Firewall, Secure Web Gateway und Application Delivery Controller mit MSS-i

Managed Network Security – the best protection for your business

Protecting the company’s network is one of the funda­­mental tasks of IT security.

It provides the basis for defen­ding against cyber attacks and prevents access to malicious websites and applications.  Managed Network Security covers your network security reqquire­ments, reduces system com­plexity and therefore increases the security, avai­la­bility and maintainability of your IT systems.

Fully protected with Network Security Services

Network security today extends far beyond basic perimeter protection. Not only do external attacks have to be fended off, traffic from the corporate network to the Internet has to be monitored and access within the company network has to be managed using network segmentation. The measures also ensure the constant availability of web applications that are accessed over the Internet and prevent service interruptions. MSS/-i’s Network Security Services are provided as a modular package to suit the individual security needs of your company and support your move to a ZTNA (Zero Trust Network Access) and an SASE/SSE (Secure Access Service Edge/Security Service Edge) architecture.

When is it the right solution?

Companies need network security that is tailored to the existing IT system landscape. The measures must both protect access to cloud services and support on-premise resources and thus the IT strategy. Managing network security is key here.

To meet your organisation’s security needs, you need a wide range of scalable network security services that mitigate current threats. These services include:

  • A Next Generation Firewall (NGFW) which, alongside conventional firewall functions, offers extended func­tiona­lity, such as application-level packet scanning and attack prevention. The latest security features, such as ZTNA or SASE/SSE for hybrid cloud access, can also be integrated.
  • A secure web gateway (proxy) that analyses encrypted connections for malware and blocks access to potentially dangerous Internet addresses.
  • An application delivery controller that ensures the availability and security of web applications through load balancing and access control.

Your benefits:

  • Tailored corporate network protection
  • Protecting employees from accessing malicious websites
  • Availability and scalability of your web applications

Managed Network Security in a nutshell

In this video, discover how MSS-i protects companies from cyber attacks.

The first step

Download

The components of the MSS-i portfolio

As managed services, MSS-i’s three offerings include a 24/7 service for operation and maintenance as well as for problem and incident management.

Kontakt

Managed Firewall

Managed Next Generation Firewall, which can be operated locally, in the Swisscom Cloud or in the Public Cloud, and offers the following:

  • Basic protection with a Next Generation Firewall
  • Access services with ZTNA
  • Secure access to multi-cloud services thanks to SASE/SSE functions
  • Extended services with WAN/SD-WAN, web proxy and remote access services
  • Additional security services from the Unified Threat Management solution
Managed Firewall Services factsheet
Kontakt

Managed Secure Web Gateway

Secure web proxy that detects and filters out malicious traffic to secure access to web and cloud services:

  • Eliminates known threats even in SSL-encrypted connections
  • Constantly updated filters based on positive/negative lists, URL, categories
  • Integrated in anti-malware solutions from different manufacturers
  • Bandwidth management and reporting
Managed Secure Web Gateway factsheet
Kontakt

Managed Application Delivery Controller

Uses load balancing and functions as a reverse proxy to ensure security and availability of web applications:

  • Load balancing with SSL offload and load balancing
  • Signature-based protection against attacks such as SQL Injection and XSS
  • Reverse proxy with LDAP and Active Directory authentication
Managed Application Delivery Controller factsheet

Typical applications for MSS-i

Multiple locations with secure Internet access over a managed firewall

Various company locations within Switzerland and abroad are con­nected to the headquarters. Access to the Internet is protected by a mana­ged firewall. The infrastructure is operated and managed on premise, in the public cloud or in Swisscom data centres. All changes to the security policies are audited and recorded in a transparent manner.

Control access to the web with Managed Secure Web Gateway

A company controls access to the web from the corporate network using a local Secure Web Gateway operated by Swisscom. URL filtering and content analysis prevent access to dange­rous and inappropriate websites. All changes to the security policies and online user behaviour are audited and recorded in a transparent manner.

Protect the online portal with the Managed Application Delivery Controller

User authentication is required to access a company’s web application. The Application Delivery Controller operated by Swisscom acts as a reverse proxy to secure access to an Active Directory or an LDAP service. The Web Appli­cation Firewall (WAF) prevents cyber attacks such as SQL Injection, XSS (Cross Site Scripting) or XSRF (Cross Site Request Forgery). Load balancing is used to evenly distribute traffic over different servers and ensure high availability. All changes to the security policies are audited and subject to transparent version control.

MSS-i services

Managed Network Security Services encompass all security activities, from device management to security monitoring, reporting and management.

Monitoring

  • Monitoring of physical and virtual devices (availability & services)
  • Security monitoring

Reporting

  • Device reporting (availability & services)
  • Security reporting

Device Management

  • Update management (release/patch/lifecycle)
  • Change management (network/security changes)
  • Fault and problem management

Security Management

  • Collection and consolidation of events (logs)
  • Detection of Indicators of Compromise, IoC
  • Recommendations for minimising risks

Why Swisscom?

Best practice

You benefit from a firewall architecture with maximum protection.

Customised policies

We adapt the firewall to your needs in a traceable way (audit trail).

Industry specific

We configure the web gateway according to the best practices of your industry.

Find out more

Security prevention is more than operational implementation and should be integrated into the IT security strategy. This whitepaper facilitates a critical review of a company’s IT baseline protection and an evaluation of measures.

Our experts will be happy to answer your questions. Contact us.