Escolar Documentos
Profissional Documentos
Cultura Documentos
NESA stands for National Electronic Security Authority and is a The UAE IA Standards promote a life cycle approach for
government institution that aims to provide strict guidelines to establishing, implementing, maintaining, and continuously
organizations for keeping their information security capabilities in improving Information Assurance. This life cycle approach
line with the highest standards to avoid cyber security threats. ensures continual improvement of the UAEs Information
The compliance requirements are outlined under the UAE IA Assurance capabilities based on well-defined activities.
Standards which require organizations to implement them across
their information assets and supporting systems. UNDERSTANDING an entitys and/or sectors information security
requirements and the need to establish a policy and objectives for
Compliance with NESA UAE IA Standard is mandatory for all UAE information security
government entities and other entities identified as critical by
NESA as it is an essential facet of the National Cyber Security CONDUCTING risk assessments, identifying appropriate risk
Strategy and also form as the minimum requirements for treatment actions, and selecting controls to manage the risks
integrating the Sector and National platforms. For all other UAE
IMPLEMENTING and operating security controls to manage
entities, NESA highly recommends following the guidelines on a
information security risks in the context of the entitys or sectors
voluntary basis, in order to participate in raising the nations
overall business risks
minimum security levels.
A fully managed solution for cyber security compliance requirements of NESA UAE IA Standard.
Paladions sophisticated expertise in cra ing information security solutions for enterprises gives it immense credibility to enable
organization meet NESA compliance standards. Our NESA compliance serviceincludes industrys first fully managed solution called NESA
Compliance Management Solution (NESA-CMS). This is a one-stop package for entities who are mandated by NESA to demonstrate their
compliance to the stringent cyber security requirements of UAE IA standard. It is extremely important for entities to understand that
demonstration of initial compliance will be start of journey and not the end. Entities will have to annually showcase their sustenance and
increasing maturity of cyber security controls to the sector regulators and in turn to the NESA authorities. To this end, managed model of
NESA-CMS will be an extended arm to the entities to e iciently and e ectively manage their compliance requirements on an ongoing basis.
https://paladion.net/nesa-compliance-service-uae/ 1/8
11/07/2017 NESA Compliance Service - Paladion Networks | UAE
MANAGED NESA GRC MANAGED NETWORK MANAGED ENDPOINT MANAGED MOBILE MANAGED SECURITY TESTING &
SECURITY SECURITY DEVICE SECURITY MONITORING
NESA GRC Perimeter Security Endpoint protection Mobile Device Management Security Testing
Implementation
NESA Compliance Audit Web Proxy DLP Mobile Application Security Log collection & analysis
Support Management
Ongoing Sustenance of URL Filter Patch Management Mobile Email Management Log Retention
NESA GRC
Remote User Access Client VPN Mobile Endpoint protection Brand Monitoring
Security
Paladions NESA compliance service includesimplementing entities with the flexibility to choose the desired solution component as per their
business & compliance requirement.
Partners
https://paladion.net/nesa-compliance-service-uae/ 2/8
11/07/2017 NESA Compliance Service - Paladion Networks | UAE
As part of Paladions NESA compliance service, wewill develop and implement all P1, P2, P3 and P4 controls prescribed by NESA UAE IA Standard
Priority Level P1 P2 P3 P4
Number of Control 39 69 35 45
The above set of 188 controls includes 35 mandatory controls referred as Always Applicable, as these represents requirements for instituting
foundational IA capabilities within an entity. Given their foundational role, the Always Applicable security controls needs to be implemented by
each relevant entity regardless of its risk assessment outcomes. Applicability of the rest of the 153 security controls are decided as an output of the
risk assessment results by taking into consideration specific business and operational context of the entity.
The implementation of Solution Component-2 will include deployment & ongoing administration of perimeter security devices e.g. firewall & IPS, web
proxies, URL filter, Wi-Fi security, remote user access security etc. Implementing entities will have the choice to select the desired technologies as per
the technology requirements of UAE IA Standard.
We provide all the services that you need for robust protection
of your network security on 247 basis network security
management, operations, monitoring & support from our ISO Botnet Filtering
27001 certified SOC managed by security experts to give you
peace of mind that your network is protected against threat at
all times.
Geo-IP Filtering
Pre-configured policies & rules based on industry best practices
that can be modified to suit your requirements.
Easy policy & configuration management, monitoring,
enforcement and prompt response in case of any events. Proxy Caching
https://paladion.net/nesa-compliance-service-uae/ 3/8
11/07/2017 NESA Compliance Service - Paladion Networks | UAE
You get access to our Customer Portal which provides real-time Reports & Dashboards
security and service delivery visibility into the status of your
network security and other security services delivered by
Paladion OnDemand. This helps you achieve a better & unified Policy and Configuration Management
control on your security outcomes.
The portal can be accessed from anywhere at anytime, thus
providing an Always-on 24x7x365 Visibility of your security
Customer Portal
posture with respect to network security. Customers can use
the portal to view security and compliance reports &
dashboards, and also interact with our SOC through ticketing
workflow management. Wi Fi
The implementation of Solution Component-3 will include deployment & ongoing administration of endpoint protection solution, DLP agent, patch
management solution, backup & restoration solution, client VPN etc. Implementing entities will have the choice to select the desired technologies as
per the technology requirements of UAE IA Standard.
Partners
https://paladion.net/nesa-compliance-service-uae/ 4/8
11/07/2017 NESA Compliance Service - Paladion Networks | UAE
Application Control
Continuous 24x7 Protection
We provide all the services that you need for robust protection Patch Management
of your network security on 247 basis network security
management, operations, monitoring & support from our ISO
27001 certified SOC managed by security experts to give you Desktop Compliance
peace of mind that your network is protected against threat at
all times.
Pre-configured policies & rules based on industry best practices
IT Usage/Productivity
that can be modified to suit your requirements.
Easy policy & configuration management, monitoring,
enforcement and prompt response in case of any events.
Back-up (local)
workflow management.
Customer Portal provides you with a complete, 247 visibility Customer Portal
into the outcomes of network security services, with on-
demand reporting.
You get intuitive and easy-to-read reports and dashboards to
meet the requirements of management as well as technical
personnel and several regulatory requirements.
You can get to see several pre-built reports and dashboards, as
well as define your own custom reports and dashboards.
https://paladion.net/nesa-compliance-service-uae/ 5/8
11/07/2017 NESA Compliance Service - Paladion Networks | UAE
The implementation of Solution Component-4 will include deployment & ongoing administration of mobile device management solution, mobile
application management module, mobile email management module, mobile browsing management module, mobile endpoint protection module
etc. Implementing entities will have the choice to select the desired technologies as per the technology requirements of UAE IA Standard.
https://paladion.net/nesa-compliance-service-uae/ 6/8
11/07/2017 NESA Compliance Service - Paladion Networks | UAE
The implementation of Solution Component-5 will include deployment & ongoing administration of security testing e.g. penetration testing,
application security testing, configuration review etc., security log collection & analysis on a 24/7 basis, log retention, security incident management
support, brand monitoring service e.g. phishing monitoring, website malware monitoring etc. Implementing entities will have the choice to select the
desired technologies as per the technology requirements of UAE IA Standard.
https://paladion.net/nesa-compliance-service-uae/ 7/8
11/07/2017 NESA Compliance Service - Paladion Networks | UAE
demand reporting.
You get intuitive and easy-to-read reports and dashboards to
meet the requirements of management as well as technical
personnel and several regulatory requirements.
You can get to see several pre-built reports and dashboards, as
well as define your own custom reports and dashboards.
In summary, NESA-CMS included in our NESA compliance service can provide implementing entities with a fully managed solution for cyber security
compliance requirements of NESA UAE IA Standard. Paladion is privileged to o er consulting services to help organizations meet regional &
international compliance regulations and laws. With over 15 years of experience in the information security industry, we know first-hand the
challenges and errors in protecting your information assets.
https://paladion.net/nesa-compliance-service-uae/ 8/8