NetUtils launches ‘Platinum’ managed cyber security services to help large enterprises rationalise the new normal

Cyber security pioneer launches UK’s most comprehensive managed service offering 16 core features with 24/7 SoC to help larger enterprises strengthen their end-to-end cyber security posture

Kent, United Kingdom – February 2021, NetUtils, a leading IT specialist has launched the UK’s most advanced and highly integrated managed cyber security service aimed at helping larger enterprises to improve cyber security defences while reducing operational cost and complexity. 

The new “Platinum Tier” includes a fully staffed, 24/7 Security Operations Centre (SOC) and is backed by NetUtils continued certification around the ISO 9001 and ISO 27001  standards and as a registered  Crown Commercial Service supplier.

The new top tier service offers every element a large enterprise should deploy based on best practice methodology and includes Advanced Endpoint Protection, Vulnerability & Patch Management,

Managed Firewalls, Email Security Gateway, Privileged Access Management and Cloud Access Security Broker capabilities. The built-in SOC services provides full-time security monitoring across devices and applications including Office 365 along with structured Security Awareness Training sessions and ongoing helpdesk service. The Platinum tier is available at under £45 per user per month with significant discounts for larger organisations.

“Larger enterprises are faced with the dual challenges of managing more remote staff while still trying to deliver the core IT projects that are critical to the business. Our Platinum Tier Managed Cyber Security services are based on feedback from several enterprise customers around what they need – and is effectively a formalisation of a number of disparate services that we have been delivering successfully for many years.,” says Ashok Thomas, CEO for NetUtils. “When you look at the overall cost and especially when you factor in our 24/7 SOC capability, our Platinum service will typically save enterprises with a 1000 staff or more, hundreds of thousands of pounds each year in operational cyber security costs – with the assurance of transparent SLA’s and round the clock expertise.”

The new Platinum tier managed security services also aim to address several challenges that have accelerated due to the ongoing pandemic including critical digitisation projects, reduction in IT budgets and ongoing cyber security skills shortage. According to recent research by PWC, a consultancy, that questions over 3000 senior executives at larger organisations; 96% of executives have shifted their cybersecurity strategy due to COVID-19 while 55% of respondents lack confidence when their cyber spending is allocated towards the most significant risks.

NetUtils has built a reputation for technical excellence and is the most certified Juniper Networks partner in Europe and maintains over 420 industry and vendor accreditations within its team including CISSPs and CISMPsFortinet’s NS7, and Juniper JNCIPs. As part of the managed cyber security services launch, NetUtils has invested over £1.2 million adding more staff, enhanced training, and additional data centre capacity to meet growing demand. 

As David Bundock, COO for NetUtils explains, “Our top tier managed security service helps to address the operational challenges and skills retention issues that larger organisations are facing at a time when external factors such as COVID and Brexit are impacting core business processes. Our technical expertise and ISO compliant processes can help large enterprises improve cyber security though a trusted partnership that allows them to focus on their core business without compromising on active cyber security controls and monitoring.”

More information on the new managed cyber security services including the new Platinum tier is available via https://netutils.com/managed-service-bundles/

https://netutils.com/managed-service-bundles/

About NetUtils

NetUtils are a leading UK specialist integrator of network, security and data solutions for enterprise, telco, MSPs and ISPs. With more than 27-years history and over 400 enterprise and service provider clients including household names across finance, education, public sector, manufacturing, and healthcare, NetUtils brings its customers the depth and breadth of people, technologies and services to improve business performance in this ever-changing digital world.

NetUtils Media Enquiries:

Kara Jenkinson
Head of Marketing
t: 020 8783 3800 e: kjenkinson@netutils.com

w: www.netutils.com

SonicWall NetExtender VPN Client and SMA 100 Zero-Day

Cyber Security Threat Advisory
25th January 2021

*Update 1/25: From SonicWall, “While we previously communicated NetExtender 10.X as potentially having a zero-day, that has now been ruled out. It may be used with all SonicWall products. No action is required from customers or partners. Current SMA 100 Series customers may continue to use NetExtender for remote access with the SMA 100 series. We have determined that this use case is not susceptible to exploitation.”

Threat Update

SonicWall has released a statement regarding their investigation into a “coordinated” attack against their internal network that they believe made use of zero-day vulnerabilities in their remote access point products.

Technical Detail & Additional Information

What Is The Threat?

The statement released by SonicWall does not offer a detailed account of the breach or the vulnerability, however they do state that they believe the attackers utilized zero-day vulnerabilities for their NetExtender VPN Client and Secure Mobile Access platforms. These platforms are used by enterprise environments to secure access to their internal networks, so any unreported and unpremeditated vulnerabilities represent a significant security risk for any enterprise that utilizes their products. They also do not reveal any information about the nature of the breach and how their network was affected.

In their coverage of the incident, ZDnet reports that, “Multiple sources in the threat intel community told ZDNet after the publication of this article that SonicWall might have fallen victim to a ransomware attack”. This has not been substantiated by SonicWall at this time.

What Is The Exposure Or Risk?

Affected Devices:

  • NetExtender VPN client version 10.x (released in 2020) utilized to connect to SMA 100 series appliances and SonicWall firewalls.
  • Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances, and the SMA 500v virtual appliance.

According to SonicWall, the SMA 1000 series is NOT susceptible to this vulnerability.

What Are The Recomendations?

At the time of writing this advisory, SonicWall has not released any patch fix for the suspected zero-day vulnerability, however, they do recommend enabling MFA across all their devices. They have also provided the following remediations for each affected platform version:
SMA 100 Series: This product remains under investigation for a vulnerability, however we can issue the following guidance on deployment use cases: 

  • Current SMA 100 Series customers may continue to use NetExtender for remote access with the SMA 100 series. We have determined that this use case is not susceptible to exploitation.
  • We advise SMA 100 series administrators to create specific access rules or disable Virtual Office and HTTPS administrative access from the Internet while we continue to investigate the vulnerability.

References:

For more in-depth information about the recommendations, please visit the following links:

Advisory Source: https://getskout.com/cybersecurity-threat-advisory-0003-21-sonicwall-netextender-vpn-client-and-sma-100-zero-day/

Why Are So Many Organisations Turning to Managed Security Service Providers?

The technology industry is one that never stands still, but the cyber and security space specifically are even more fast paced than most other sectors of the industry. This in many cases can be attributed to the fact that the activities of cyber criminals are squarely focused on breaching enterprise security defences, because this is how they generate their income. Put simply your business is their primary target.

The pressures on IT operations, compliance and security posture are immense. Organisations constantly have to navigate the complexities of industry jargon and trends to keep abreast of the latest offerings and figure out the best fit for their business. This can be a full-time job in itself. But if IT is not your core business, then why should you burden yourself with managing it yourself?

The very nature of a Managed Security Service Provider (MSSP) is to alleviate the pressure by allowing you as a company to spend your time focusing on your core business, customers and innovation, in the knowledge that the necessary tasks that are required to keep your company safe and operational are in hand with the experts.

The Experts

An MSSP is a specialist, who’s core business is IT. As a result, you’re leveraging the expertise of a bigger team, who are up to date in all areas, that is, not just on general industry knowledge or the threat landscape, but also on the specific solutions and applications deployed within your business. It’s our responsibility to make sure the tools we use and the services we provide are always best of breed.

We spend the time and investment to train our teams, to get certified and fully compliant. We spend the time working closely with our vendor partners to understand the best ways of installing and using their products. We spend the time evaluating new and innovative solutions to the market.

We put in all the hard work, so you don’t have to.

Proactive Operational Efficiency

Managing the daily IT related tasks of most organisations can take most of the working day. Focusing on continuous improvements to revenue generating business critical tasks as well as customer service improvements, is what in many businesses determines their bottom line. It should not be surprising to learn therefore that most IT related operational improvements and security tasks can often be relegated to the back of the line. As long as things are working, then in many cases businesses are content and happy to focus their attentions elsewhere. Until of course something goes wrong.

By outsourcing the important IT operational management tasks to a trusted MSSP, you are ensuring that your IT environment remains operational at all times, because it is the responsibility of your provider to take care of security advisory notices, security patching, configuration management, access management, performance management, availability management, audit management and many other mundane but absolutely essential tasks to maintain a highly available and secure infrastructure. It’s our responsibility to be proactive on your behalf rather than reactive.

Speed of Implementation

It is no secret that there is a growing trend for many companies to outsource certain services, be that networking, telecommunications, cloud or security services. Besides the obvious cost savings and controls it affords, it certainly also helps free up internal resources and time. But there is one other major reason why MSSP services are being consumed at quite a staggering rate and that is speed.

Speed of implementation, widely known as how fast one can act on an idea, strategically or tactically, is often times what can set you apart from your competition. With the massive growth of cloud adoption and the improvements in its capabilities, we see a huge increase in the abilities of an MSSP to provision and deliver services to customers that would have previously taken weeks or months in only days and even hours in some cases. The reason for this is often that the provider has already provisioned its service capabilities ahead of time, so the service is simply ready to onboard new customers as and when they are ready. This of course takes a lot of planning and forethought on the part of the MSSP in order to be able to offer these ready to go services, so it can be said that the customers speed of implementing a new or replacement service is directly related to that provider taking earlier action.

We’ve launched 4 new managed service bundles to help small and medium sized businesses gain enterprise class technologies and services wrapped up in a per user per month price.

Priced from as little as £8 per user per month it’s never been easier or more cost effective to have the big tech normally out of reach to smaller businesses. These bundles combine between 4 and 16 cyber security services ranging from Endpoint Protection and Email Security Gateway all the way up to a fully-fledged SOC.

Secure Remote Access Emergency Readiness – Top Tips

How to ensure business resiliency, user productivity and security

Many circumstances and compliance obligations require organisations to activate or rapidly extend remote access capabilities as part of a business continuity strategy.  Beyond impacting user productivity, this emergency workplace shift can stress IT infrastructure and operations. With advanced planning, crises that require immediate, increased and varied remote access capacity should not increase threat exposure, cyberattack and data leakage risks.

Top Tips

Here are some important Secure Access Emergency Readiness tips to ensure business continuity, operational efficacy and protected accessibility.

Understand your remote access needs in terms of users, applications and resources in order to assess respective physical, virtual or user-based connection capacity and throughput. 

Identify key applications and resources, whether on-premises or cloud, that will require increased capacity and apply to an emergency capacity plan. 

Explore application and security tool license and capacity shifting options set in advance with your vendors to handle burst utilisation. 

Review and maintain application, data and role mapping to ensure users only access the resources they need, and have processes in place to quickly respond to user or role escalation and ad hoc privileged access and revocation. 

Consider virtual and cloud environment deployment and clientless mode to allow for more rapid on-demand deployment and scalability. 

Establish Disaster Recovery (DR) sites to provide secure access services in case of a primary site outage or failure and explore Secure Access solutions’ DR options for active/active or active/ passive modes. 

Build, publish and review emergency remote work guidelines, resources and communications. 

Activate advanced secure access usability features for streamlined access, such as: always-on, per-application and simultaneous tunneling, configuration lock down, clientless operation and online portals. 

Ensure emergency means to simulate on-premise access, including Layer-3 access to a specific subnet, HTML5 access to local machines, or Virtual Desktop Infrastructure by privileged users and technicians. 

Enforce endpoint compliance policy and activate self-remediation capabilities to reduce phishing and ransomware threats introduced by increased remote users and potential vulnerable devices. 

Invoke mobile device security options, such as mobile VPN, device security, segregating corporate apps and information, and data encryption to allow for broader for corporate and personal device use. 

Utilise Adaptive Authentication and User Entity Behaviour Analytics (UEBA) to better understand and react to new user/device usage, as well as unwanted and anomalous activity. 

Leverage usage analytics, bandwidth “throttling” and optimised gateway selection capabilities to better distribute workloads and to deliver “essential” applications to users without performance degradation. 

In a world where natural and man-made disasters occur, we want to help keep your business running effectively and securely so you can focus on what’s really important – and keeping your employees, friends, and family safe. If and when these unplanned events and disasters intensifies, organisations must adjust for increased stay, connect and work from home mandates. Beyond impacting user productivity, this emergency workplace shift can stress IT infrastructure and operations.

Download the Pulse Secure Solution Brief

Download the Secure Remote Access Emergency Readiness Solution Brief here to get these important tips to ensure business resiliency, user productivity, and continued secure access.

Webinar Recording: Secure Access has Never Been More Vital – Find Out Why With Pulse Secure

In this webinar recording you will learn:

• Why enforcing traditional IT rules on a tech savvy workforce is no longer necessary
• How transforming traditional IT into Hybrid IT can enable the workforce and maximise their productivity
• How IT can offer flexibility while ensuring compliance and full corporate policy adoption
• How IT can offer continuous secure access seamlessly to their workforce
• How Secure Access for the Next Generation is solving mobile productivity challenges for organisations today