The DIR Security Operations Center (SOC) provides services to Texas State agencies, local governments, public education entities, and special districts, such as hospital and water districts.
Network security is crucial to every organization, and DIR can help meet your network security requirements.
Under the Texas Government Code (TGC) 2059 directive, DIR provides the following services to eligible State entities:
- Network Security Monitoring, Alerting, and Analysis Services
- Controlled Penetration Testing (CPT)
- Vulnerability Assessment Service
- Enterprise-wide Network Visibility and Discovery Service
- Enterprise Intrusion Prevention Service (IPS)
To learn more, view or download the Network Security Report.
Other DIR Security Services, such as wireless assessment, training, hard drive degaussing, and policy support are here.
Network Security Monitoring, Alerting, and Analysis Services
Provides early warning for intrusions and Cyber attacks, as well as alerts to the proper authorities that facilitate appropriate countermeasures.
Network Security Monitoring, Alerting, and Analysis Services Benefits:
- Saves time with event correlation
- Integrates security analysis
- Saves money through reduced risk
- Meets audit requirements
- Prevents problems through early warning
- Alerts authorities of potential attacks
Controlled Penetration Testing (CPT)
The DIR CPT evaluates network vulnerabilities that are susceptible to attack from a malicious source. The service analyzes system configurations, software and hardware defects, and procedural or technical weaknesses. Conducted from a potential attacker’s point of view, the evaluation verifies and attempts to exploit actual security vulnerabilities. The purpose of a CPT is to assist the customer in determining their network’s vulnerability to attack, to identify at-risk confidential or sensitive data, and to provide suggested countermeasures to prevent intrusions or data loss.
- Evaluates network security from attacker’s perspective
- Determines vulnerability to attack
- Provides countermeasures
- Assists business impact analysis
- Documents findings
Vulnerability Assessment Service
Identifies, describes, and classifies specific technical security vulnerabilities in a network, computer, or communications system. Vulnerability assessments can predict the efficiency of proposed technical or configuration countermeasures and calculate their operational effectiveness.
Vulnerability assessments consist of five procedures:
- Definition and classification
- Relative levels of importance
- Potential threat identification
- Mitigation of serious problems first
- Minimization of business impact
- Vulnerability Assessment Service Benefits
- Identifies network hardware security gaps
- Prioritizes vulnerabilities
- Predicts value of countermeasures
Enterprise-wide Network Visibility and Discovery Service
Also known as network mapping, this service inspects network assets and identifies and measures relationships between known and previously unknown network assets, including connections, routers, and firewalls. This virtual map enables network and security teams to confirm whether assets are under management control. Unmanaged assets increase the risk of intrusion and service outages.
Visibility and Discovery Benefits:
- Maps network hardware, connectivity, and device configuration
- Creates interactive visualization
- Tests for data leakage
- Inventories network components
- Discovers unused ”dark space”
State Enterprise Intrusion Prevention Service (IPS)
Proactively identifies and blocks known threats to network security. Unlike an intrusion detection system (IDS), the IPS not only watches network traffic, it also takes immediate action based on the network administrator’s set of rules.
- Prevents malicious activities at multi-gigabit speeds
- Mitigates detected threats
- Blocks over 200 million attacks monthly
- Integrates with Vulnerability Assessment Service
- Benefits and Advantages
- Low (or no) additional cost
- Expert technical support
- Year-round services
- Consolidated analysis with other services
- Security event/policy expertise
State government leaders are concerned about the security of the information that they collect, process, and store. In response, DIR provides information security services specifically tailored for all of its customers: public educational entities, local governments, Texas State agencies, and all other eligible customers. In addition to general policy templates, an emergency alert system, and guidance on information security issues, DIR proactively works to prevent, reduce, respond to, and recover from IT-related threats and vulnerabilities to your network.
For more information, contact the DIR Security Division at:
DIR Security Operations Center (SOC)
1001 W. North Loop
Austin, TX 78756-2200