Security Operations Center

Based on our own research, as well as findings from different researches by IBM, Gartner and NCSC, we have concluded that many small and medium-sized companies have taken technical security measures, such as firewalls and antivirus software. These measures generate warnings, however these small and medium-sized companies often don’t have the time and/or specialization to monitor these warnings in order to respond adequately. To prevent or suppress a security incident, it is important to monitor these warnings, especially because they provide a timely indication of security incidents. We provide and relieve you in the field of implementation, monitoring, analysis, and we offer clear reports and recommendations where you need it! That’s our Security monitor service.

Basic
Security Monitoring

Advanced
Security Monitoring

Conditions

Firewall
Endpoint Security
EDR

Conditions

Firewall
Endpoint Security
EDR
Network Analyzer if possible on-premise
Honeypot if possible on-premise

Optional: Additional detection measures
for on-premise infrastructure excluding licences

Honeypot or Network Analyzer

Optional: Additional detection measures
for on-premise infrastructure excluding licences

Unlimited own resources**

24/7 Threat Protection EPP & EDR 24/7 Threat Protection EPP & EDR
Monday - Friday between 8:00 and 17:00 CET 24/7 Monitoring Responsetijd
Patch status report and advice Patch status report and advice
Monthly report Monthly report
SIEM SIEM

Incident response

Membership

Incident response

Membership
*The firewall and spam filter are not monitored by default with Basic Security Monitoring. However, these are required to be present. The Advanced security monitoring offers a connection of the firewall and spam filter to SIEM, providing the tool allows it.

**You can add your own resources to SIEM. Monitor costs and/or license costs will be specified.

Basic monitoring

With Basic security monitoring, we implement, monitor, analyse, report and advise on the basis of the notifications out of the monitoring tool (Dashboard) of the supplier, such as F-Secure, Kaspersky, SentinelOne, Checkpoint, etc. It is also possible to add 1 extra detection measure to the Basic security monitoring package. On the basis of your desires and demands, we will provide specific advice in a preliminary scope conversation. The EDR, EPP and, optionally, a Network Analyzer or the Honeypot are a good starting point for Monitoring. These cover about 80% security for you. We secure your infrastructure 24/7 with multiple professionals who are equipped to answer your questions. Do you want more security towards 100%? Then Advanced Security Monitoring might be of interest to you.

Conditions for Basic security monitoring (through us or already present):

• Firewall
• Endpoint Protection
• Endpoint Detection & Response

Optional on-premise detection measures:

• Network Analyzer or Honeypot

Advanced security monitoring

With Advanced Security monitoring, we implement, monitor, analyse, report and advise based on the notifications of the EDPR, EPP, Honeypot and Network Analyzer, which are connected to our SIEM. Additionally, Advanced offers more detection measures than Basic, through which we have near 100% insight into your network. . It is also possible to add your (existing) extra detection measures to the Advanced Monitoring package, provided that they can connect to SIEM. Finally, customized cases can be made, for example, on the basis of incident history.

On the basis of your desires and demands, we will provide specific advice in a preliminary scope conversation. With our advanced security, we monitor your Endpoints (Clients and Servers) and we offer detection on network traffic through the Network Analyzer. We don’t interfere with your existing production and/or test networks, from which the detection of the Network Analyzer is excluded. Another important detection measure is the Honeypot. This informs us about the actions on your network of which we know with 100% certainty that this should not have happened.

We detect and report to you when the SIEM, Network analyzer and/or Honeypot warnings stray outside the expected usage and will sit down with you to determine how and why this has happened. In case an incident has taken place, we will contact you as soon as possible to determine the next steps. With the Advanced Monitor capacities that we offer, you can sleep with peace of mind.s. We guard your infrastructure 24/7 with multiple professionals who are ready to answer your questions.

Conditions for Advanced security monitoring
(through us or already present):

• Firewall
• Endpoint Protection
• Endpoint Detection & Response
• Network Analyzer (if possible on-premise)
• Honeypot (if possible on-premise)

Optional detection measures

• We can add additional, optional detection measures for you

Management

We provide connections for the end points to the EDR environment and that these are monitored activelyWe make sure the endpoints are connected to the EDR environment and that they are actively being monitored. We also provide timely management reports and advice. Making a change after implementation of our detection measurements is not part of management and can be done with a limited use pass.

Monthly reports

Security risks are reported monthly, the impact and chances of which explained in understandable language. You can make decisions to undertake action on the basis of these reports.

Response time

We respond within 2 hours on high/critical security risks and incidents with a treatment plan, depending on the risk. In critical/acute cases, as per the agreement, we will take immediate action as part of the incident response. For this you can make use of our limited use pass or pay per hour.

We respond within 1 hour on critical security risks and on high security risks we respond within 2 hours. Other security risks are treated the first following working day within the response time, where we will check whether it is a false positive.

24/7 monitoring

Your infrastructure is monitored 24/7 for threats. Through the notifications we get, we are immediately made aware of anomalies in your infrastructure. If the situation requires, we will contact you in a timely manner, according to the agreement, to judge the anomaly or to remedy the attack with you..

Investment

Payment is done per 10 workplaces for €55 per month, and per 5 servers for €55 per month for the monitoring, analysis, reporting and recommendations at EDR/EPP. The monitoring costs for the honeypot are €35 per month and €82,50 per month for the Network Analyzer . These rates are excluding the costs for possible licenses for EDR, EPP and extra detection measures.

Extensive consultancy is included. For incident response, our hourly rate is €140* excl. VAT. The implementation costs are in consultation with you and are dependent on your environment. It is possible to buy at a lower rate through a ‘limited use pass’.
*€175 per hour excl. VAT outside office hours

Example:
Basic security monitoring

40 workplaces € 220,-
4 (virtual) servers € 55,-
Honeypot € 35,-

Total per month € 310,-

Including monitoring, analysis, report and recommendations.
Excluding possible licenses, limited use passes and implementation costs.

Example:
Advanced security monitoring

40 workplaces € 220,-
4 (virtual) servers € 55,-
Honeypot € 35,-
Network analyzer € 82,50
PowerBI Interactive reporting € 9,95
SIEM from* € 300,-

Totaal per maand € 702,45

Including monitoring, analysis, report, recommendation and extensive consultancy.
Excluding possible licenses, limited use passes and implementation costs.
Excluding setup

*’The SIEM costs are on the basis of data usage (GB) per month. The price is determined on the basis of history.

Would you like to know more?
Get in touch today.

{{ notification.title }}

Read in-depth articles

Do you want to know more about online security and our mission to make the internet safer for everyone?

Download whitepapers

Become our partner

Networking4all is ready to make the next entry in our timeline. We would love to include you in the next step as our partner. Do you want to read more about our mission and the possibility of a partnership?

Become a partner