Network Security Services

EOTSS provides a suite of Network Security services to protect the Commonwealth network.

Firewall Management Services

The EOTSS Firewall Management services delivers around-the-clock security event and device health monitoring, management of upgrades, changes and patching, policy auditing, and intelligence-enhanced threat protection to help keep your environment safe.

Firewalls are a critical component of any security program, but require a heavy investment of time and resources to ensure policies and configurations are adjusted, firewalls are patched and updates are applied. 

Service Components
  • Real-time access prevention
  • Device management, monitoring and maintenance
  • Log collection and retention
  • Policy management and maintenance

Web Application Firewall (WAF) Services

The EOTSS Web Application Firewall (WAF) service provides real-time protection for applications against a whole suite of attacks, including the OWASP Top 10:

  • Injection attacks like SQL injection
  • Broken Authentication
  • Sensitive data exposure
  • XML External Entities (XXE)
  • Broken access control
  • Security misconfiguration
  • Cross-Site Scripting (XSS)
  • Insecure deserialization
  • Using components with known vulnerabilities
  • Insufficient logging and monitoring
WAF Clusters

The EOTSS Security Engineering team manages three (3) WAF clusters.

Two (2) of the WAF clusters make the on Premises Microsoft Exchange environment internet accessible for Outlook Anywhere, Outlook Web Access, RCP over HTTP and Microsoft O365 Hybrid mode (to create Exchange Mailboxes in O365 and migrate users from on-premises to Office 365). In addition, the cluster allows only specific authorized O365 servers to talk to the on-premises servers for SMTP.

The other WAF cluster is for servers that are hosted in the data center that require protection from a WAF. 

Service Components
  • Management, monitoring and maintenance of the WAF
  • Configuration of WAF policies to protect threats
  • Analysis of logs and reports to identify potential threats and to ensure proper tuning of protection policies
  • Capacity planning

Help Us Improve  with your feedback

Please do not include personal or contact information.