Baseline Services are services supported by CEnet’s existing services catalogue. These features are typically available in tools and services already used by CEnet members or the broader Catholic sector.

Security Portal

A single reference point for the Catholic education sector, containing security artefacts and programme governance. For member dioceses, this also includes visibility into CEnet's own cyber risk management programme (dashboards and reports).

Phishing Take-down

This service works to reduce brand damage by requesting the removal of fraudulent websites (e.g. fake login prompts) through global CERT partners. The service puts the safety of our diocese and school brands at the forefront by acting on take-down requests if your diocese is affected.

Supplier Risk Management

Through the ST4S programme (a national, standardised approach to evaluating digital products and services used by schools across Australia and New Zealand), CEnet’s role is to act on behalf of the Catholic sector on the ST4S Working Group to steer operational aspects and assist in maintaining programme alignment with our sector, and promoting the uplifting vendor's security practices across the board.

Cyber Security Network (CSN)

A whole-of-Catholic sector collaboration and representation group built on top of the Slack platform for discussing IOC's, guidance and general cyber security news and awareness.

Automated Security Incident Notifications (ASIN)

Providing automated notifications to members dioceses based on threat intelligence received by CEnet systems and security partners.

Policy, Framework, Procedures & Models

A library of templated policies, frameworks, principles and guidelines for managing cyber programmes.

Secure Web Gateway

Sits between staff/students and the internet, at school and abroad, with advanced inspection of all web and network traffic for malicious content, providing visibility and allowing the enforcement of security policies.

Distributed Denial of Service (DDoS) Protection

Protects member networks and member services hosted on CEnet infrastructure services from distributed denial-of-service (DDoS) attacks.

Advanced Firewall as a Service (FWaaS)

A cloud-based firewall solution that provides advanced security features, such as intrusion prevention, web filtering, and application control as well as standard L4 firewalling capabilities.

Bandwidth Control

With bandwidth control you can create and implement granular policies that limit recreational or unexpected traffic and, give business apps precedence so they remain available if bandwidth is consumed.

Private Network Interconnects (PNIs)

A dedicated connection provided at CEnet’s Internet gateway between two networks that provides a prioritised connectivity path, and level of privacy and security immunity from default public transit internet paths (e.g. eavesdropping and DDOS).

Enterprise DNS Firewall

A security solution that allows for customised and categories filtering of DNS queries to protect devices, staff and students from online threats.

DNS Security Extensions (DNSSEC)

A security extension for the Domain Name System (DNS) that adds cryptographic security to the DNS protocol to help protect against DNS spoofing attacks.

Enterprise Identity Lifecycle Management

A standards based identity integration and lifecycle management system for managing identity governance (onboarding and off-boarding).

Enterprise Access Management

Providing cloud-based single sign-on (SSO), Multi-factor Authentication (MFA), Role-based Access Control (RBAC) and Resource Access portal for all diocesan and CEnet applications.

Automated DNS Blacklisting

An automated service that leverages security intelligence and other IOC's from various sources, and implements blacklisting of these on CEnet's broader network to prevent malicious websites and other online threats.

External Vulnerability Management

Discovery and alerting of common vulnerabilities on hosts published via public internet gateways by IP address and domain.

External Attack Surface Mapping

Provides a report that maps out what external systems relating to a diocese need to be reviewed and tested for security vulnerabilities.

Security+ Services are tools, services and capability not intrinsically available in the standard CEnet services catalogue and may require additional funding and/or introduction of 3rd party partners.

Information Security Management System (ISMS)

A cyber security governance, risk and compliance (GRC) management system (tool) for managing the practical security policy and framework implementation, with in-built reporting and controls management capabilities.

Secure Tier-III DC Co-location (CoLo)

Physical security by hosting core infrastructure and systems within a domestic, secure Tier-III data centre facilities.

24x7 Digital Forensics & Incident Response (DFIR) Retainer

A 24x7 retainer agreement with a security firm that provides both incident response services to react quickly and effectively without having to scramble and hire the necessary experts, as well as proactive security planning services to help bolster local security programmes, processes and awareness.