Cybersecurity
ICT
Alascom’s offer aims at preserving the applications and infrastructures of the entire corporate network and is therefore a necessary complement to the system integration, outsourcing and digital transformation services that make up the company’s proposition. In terms of cybersecurity, Alascom selects, installs, configures and maintains the most advanced and innovative systems and solutions, for which commercial agreements and partnerships have been started with the main vendors of systems and solutions for:
FIREWALLING
EVENT REGISTRATION
BLACK-BOX EVENT MONITORING
SCADA SECURITY
INTELLIGENT SECURITY SYSTEMS (systems based on machine learning and network behavioral analysis)
END POINT SAFETY
In addition to the integration of network security systems, Alascom offers a remote monitoring service and / or supervised by the customer in Security Operations Center (SOC) mode. This service, a natural extension of the company’s Network Operations Center (NOC), aims to constantly monitor and preserve the security of our customers’ networks, providing prompt support from 1st to 3rd level for response and detected events, incidents and threats:
Layer 01
Analyst engineering
The first level relies on a group of analysts specialized in the real-time control of network events relevant for security purposes. This level is functional to a drastic reduction in response time and to the initial definition of remedial actions. remediation, already at the first level.
Layer 02
Security solution architect engineering
This level counts on professionals experienced in defining network security architectures and complements the team of analysts with skills relating to the infrastructural aspects of customer networks, the traffic of information characterizing the same, as well as aspects relating to security policies and procedures.
Layer 03
Operational engineering (SOC)
At this level, the defined remedial actions and the architectured solutions are transformed into operational actions put in real-time on the customers’ infrastructures.
The SOC approach is one-to-many
Approach
The SOC approach is that of “one-to-many”, where a group of experienced security specialists work on multiple clients at the same time, so as to be able to maintain a vision on the network that considers both specific events for the individual client and any macro-types of attacks in progress replicated on multiple customers. The provision of the SOC service can be agreed with the customer in order to guarantee Alascom coverage at the customer’s infrastructure, rather than remote support or a combination of the two.With regard to the management of the service, the SOC of Alascom is structured according to the following characteristics:
24 × 7 full ITIL-based with Trouble Ticketing support and trackingLayered architecture, as described in the previous section: level 1 support; 2nd level support (local / remote); 3rd level support with highly specialized engineers and technical account managers (TAC);H24 availability of engineers and specialistsContinuous training and certification activities.
The physical infrastructure of the SOC can count on control centers (Milan, Naples and Udine), as well as a laboratory located at the Milan office and available via VPN. According to what has been described, therefore, the main activities of the SOC are possiblesummarize in:
Remote Monitoring
Proactive monitoring of networks, operating systems and applications in real-time mode and with multi-vendor support.
Service Desk
Single point of contact for any problems encountered.
Incident Management
Real-time and pro-active incident detection and resolution.
Operational Management
Remote and / or local support for network and system configuration activities, capacitive remodeling, change management.
The SLAs that Alascom can guarantee at the SOC level include 24x7x2h support for on-site hardware maintenance, subject to availability verification. Remote support in 9 × 5 or 24 × 7 mode with response times of 1h / 4h / NBD, depending on the customer’s needs.
01 LAYER
Log management
Security monitoring
System management and configuration
Active fraud prevention
Malware intelligence
Mobile rogue application hunter
Anti phishing services
Brand abuse monitoring
Social media threat monitoring
Ia and immune system monitoring
02 LAYER
Secure network design
03 LAYER
Networking remote and on site support devices
Device and software supply with support
Network engineer support
Noc and complex network consulting
End user computing
Device management
Mobile application security
Identity and security management
Voice and unified communication consulting
Voice engineer support