Managed Security Services

Expand all

Managed Security

Our Managed Security Services include Log Collection and Retention, Monitoring, Analysis and Event Management.   Through our MSOS Secure Web Portal, logs from your in-scope components are collected and correlated on a 24/7/365 basis both by using highly specialized technologies as well by our MSOS experts.  This process ensures early identification of potentially harmful threats and attacks against your network and system resources.  During this process and over time, our MSOS experts gain a deep understanding of your network and systems. This tacit knowledge of your network and system environment’s behavior allows our experts to become more accurate in their evaluation of flagged alerts, thus minimizing false positives and related investigation costs. In the event that such a threat or attack is identified, it is flagged for close monitoring and in-depth analysis in order to assess its criticality.  Based on this assessment, our MSOS engineers may invoke a structured escalation process, which includes alerting you to the fact (through the MSOS Secure Web Portal, email, SMS etc), so that you may take any remedial actions. In addition, our experts are always available to provide to you the assistance and guidance needed that enable you to take necessary actions against potential and/or actual intrusions.

In such cases, if requested, our team may undertake to lead, or assist, the Incident Response process. All related Alert details, reports, and analysis tools, in addition to other key security data, are available for review at all times through our MSOS Secure Web portal.

Adopting a holistic delivery approach, through our MSOS secure Web Portal, we have designed our MSOS services in a modular manner so that you may choose the level of service that suits your own business needs, risk appetite, as well as extent and knowledge of your internal resources.

Key Benefits

“Minimized risk….ensuring that the integrity of organizational systems and networks are not compromised”.

Through our MSOS services, your organization can realize the following key benefits within the boundaries of a planned and definable budget:

  • Enhanced 24/7/365 protection and monitoring of your network, systems, and security components.
  • Continuous log analysis and correlation of events with real-time Incident Escalation.
  • Focus internal resources on core organizational competencies.
  • Threat Analysis and access to Security Advisories issued by our ITHACA Labs® team.
  • Minimized Mean Time to Restore/Recovery (MTTR) capability by proactive identification of Internet Threats.
  • Retention of logs collected in a secure environment, helping you meet regulatory compliance without the need for deploying costly and complex reporting tools and processes.
  • Lower Total Cost of Ownership (TCO) by eliminating the need to recruit, train, and retain an in-house security capability.
  • Notification of in-scope devices outage that impacts log collection.
  • Access to MSOS secure portal for reviewing Real Time Alerts, published Incidents and generate reports.

Incident Escalation, Notification and Log Collection Process

Incident notifications are generated using a predefined process for potential/real security Threats and Vulnerabilities based on their criticality and impact. The following notification ways are available:

  • Email Notification
  • SMS Notification
  • Telephone Notification

In addition, detailed Information regarding identified incidents are available through our MSOS secure web Portal

Furthermore, we install and configure a log collector at your premises, which collects and forwards logs from your in-scope network, system, and security devices, to our MSOS center for further processing and analysis. The communication between this log collector and our MSOS center is done through the Internet via an encrypted tunnel.


Supported Type of Devices

Our Log Collection, Monitoring, Analysis and Event Management platform supports and collects logs in real time 24/7/365 from hundreds of different types of network, system, and security devices such as:

  • Web, Email, FTP
  • Firewalls (virtual or physical), Unified Thread Management 
  • Host and Network IDS/IPS
  • End Point Security
  • Web and Database Application Firewalls
  • Content and URL filtering
  • SSL/VPN Concentrators
  • Windows & Linux Operating System Logs
  • File & Directory servers
  • Business Applications
  • Database servers
  • Routers, Switches