SMS – Security Managed Services

null

Provide services aimed at ensuring the level of security offered by the Systems / Applications / Devices used in the customer’s IT infrastructure

Meet the aim of PROACTIVE analysis of IT security systems and technologies other than those related to the typical functionalities of UTM devices (IDS, IPS, Web Filtering, etc.)

Introduce the concept of FAULTS management, as the configurations implemented by L&W

Allow the analysis and identification of anomalous behavior due to potential cyber attacks from the internet or intranet

Guarantee protection from recognized and identified vulnerabilities in MS systems that are obsolete or not aligned with released updates

Ensure the correct administration of the backup and DR processes by periodically certifying the outcome and reliability of the backups

SM

null
Service Manager

SD

null
Service Desk

SL1

null
Support Level 1°

SL2

null
Support Level 2°

SL3

null
Support Level 3°

REP

null
Reperibilità

MLW

null
Antimalware suite management
  • Check configuration of the antimalware suite (Trend Micro, Fortinet EMS) in compliance with the Best Practices indicated by the Vendors (2 every year)
  • Signatures management
  • Off-Line Client management
  • Alert management – analysis of CRITICAL notices generated by the antimalware suite
  • Security Policy (administration of permissions on Suite and Client Agent management)
  • Update software release (no cross-release upgrade) to apply Bug fixes released by the Vendor (4 every year)

SPM

null
Antispam suite management
  • Antispam suite configuration in compliance with the Best Practices indicated by the Vendors (2 every year)
  • Signatures management
  • Alert management – analysis of CRITICAL warnings generated by the Antispamsuite
  • Update software release (no cross-release upgrade) to apply Bug fixes released by the Vendor (4 every year)

BUG

bug
Bug management
SL1 + SL2 + SL3 support for the management of anomalies related to policies and configurations created / modified by L&W team

PTCH

null
Server patching management
  • Periodic patching management on SERVER systems (Microsoft) (4 every year)
  • Impact assessment of patching activities with definition and testing on Key Users
  • Planning activities with the customer and sharing outages

VBTY

null
Vulnerability management
  • Periodic scan of Vulnerabilities on Systems, Applications and Devices through dedicated L&W tools (2 every year)
  • Recognition and identification of Vulnerabilities
  • Analysis, evaluation and reporting on the state of exposure of the infrastructure and the security levels detected
  • Sharing of critical issues with the customer and identification of applicable countermeasures
    Support with GDPR compliancy

BCK3

null
Full backup management
  • Management and record of the infrastructure and backup processes (Logical Layout, Documentation of processes and procedures)
  • Sample Guest file and Guest OS restore test
  • Continuous check (8 x 5) on the correct execution and completion of scheduled Jobs (Backup, Copy, Replica)
  • Alert management – analysis of CRITICAL warnings generated by the Backup suite
  • Engagement of the SL1 + SL2 + SL3 teams for problem analysis related to the defined backup processes
  • Sharing the need for improvement on infrastructure and backup processes
  • Capacity management in relation to the target backup devices
  • Performance management

SOC

null
SOC Monitoring
  • CONTINUOUS (24 x 7) and PROACTIVE (8 x 5) Monitoring Service provided by the S.O.C. of L&W on SECURITY systems
  • Email notification of the CRITICAL alarms that determine the total or partial blocking of the functionality of the SECURITY Systems
  • Monitoring the reliability level of SECURITY systems and tools
  • Data analysis and correlation of Antimalware, Antispam, Patching and Backup systems
  • THREAT Analysis & Response – analysis and resolution of problems related to cyber threats
  • MALWARE Analysis & Removal – analysis of malware caught in the data flow

DSR

null
Incident management
  • INCIDENT management (10 every year) – Restoration of the Services and Features that have resulted in a total or partial blockage of the SECURITY Systems
  • Registration, classification and initial support, analysis and diagnosis, resolution and closure of the incident and sharing with the customer
  • Restoration of normal service levels, in relation to the Incident, according to the agreed SLAs

NOT INCLUDED

null
  • New Implementations / Configurations / Modifications / Custom and recurring Tuning
  • Activities of any kind relating to SECURITY Systems / Applications / Devices that are NOT explicitly contracted
  • Renewal or upgrade of maintenance software
  • Anomaly management on configurations made by third parties (No L&W technical staff)