We take security VERY seriously at Jade Networks. Networks around the world (including ours) are under constant attack from many different types of operators. From small criminal organizations to large organized crime and state sponsored activities the nature of the attacks continues to change and evolve all the time. The technical competencies of the attackers continues to get better every day.
Companies and organizations who try to defend their networks are having an increasingly difficult time keeping up with the rapid changes in the threats and how to defend against them. It is such a big problem that even within the computer and network security fields there are no companies claiming to have the answer to all problems. Most specialize in one or a few areas of security. Companies in this space face a constant need to learn, monitor and adapt to the ever changing threat landscape.
As can be seen by some of the more public breaches over the past few years even the very large organizations are susceptible to attack and theft of resources and/or data. No organization is completely safe. Smaller organizations lacking the same resources to apply to security face an even larger challenge.
We believe that the key to protecting networks and resources is obtaining current data from a range of sources and getting alerts to the proper people quickly. This data should come from three main areas: Network Management Systems, Host Security Monitoring (SIEM) systems, and Network Security Monitoring solutions. In addition to alerts the organization security policy needs to be integrated into these systems with as many threats being handled automatically by the various security and monitoring systems. Our belief is to PROTECT FIRST, and then VERIFY. This is contrary to the way security is handled by many organizations who rely on alerts to drive human involvement to shut down threats. The time delay in this approach is simply too long needlessly exposing the organization. There are chances where some resources may inadvertently be shut down with this approach however these temporary windows of interruption should be small and infrequent.
Jade Networks currently uses Host Security Monitoring and Network Management systems to monitor our networks. We are constantly looking to improve upon these systems with a new SIEM based solution currently being designed. The first version of this system should be operational by the end of 2015. We will offer services in this area shortly after. This system, in addition to traditional SIEM monitoring, will incorporate our SPAM prevention systems.
We are also currently working with several Network Security Monitoring solutions and our plan is to have NSM based solutions online and operational by the end of 2015.
Host Security Monitoring (HSM) involves the capture and analysis of logging data produced by servers, routers, switches, firewalls, and other network devices. Logfile aggregation is a core component of HSM however Security Information & Event Management (SIEM) systems are normally required for real-time as well as offline analysis and alert management.
Network Security Monitoring (NSM) involves the capture of live network traffic for either real-time analysis and/or traffic capture for later analysis. NSM incorporates Intrusion Detection Systems (IDS) but only as a component of a larger system. The larger NSM environment usually includes additional tools for the analysis of the data and packet capture and analysis.
Hosts who have been confirmed to be involved in direct attacks on our networks have their IP addresses blocked at our exterior firewall. These blocks apply to ALL protocols and completely isolate these hostile hosts from connecting to ANY Jade Service. IP addresses of hosts on this list can be found here.
Networks who have been confirmed to be involved in direct attacks on our networks have their IP address range blocked at our exterior firewall. These blocks apply to ALL protocols and completely isolate these hostile networks from connecting to ANY Jade Service. IP addresses blocks of networks on this list can be found here.
Procedure for requesting de-listing from one or more Jade Sitewide IP Block Lists.