What is Managed Security Hardware-as-a-Service?

A 36-month bundle that combines enterprise security hardware (firewalls, EDR, HSMs, etc.) with licences, 24/7 management, and a refresh at month 30. You pay one monthly fee instead of buying the hardware outright.

Who finances the hardware?

Financing is arranged via our partner financial institutions and vendor leasing programs. nCrypt is the integrator, operator, and single point of contact.

What is the minimum term?

36 months. Shorter terms are not currently offered; the math of hardware + service + refresh requires 36 months to deliver the price points we publish.

Can we end the lease early?

Early termination is possible with the financing partner, subject to a buyout fee. We design bundles assuming full-term completion.

What happens at end of term?

Three options: renew with a fresh hardware refresh (most common), return the hardware, or buy out at fair market value.

Does this replace cyber insurance?

No — but most cyber insurers reduce premiums when these controls are in place. We supply attestations.

How does pricing compare to buying outright?

Over 36 months you pay roughly 115-130% of capex equivalent, but you also get management, refresh, and a single bill — typically a net saving once internal IT cost is included.

Is this available outside Malaysia?

v1 is Malaysia-only. We expand on demand.

What is included in 24/7 management?

Continuous monitoring, alert triage, change management, vendor SLA escalation, monthly tuning, and quarterly reviews.

Can we mix vendors within one bundle?

Yes. Most customers run mixed-vendor bundles — e.g., Sophos firewalls + Kaspersky EDR + Thales HSM.

How fast can we go live?

Single-site SMB: ~2 weeks from signed MSA. Multi-site Mid-Market: 4-8 weeks. Enterprise: 8-16 weeks.

Do you support BNM RMiT audits?

Yes. Every relevant category ships with an RMiT audit pack and we attend audit sessions as the technical operator.

What about data sovereignty?

All in-scope appliances are physically located on your premises (or our Malaysian DC for hosted SOC). No customer logs leave the country.

Can we co-manage the hardware?

Yes — co-managed access is standard. nCrypt retains operational SLA; your team retains read-access and emergency-override.

What if the hardware fails?

Vendor RMA + nCrypt-held spares (Mid-Market+). HA pairs eliminate downtime on critical categories.

Managed Security Hardware-as-a-Service

Enterprise cybersecurity hardware, fully managed.

Firewalls, EDR, HSMs, WAFs, backup vaults, NAC, SOC sensors, OT sensors, PAM appliances — leased on 36-month terms with monitoring, refresh, and a single monthly bill. From RM800/month.

Calculate my bundle Talk to sales

One bundle, four guarantees.

Hardware appliance

Sized and pre-staged by nCrypt. Vendor-warrantied. Refreshed at month 30.

All licences included

IPS, sandboxing, threat intel, EDR — sized to your environment.

24/7 management

nCrypt SOC monitors, tunes, and responds. Quarterly policy reviews.

Single monthly bill

Hardware + licences + management + refresh, one line item, predictable budget.

Nine categories. One contract.

Mix and match the hardware your environment actually needs.

Flagship

Firewall-as-a-Service

Sophos XGS · Fortinet FortiGate

Modern next-gen firewall hardware on a 36-month bundle. Zero capex. Includes SSL inspection, IPS, sandboxing, web filtering, and SD-WAN where supported.

Learn more →

Flagship

Endpoint-as-a-Service

Sophos Intercept X · Kaspersky EDR Expert

Full EDR/XDR coverage on every laptop, desktop, and server, with a hardened on-prem management appliance and 24/7 SOC eyes. Per-endpoint billing scales naturally with headcount.

Learn more →

Flagship

HSM-as-a-Service

Thales Luna Network HSM · Entrust nShield Connect

Tamper-resistant hardware for cryptographic key management, leased on 36-month terms. Required by BNM RMiT for licensed FIs and PCI DSS for any organisation issuing or processing payment cards.

Learn more →

Flagship

WAF-as-a-Service

F5 Advanced WAF · Imperva SecureSphere · Barracuda WAF

On-prem or virtual WAF hardware leased on 36-month terms with managed signatures, custom rule development, and PCI DSS Req 6.6 attestation support.

Learn more →

Flagship

Backup-as-a-Service (Cyber-Recovery)

Veeam Hardened Repository · Rubrik · Cohesity

Backup hardware that ransomware cannot encrypt or delete. Leased on 36-month terms with quarterly restore drills and documented cyber-recovery runbooks.

Learn more →

Service hook

NAC-as-a-Service

InfoExpress CGX · Cisco ISE

NAC appliances that authenticate, profile, and segment every device on your network — corporate laptops, BYOD phones, IoT sensors, guests. Leased and managed on 36-month terms.

Learn more →

Service hook

SOC-Sensor-as-a-Service

Custom-built sensor · Corelight · ExtraHop

On-premises sensor hardware capturing network metadata, plus nCrypt SOC 24/7 monitoring. Solves the "we can't send our logs to a US-hosted SaaS" data-sovereignty problem common in regulated Malaysian sectors.

Learn more →

Service hook

OT-Security-as-a-Service

Claroty xDome · Nozomi Guardian · Dragos Platform

Passive OT/ICS sensor appliance leased on 36-month terms, monitoring industrial control systems without injecting any traffic. Built for Malaysian manufacturing, oil & gas, utilities, and critical national infrastructure.

Learn more →

Service hook

PAM-as-a-Service

CyberArk Privileged Access Security · BeyondTrust Password Safe

PAM appliance leased on 36-month terms with managed onboarding, session-recording review, and integration with your existing IAM. Required by BNM RMiT for FIs managing privileged accounts.

Learn more →

Pricing tiers — built for your size.

SMB

RM 800 – 1,500 / month

< 100 employees · 1 site · 1-2 hardware categories

✓Single appliance
✓Business-hours support
✓Quarterly reviews
✓Refresh at month 30

Mid-Market

RM 1,500 – 4,000 / month

100-500 employees · 2-5 sites · 3-5 categories

✓HA pairs
✓24/7 support
✓Monthly tuning
✓Refresh at month 30
✓Co-managed access

Enterprise

RM 4,000 – 15,000+ / month

500+ employees · multi-DC · 5+ categories

✓Multi-region HA
✓15-min SLA
✓Weekly tuning
✓Dedicated analyst
✓Custom integrations

Authorised partner of

SophosKasperskyInfoExpress+ vendors via our financing partners

Frequently asked questions

Get your bundle priced in three minutes.

Tell us how many people, how many sites, and which hardware you want. We'll email a precise quote within 24 hours.

Open the calculator Talk to a human first