Managed Firewall Service
Firewall as a Service (FWaaS) is a technology that offers firewall and other network security as a cloud service, the migration to cloud-based platforms and the rise of mobile devices have led to a lack of a clear perimeter in networks, where users and applications can be safeguarded against cyber threats. This service is managed and operated by a professional security team from Zain SOC (Security Operation Center) located at The Bunker.
Service Benefits:
1. Better Disaster Recovery.
2. Comprehensive Protection Services.
3. Reduced Costs and Improved TCO
4. Simplified Management
Security packages include:
| Features | Bronze | Silver | Gold |
| Firewall Services | Yes | Yes | Yes |
| Policy Changes | Yes | Yes | Yes |
| NAT | Yes | Yes | Yes |
| stateful packet Inspection | Yes | Yes | Yes |
| Port Address Translation | Yes | Yes | Yes |
| Application Control | No | Yes | Yes |
| Web Filtering | No | Yes | Yes |
| IPS | No | Yes | Yes |
| Read access or co-administration | No | No | Yes |
| Dedicated VDOM | No | No | Yes
|
DDoS
The DDoS Protection Service aims to detect & mitigate threats such as DDoS, Botnets, Slowloris, Sockstress, Application Attacks, SYN Floods, Malformed SSL Attacks. It stops application-layer DDoS attacks and disrupts botnet communications at the enterprise or data center edge. It can also stop volumetric DDoS attacks.
Service Benefits:
1. Detect and block emerging application-layer DDoS attacks.
2. Deploy a turnkey solution to stop threats immediately.
3. Prevent illegitimate botnet communications by leveraging real-time security intelligence.
4. Mitigate volumetric attacks.
DDOS security packages include:
| Feature | Gold Package | Platinum Package |
| Blacklisting (Clients, Countries, IPs) | Yes | Yes |
| Layer 7 Application DDoS Protection | No | Yes |
| Atlas Botnet Prevention | No | Yes |
| Volumetric Attacks Prevention | Yes | Yes |
| Monthly Reporting | Yes | Yes |
| SSL traffic protection | No | Yes |
| Traffic Analysis Report | No | Yes |
| Cleaning | Cleaning | Cleaning |
| Phone Support | Yes | Yes
|
Penetration Testing
A Penetration & Security Test aims to proactively evaluate the system's security and discover possible weaknesses & newly discovered threats if any before an attacker exploits it. A security breach on a system may result in financial loses and negatively impact the organizations reputation and customer's trust, it also could result to legislation penalties.
Service Benefits:
1. Identifying possible vulnerabilities in advance.
2. Assess the possible business impact if an attack was successful.
3. Test the available security controls.
4. Avoid costs of network downtimes due to security breaches.
5. Preserve your organization's reputation and image.
6. Validate end user's adherence to information security policies.
Vulnerability Assessment
Service Benefits:
1. Identify the real, exploitable vulnerabilities.
2. Satisfy regulatory compliance requirements.
3. Supplement your team with dedicated vulnerability management experts.
4. Stay protected and take action against vulnerabilities.
5. Access information security experts 24x7.
6. Create a total network security and compliance solution by combining with other Managed Security Services.
Service Features:
1. Highly accurate internal and external vulnerability scanning.
2. Supports physical, cloud and virtual infrastructure.
3. Dedicated vulnerability management team provides expert guidance and support.
4. Policy and compliance scanning to satisfy PCI, HIPAA, and NERC CIP requirements.
5. 24x7x365 expert support by certified security analysts.
Sandbox & Anti-Malware
Value-added service available to Zain Customers to automatically execute, analyze, and characterize files that are suspicious but unconfirmed as malware in order to protect against zero-day attacks before.
Service Benefits:
1. Advanced Protection, blocking customized and unknown malware that evades real-time protection by other systems
2. Use of Artificial Intelligence (AI) to protect against un-known attacks
3. executes the suspicious content using a multi-stage data analysis process with machine learning, behavioral analysis, and other techniques to characterize and confirm previously undiscovered malicious content
Managed SIEM Services
The SIEM (Security Information and Event Management) Service uses a combination of highly advanced automated security analysis and human enrichment, to convert the huge volumes of data, enabling in-depth understanding of the nature and severity of the attack on an organization and practical, actionable recommendations as to how best to address the incident.
1. Improve productivity/effectiveness of the solution by proactively maintaining and monitoring infrastructure.
2. 24/7 intelligent analysis by dedicated Security Experts
Mobile App Security
The Web Application Security Assessment Service provides audits and tests to your web applications while providing actionable recommendations to protect your environment.
We deliver all web application security findings to you to implement risk management procedures or information security experts can assist in performing the implementations.
Service Benefits:
1. Assess your web applications for known vulnerabilities.
2. Identify business logical flaws before attackers do.
3. Validate the effectiveness of your perimeter controls.
4. Evaluate the security controls in place for your web applications.
5. Test to determine specific areas of weakness and their risk to your organization.
6. Get expert guidance and recommendations on what you should specifically do to improve security.
Managed Web Application Firewall
The Web Application Firewall Service aims to deliver the highest level of website protection against malware, website defacements, hackers and website blacklisting.
Service Benefits:
1. Website Attacks & Hacks Prevention.
2. Brute Force Protection & Prevention.
3. Detect and prevent new & unknown types of attacks.
4. Distributed Denial of Service Mitigation
Security packages include:
| (Web Application Security Packages) | Gold | Platinum |
| IP Reputation Security | Yes | Yes |
| Captcha Security Check | Yes | Yes |
| Blacklisting (Clients, Countries, IPs) | Yes | Yes |
| SQL Injection | Yes | Yes |
| Platform virtual patching | Yes | Yes |
| Monthly Reporting | Yes | Yes |
| BackDoor Protection | Yes | Yes |
| Cross Site Scripting (XSS) | Yes | Yes |
| Illegal Resources Access | Yes | Yes |
| Remote File inclusions | Yes | Yes |
| Layer 7 Application DDoS Protection | No | Yes |
| PCI 6.6 Compliance Reporting | No | Yes |
| Research driven security policies | No | Yes |
| Custom Security Rules (redirections) | No | Yes |
| Application Vulnerability Import Feature | No | Yes |
| SSL Support | No | Yes |
| Custom Certificate | No | Yes |
| Layer 7 Load Balancing | No | Yes |
| Phone Support | Yes | Yes |
| Support | 24x7 | 24x7
|
Managed Anti-Spam Service
Our Anti-Spam Service works by continuously detecting unsolicited and unwanted emails and preventing them from reaching your email inbox.
Because emails are widely used in today's business world, the risk of spam emails are highly spread and thus makes an anti-spam service a necessary addition to your organization's control measures.
Service Benefits:
1. Secure against spam emails & malware.
2. Secure against phishing email attacks.
3. Cover both inbound and outbound emails.