Headquartered in Chicago, IL, onShore Networks is a premier provider of network management services. The company’s expertise is bringing managed network security into local and wide area networks, Internet connectivity, and colocation services to a wide variety of customers. Functions of a managed security service include round-the-clock monitoring and management of intrusion detection systems, firewalls, and network performance. “Managed Security is a process, not a product that we modify for better results and response” says Steven Kent, CTO, onShore.
A False Sense of Security
A national construction company initially requested that onShore evaluate their external security. From the client's perspective, having the right gear in place and periodically performing scans meant they were secure. However, this only meant that they were secure against current threats. They were lacking monitoring and measurement against baselines to handle any unknown threats and track them faster. The company soon engaged onShore to manage their security, monitoring intrusion detection and firewalls.
Talent and Tools
“We're always looking to be where the new demand is; and, to me, that means being in the area that has a little more complexity— that needs a little more talent and initiative. We do this by being in control of our tool development. We employ a full-time development team and use many open-source components that allow us to customize our solutions for clients or integrate them into systems that proprietary software wouldn't allow, all in order to make tools to empower our engineers,” says Valavanis.
“Our products focus on looking within the network as well as the edge. Unless you're analyzing what's flowing through your firewall, you're only doing half the job. You need to know that the traffic it's passing is traffic you want inside your network. It comes down to knowing your data flows and what is normal on your network. Then you can figure what is abnormal, possibly malicious. We continually re-establish these baselines and measure against them,” says Kent.
Going forward, onShore wants to utilize small, cheap sensors to capture more distributed data for mass correlation with core and edge network data and to give more powerful tools to their engineers, like heuristic threat detection. “Operate under the belief that you are already compromised, and now you need to isolate, control, and remove the threat that is already existent in your network. We need to move back into the network and understand that, in the current security landscape, you cannot make the assumption that, because you have a firewall and some edge IDS, you are now secure behind those devices,” concludes Kent.