MSSP FAQs

Frequently Asked Questions

  • What is i-Secure?

    i-Secure is the top Managed Security Service Provider (MSSP) in Thailand, established by network and information security experts, certified by international standards and experience in the field more than 10 years.

  • What is the i-Secure MSS mission statement?

    i-Secure offers a managed security service by technology, process and people which all can deliver the highest quality to our customers. We consider ourselves to be security professional and security outsources for customer to help them meet their security issue.

    Our core values are confidentiality, integrity on Log management, Security monitoring and Device security as they guide all of our actions to deal with customers relatively.

  • Vision MSS Statement

    To be the lead MSSP market in Thailand by:

    • Solving customer business problems
    • Communicating in meaning of security value,
    • Be Leadership and Innovation,
    • Excellence in service delivery and cost efficiency
    • Focusing on comprehensive security and experience
  • What differentiates i-Secure and services from other Managed Security Service Providers?
    • i-Secure has been recognized as the leader in Managed Security Services in Thailand since we started this market with no one. We also are supported by BOI (Board of Investment) to develop program to use for management, analyst, and monitor an information security calls “IntelligenceLogic” in 2006
    • i-Secure provides comprehensive monitoring and analysis of your organization’s devices such as Firewalls, IDS and Integrated Systems, helping to detect and respond to the most sophisticated and malicious hacker attacks and emerging threats. The service leverages i-Secure’s groundbreaking The SOC Technology Platform, providing real-time security monitoring and 24×7 expert security analysis of security device logs and alerts. i-Secure Managed Security Services enable customers to protect their infrastructure through expert monitoring and analysis to determine the frequency, severity and impact of Internet attacks against our customers’ business environments. I-Secure Managed Security Services make actionable security recommendations balanced by each customer’s specific vulnerability profile.
    • i-Secure provides proactive notification to our MSS customers regarding high risk Security Incidents, such as worms and blended threats. The sheer volume of data that i-Secure analyzes provides our MSS customers with a perspective that no other provider can offer.
    • i-Secure security experts have a deep knowledge of security products and technologies unparalleled in the managed security services industry. The MSS staff possesses a broad range of certifications in a variety of network- and security-related disciplines. i-Secure has the strictest hiring practices and never hires reformed hackers.
    • The Right unique combination of People, Process and Technology make i-Secure the right choice to secure the mission-critical infrastructure of your enterprise.
  • What differentiates i-Secure MSS from its competitors? 
    • Real-time, 24×7 fast, accurate and actionable information by Arcsight (SIEM)
    • Real-time view of security dashboard – Available through the Secure Internet Interface
    • Emerging Threats – Proactive actionable intelligence
    • Security intelligence, response and broad expertise across multiple security technologies.
    • Financial strength
    • The fact that i-Secure provides comprehensive Security monitoring and management
    • Extensive cross-correlation and data-mining abilities
    • Align with the highest SLA to ensure a service quality
    • SOC capabilities
  • What is security monitoring and management, as practiced by i-Secure MSS?

    Security Monitoring: As defined by i-Secure, Security Monitoring is the analysis of security data to detect and respond to signs of malicious activity. This includes data aggregation, normalization, data mining and correlation on a massive scale combined with expert analysis and fast, professional response. I-Secure takes in hundreds of millions of logs and generates over 10,000 Security Incidents every day, while ensuring that every Security Incident is fully analyzed, investigated, and interpreted in real-time.
    Security Management: As defined by I-Secure, Security Management includes the following elements:
    - Fault Management:
    • Device and interface uptime and connectivity notification
    • Fault Management of million security incident alerts
    - Configuration Management:
    • Firewall policy changes and IDS signature management
    • IDS, Firewall and VPN application and operating system modifications
    • Configuration backup (for quick rebuilds)

  • What Vendor products does i-Secure MSS support?
    • Firewalls:
      - Check Point
      - Cisco (PIX,ASA)
      - Juniper NetScreen
      - Sonicwall
      - Paloalto
      - Fortigate
      - Others
    • IPS & IDS:
      - McAfee
      - Radware
      - Snort
    • Integrated Security Appliances:
      - Cisco Ironport
      - Bluecoat Proxy
    • Platforms:
      - Windows versions
      - Linux
      - Unix
      - Sun Solaris
  • What methodology and architecture used by i-Secure to support your managed security services:
    • Security Monitoring and Analysis: I-Secure’s monitoring represents the state-of-the-art in analysis capability in the security industry.
    • Aggregation of Data: I-Secure’s SOC Technology Platform aggregates log and alert data through secure encrypted connections to your security devices, including the leading commercially available firewalls, network-based IDS, host-based IDS, Integrated Security Appliances, and other devices and applications.
    • Data Normalization: This data is then normalized across a distributed database architecture at a I-Secure Security Operations Center (SOC), where our Security Analysts see an uninterrupted view of network activity.
    • Data Mining and Correlation: The SOC Technology Platform then mines the ISA, firewall and IDS log and alert data for suspicious incidents using a variety of expert systems and anomaly-based advanced query sets. Signs of malicious activity are then correlated to other signs of related attack activity and known customer vulnerabilities prior to presentation as a single incident to I-Secure analysts.
    • Expert Analysis: I-Secure Security Analysts in the SOCs investigate these incidents in real time, using advanced query and analysis tools. The nature and severity of incidents are determined by considering many different criteria, such as attack source, destination, direction and customer’s security posture. I-Secure analysts rely on their expertise to weed out false positives, and then prioritize the remaining attacks according to a constantly evolving threat model that is customized to meet your needs.
    • Fast, Professional Response: Working closely with the customer, I-Secure Security Analysts take action to help defend against intrusions before a potentially crippling loss of information can occur.
    • Interactive Access to Your Sensitive Security Data: I-Secure customers can access and review their data on the SII, which includes the following features:
      • Real-time analysis, commentary, and recommendations by Security Analysts
      • Real-time security device log and alert data
    • Vulnerability Awareness: To better assess the risk posture and impact of security incidents, I-Secure can collect operating environment and vulnerability data from customers through regular scans of consenting customers’ Internet-exposed systems. I-Secure also undertakes scans in response to emerging threats on an ad hoc basis. When a customer’s network is scanned, I-Secure can often identify the available services, operating system and high profile and frequently exploited vulnerabilities on the host. The customer’s profile is constantly updated to reflect any changes to the network environment. With this information, I-Secure analysts can take into account the risk posture of the customer’s network when setting incident severity and providing recommendations.
    • Monthly Reporting: I-Secure also provides customers with consolidated monthly reports that summarize:
      • Details of malicious activity directed at the customer site.
      • Analysis and interpretation of significant incidents
      • Status of changes, upgrades, patches, and other related system maintenance activities
  • What are the customer responsibilities necessary for using I-Secure MSS services?

    Below is a list of customer responsibilities necessary for using I-Secure MSS services:

    • Customers are responsible for establishing and communicating to I-Secure escalation procedures that identify customer Points of Contact (POCs) who possess the requisite knowledge, skills and experience to appropriately consider, decide, and act upon I-Secure communications including, but not limited to, security alerts, recommended corrective actions, or various other recommended administration activities;
    • Customers are responsible for initially establishing and subsequently administering the access listing of their employees for hierarchical viewing of security event data via the Secure Internet Interface (i.e., SII);
    • Customers are responsible for establishing an entity-wide security program that considers the administrative, operational and technical controls to be implemented as the basis for management of risk to the organizational mission. Services provided by I-Secure should be appropriately considered as a component of the customer’s security strategy, not the security strategy unto itself;
    • Customers are responsible for providing I-Secure with appropriate, accurate, and complete network topology information so that sensors may be strategically located to minimize the risk of undetected attack attempts/successful attacks lodged against the customer’s network;
    • Customers are responsible for reviewing, understanding and agreeing with the confidentiality statements included in the I-Secure contract prior to commitment;
    • Customers are responsible for the determining and implementing controls to preserve the appropriate level of integrity, availability, and confidentiality of transactions flowing through the customer’s network;
    • Customers are responsible for managing their risk to determine how much managed services are appropriate for protecting their network infrastructure.