Provides integrated security monitoring using FW, IPS, AntiVirus, etc.

Nowadays, it has become a common practice to prevent a variety of sophisticated cyber attacks through multi-layered protection using multiple security solutions such as firewalls (FWs), IDS/IPS (Intrusion Detection and Prevention System), and antivirus software.
The Next Generation FW Monitoring Service provides customers with integrated security monitoring using multiple functions such as FW, IDS/IPS, antivirus, URL filtering, and sandboxing against a variety of sophisticated threats targeting enterprise applications, data, and users.
Furthermore, the use of virtual appliances makes it possible to provide the service in a cloud environment (AWS and VMware ESXi/vCloud Air are supported).

Challenges in combating unauthorized access

Although security products such as firewalls are generally installed to prevent unauthorized access, is that really enough to provide peace of mind?

Purpose of Firewall

Detect and block unauthorized communications by monitoring data flowing over the network.

Operational issues

Access to permitted ports sometimes even allows attacks to pass through. It is operationally difficult for the administrator to constantly check the logs to determine where an unauthorized access is occurring, and it is also difficult to take immediate action.

Purpose of IPS

"Constantly" check communications over the network on behalf of the administrator. Quickly detect and block unauthorized access that could not be prevented by a firewall and notify the administrator.

Operational issues

• Merely installing the system does not mean that the environment is protected against all threats.
• Signatures need to be tuned.
• Since there are many false positives, determination based solely on IPS device alarms is difficult.

Purpose of Antivirus

Detect and block malware (viruses, spyware) by monitoring data flowing over the network.

Operational issues

Device alerts alone do not tell you what action to take next.

Purpose of URL Filtering

Detect and block access to unauthorized sites by constantly monitoring external web access.

Operational issues

• URL filtering alone cannot protect the environment against all threats.
• Device alerts alone do not tell you what action to take next.

Purpose of Sandboxing

Constantly monitor files flowing through the communication path, and detect and block any unknown malware file found that could lead to a targeted attack.

Operational issues

Device alerts alone do not tell you what action to take next.

Overview of the Next Generation FW Monitoring Service

The Next Generation FW Monitoring Service is provided 24 hours a day, 365 days a year by knowledgeable security engineers.

1. Continuous security monitoring and device operation monitoring for 24 hours a day, 365 days a year

• Unauthorized access is monitored by carrying out tuning for false detection and erroneous interception of normal communication before providing the service.
• In the event of false detection or erroneous interception of normal communication due to network changes, application modifications, etc. during operation, tuning is carried out based on discussions with the customer and false detection or erroneous interception is eliminated.
• The service detects and reports device malfunctions, etc., by monitoring the operation of the monitoring devices.

2. Emergency report sent to customers when critical alerts are detected

If a high-risk alert is detected and security engineers determine that there is an impact on the systems covered by the service or that there is malware-infected terminal activity on the internal network, an emergency report is immediately sent to the customer.

3. Reports on operation and monitoring status

Customer Benefits of the Next Generation FW Monitoring Service

Significant cost savings

Security monitoring of new systems requires a significant cost, including the cost incurred for operators to monitor the systems 24 hours a day, 365 days a year, the cost of operator training, and equipment maintenance cost.
However, by using this Next Generation FW Monitoring Service, our security monitoring center monitors events detected by the next-generation FW, 24 hours a day, 365 days a year, thereby significantly reducing customers' security maintenance and operation costs.

Our proprietary threat information

By comparing alerts generated by monitoring devices, with a database of threat information such as hosts used for attacks, collected using our proprietary methods, we are able to detect communications with rogue servers. Therefore, attacks that would be missed by a stand-alone security solution can be scrutinized from multiple perspectives, thus enhancing security.

Next Generation FW Monitoring Service Deployment Flow

• *All other company names, product names, service names, etc. mentioned herein are trademarks of their respective owners.

*This service is registered under "Information Security Service Standards Examination and Registration System" by the Japan Security Audit Association (JASA), a non-profit organization, which conducts the audit and registration.