The spread and continued use of the Internet have caused increased attacks against information systems and a considerable increase of the risks for companies. Overlooking such issues could prove fatal for a company. The new scenario makes information security not a discretionary choice, but one of the core aspects of company strategies. In order to take care of Core Businesses, an increasing number of companies outsources delicate and important processes, like system securization. Eclettica’s SOC services were created to meet this need.

THE SOC

All the services of the Security Operation Center are managed from remote and via secure connections. The SOC’s structure has two levels: the Security Management Center, where the team manages the client’s requests and monitors the systems, and the Security Operation that implements security according to the requests forwarded by the Security Management Center.

Our team is always ready to work on-site, wherever a system is located. Thanks to procedures that have been tested multiple times, our service is constantly monitored to meet the qualitative and quantitative expectations of our clients.

Security Management

Our offer develops in a modular fashion to meet multiple needs, depending on the typology of company:

Firewall Management: installation, configuration, policy definition, policy management, log control, log back-up. This service was devised to let the client have complete control of the firewall. The offer includes a Help Desk (Security Management Center) that can be reached by phone or the net to analyze and solve security issues in real time.

IDS Management: Ordinary management of the Intrusion Detection System with relative definition of matching policy, log analysis and correlation. It is necessary to add the Intrusion Detection System that analyzes network activity to a good management of the firewall. Our SOC experts perform a continuous analysis of the events, relying on ad hoc customization of the policy in relation to the generated traffic. Further, this module features real-time management of emergencies triggered by individuated attacks, as well as detailed reporting of all critical issues and significant events encountered.

Centralized Antivirus: installation, ordinary management of the antivirus, automatic updating. In the event of an infection that is not blocked, the client can request the help of our team to limit the spread of the virus.

Antispam: installation. Deeply linked to the problem of virus infection, this module features the installation of an antispam filter in the mail server to reduce the amount of spam mail in the client’s inbox. Further, when combined with the antivirus offer, the module also features the installation of an antivirus system in the mail server to single out any mail that contains a virus.

Content Filtering: installation and configuration.