieve your information access needs while meeting
appropriate security standards.
Incident
Forensics and Response
When an incident occurs, the Axxera-CERT works quickly to define the
scope of the breach, minimize damage, and correct vulnerabilities that
contributed to the event. We carefully preserve evidence for criminal
proceedings and work with law enforcement agencies as needed. Axxera-CERT
regularly publishes security advisories detailing the latest information
security threats.
7. How are you going to protect me from
Hackers?
Axxera protects your systems by proactively thwarting (foil) the attack on your production systems. Axxera uses it proprietary tools to identify attack proactively, shutdown attack, open investigation, collect digital evidence. Once the information is collected it has the ability to pass information over to the local / Federal law enforcement agency.
Based on the intelligence Axxera receives from Law Enforcement Intelligence, Axxera Intelligence network (AIN), Axxera IRC Intelligence and other partners. AIN – Axxera collects Botnet / Hacker community Intelligence
8. Incident Forensics and Response
When an incident occurs, Axxera works quickly to define the scope of the breach, minimize damage, and correct vulnerabilities that contributed to the event. We carefully preserve evidence for criminal proceedings and work with law enforcement agencies as needed.
9. How does Digital Evidence help me?
Digital Evidence and Response
When an incident occurs, the Axxera works quickly to gather suspicious traffic and analyze information exchange of attacking system with compromised system. We carefully preserve evidence for criminal proceedings and work with law enforcement agencies as needed.
10. Do you work with Law Enforcement
Axxera works with
multiple law enforcemen. Axxera also work with the following associations:
a. Infragard – National Infrastrcture Protection agency – GOVT Organization
b. HTCI A – High Technology Crimes investigation association
c. CERT
d. SANS
e. Department of Homeland Security
f. Various other International Associations
11. Do you compete with IDS / Firewall manufacturers like Cisco, Checkpoint, Netscreen etc.
No, we do not compete but we complement these devices. Cisco, Checkpoint, Netscreen and others in the market are the leaders in this space. Our service and technology enhances these tools with intelligence allowing predictive protection to occur seamlessly to the customer.
In these economic
times, cyber threats are rising and becoming more sophisticated. Axxera
enhances your security in real time with intelligence prevention from
the security community and law enforcement. Axxera has the ability to
integrate with your tools and technology to automatically predict, prevent
and enhance your security posture to combat against outbreaks of zero-day
attacks.
12. How does your service differ from already existing Firewalls / IDS devices?
Axxera’s services compliment, and enhance your security implementation by automating threat prevention with security community and law enforcement Intelligence. This allows our customers to prevent and have predictive protection from suspected entities.
Axxera’s digital
evidence enhances security by being able to replay security breaches
and captures exactly what communication traffic was exchanged with a
suspected priority alert for both external and internal attacks.