Advanced Intrusion Prevention and Analysis
Enterprise Event Correlation & Heuristic Trend Analysis
Sales & Support HAWK Network Defense, Inc. www.hawkdefense.com sales@hawkdefense.com Contact Us - 214/373-7100
�Who Are We?
• Hawk Network Defense, Inc. [HND]
Managed Security Solutions Provider
• Application and Network Security consulting consortium that recognizes the strengths of an organization built upon cuttingedge technology. • We maintain the commitment of providing our clients with a seamless transition from insecure coding practices and a reliable commitment to secure code. • We place importance upon concrete, quality services and solutions while maintaining that sense of urgency necessary for our clientele in order to respond quickly and accordingly.
�Mission Statement
Hawk Network Defense, Inc. is committed to:
• Providing leading security technology through advanced research
and development. • Protecting our clients assets using Intrusion Detection, Prevention and Real-Time Monitoring, advanced Incident Response and Forensic Investigations. • Ensuring the integrity of our clients' infrastructure through Security Network and Application Penetration Auditing and Hardening.
�Hawk Solutions
Event Correlation and Real-Time Monitoring & Analysis
• Enterprise information assurance protection and management. • Advanced log correlation with support for a myriad of vendors. • Patent-pending “Heuristic Learning & Trend Analysis”. • Exceeding cost effectiveness • SIM industry pioneering technology. • Schedulable enterprise information report management. • Multi-tiered enterprise “user/resource” access control.
• Provide your user-base with direct access to the tools necessary for solving critical issues. • Protect your users from accessing unassigned or classified security incidents.
�Intrusion Detection and Prevention
What is an Intrusion Detection or Prevention Sensor?
• Monitoring vital network and host infrastructure for:
• Unspecified event anomalies, attempted and successful security compromises, and general abuse and misuse of acceptable user policies.
• Achieving necessary IT Infrastructure Goals such as:
• Measuring your current network security effectiveness. • Implementing managed security monitoring. • Commencing 24x7 real-time security surveillance of your network. • Secure your network with real-time countermeasures.
�IDS – Service Offering
Target Demographic
• Business units associated with:
• Health (HIPAA) • Government • Financial (PCI) (GOBA) • Publicly Traded Entities (Sarbanes-Oxley) • Any business interested in protecting itself and its clients’ integrity.
• Business units may be:
• small (50 employees or less). • medium (50 to 5000 employees). • or large (5000 employees or more).
�The HAWK Benefit
Intrusion Detection Monitoring Benefits:
• Scheduled reports based on the client’s needs, detailing:
• activity analysis. • average event occurrences. • incident response time-lines. • customized reports tailored to any specifc needs.
• On-Site and Over-the-Phone Setup and Installation support. • Customized IDS Sensors tuned to your network's unique activity patterns. • Complimentary External Security Audit with new sign-up. • Monitoring Failover and Backup. • Infrastructure Security Consulting.
�MSSP - Benefits
Managed Security Service Benefits:
• Immediate detection and response of security threats, viruses or worms. • Benefiting from our highly trained information security staff. • Immediate incident response and forensic analysis. • Opportunities for advanced security and infrastructure IT consulting.
Achieving necessary IT Infrastructure Goals such as:
• Measuring your current network security effectiveness. • Implementing full-time managed security monitoring. • Secure your network with real-time countermeasures.
�24/7 Managed Monitoring
HAWK currently has four (4) data center spreading across the United States:
• We have made the commitment to keeping the source of our services and
solutions within the continental United States. • We refuse to cut operational costs and sacrifice our quality service by outsourcing any of our services or solutions outside of U.S. borders.
As part of Network Monitoring we will help you:
• Identify your online information assets to evaluate their importance. • Measure your current network security effectiveness. • Implement managed security monitoring. • Commence 24x7 real-time security surveillance of your network.
�IDS – Service Offering
HAWK Intrusion Detection Suite
• Monitoring and Analysis for any potential threats identified.
• Hands-off maintenance for signature/software updates, and more. • Protecting sensitive event details using encryption appropriately. • Easy to use setup menu for simple on-site installation. • Hardened Appliances aim at "un-hackable" status utilizing: • Host Operating System - Gentoo Linux Hardened • Buffer Overflow Protection:
• Address Space Layer Randomization • Non-Executable Pages of Memory • Stack Cookies (SSP)
• Additional Operating System securities:
• Access Control Limitations • All services run within “chroot” environments.
�HAWK MSSP – Packaged Solutions
HAWK Network Defense, Inc. provides several prepackaged, low cost solution:
• An optimized, cost-effective Snort IDS managed solution.
• Multi-tiered hardware and software acceleration and support. • Up-to-date and advanced signature rule-set management. • Implementation of your own IDS/IPS infrastructure. • Integration with our existing IDS/IPS monitoring infrastructure.
• Additionally Supported Security Infrastructure Vendors
• Cisco v4.0/5.0 Intrusion Detection integration, training and support. • McAfee Intrusion Prevention infrastructure integration and support. • Dragon IDS integration, training and support. • and many more.
�Event Correlation Architecture
HAWK Event Correlation: Enterprise Support Advanced Vendor Support Simple, pain-less integration Quick, On-site installation Infrastructure Planning
HAWK Network Appliance Multi-threaded, Optimized Intense Benchmark Testing Client Quality Assurance Hands-free Maintenance Emergency Support IT Incident Response
�HAWK MSSP – Additional Services
Vendor Event Correlation Solutions:
• Advanced Log Correlation for many resources or appliances:
• Unix/Linux/Solaris:
• remote syslog analysis. • agent-less, remote correlation via SSH2.
• Microsoft Windows NT 4.0/2000/XP/2003 and Vista:
• Agent-less correlation of Security, Application, and Event logs. • Client agent correlation of Active Directory, IIS, Exchange, and more.
• Routers, Switches, Firewalls
• Cisco Network Appliances, PIX/ASA Firewalls • Checkpoint Firewalls • SOHO Routers • and more.
�Long-Term Event Storage
HAWK Event Storage: 30-180 day Retention Policy HAWK Data Archive Mgr. Automated Scheduling Secure Policy Administration HAWK Data Archive Manager Multi-threaded Retrieval Automated Archive Mgmt. Calendar Mgmt. Interface Event Detail Encryption Archived Data Compression
�Enterprise ACL Group Policies
�Service Offering Commitments
We are committed to providing our clients with:
• We are committed to providing our clients with a reliability track
record of 99.9% Uptime. • Filtering out false-positives while maintaining our commitment to achieving zero false-negatives. • Service will ensure your network's integrity and give you the peace of mind that its monitored and protected. • Our services do not stop at intrusion monitoring but also incident response and forensic investigations. Including in-the-wild binary file analysis, reverse code engineering, and proper forensic procedure for court appropriate evidence. • Complimentary Incident Response Investigation.
�HAWK Network Defense, Inc.
Questions or Comments? For further information:
• Contact your HAWK sales representative. • Call Us 214/373-7100 • Email our Sales staff: • sales@hawkdefense.com
�Control Your Network!
Sales & Support HAWK Network Defense, Inc. www.hawkdefense.com sales@hawkdefense.com 214-373-7100
�