Services and Solutions

Network segmentation and micro segmentation

A new approach to the most popular tool for information security risks reduction: micro and targeted segmentation based on various levels of trust and high-performance enhanced security.

Smart segmentation of network and infrastructure assets regardless of their location, local or across multiple cloud deployments. Dynamic and through access control setup by periodic monitoring of the level of trust and appropriate adaptation of the security policies. A high-performance, advanced security system isolates critical IT resources, enabling rapid detection and prevention mechanism of threats using modern analytics and automation systems.

On-premises and virtualized appliance intent-based segmentation provides end-to-end segmentation that extends networks and geographic boundaries.

Scope:

  • Next generation firewalls
  • IPS
  • VPN
Services and Solutions

Centralized monitoring and management

As companies grow, so does the number of network and security devices involved into business operations. Which in turn creates difficulties with managing of a large fleet of devices, collecting information about security events and conducting analysis. These difficulties are primarily associated with the lack of resources of security groups to adequately respond to all increasingly complex cyber threats.

An obvious solution to this problem is the centralization of Network and Security Management (NOC-SOC) system.

By deploying centralized network management, security, and analytics capture capabilities at the company.
Centralization of management and analysis helps companies optimize and automate security, gain greater awareness of security processes and events, and reduce response time to threats.

Benefits:

  • Centralized management of policies and facilities. Prompt creation and change of policies / objects
  • Automation – Templates and scripts for automation of device provisioning and policy installation using the JSON or XML APIs
  • Device and role based administration
  • Centralized software updates and security updates for managed devices
Services and Solutions

Next Generation Firewall (NGFW)

Traditional firewalls and point-to-point information security solutions do not have the features and capabilities that are needed nowadays for reliable protection of organizations against new, high complexity threats.It is crucial to keep in mind that any security breach can lead to downtime, lost opportunities and loss of confidence in your business.

We offer next-generation enterprise network security solution which supports flexible scalable deployments anywhere in the network – from remote branches to headquarters, from data center to internal network segments and cloud deployments. Next generation firewalls provide automatic tracking of security events for cloud applications, IoT devices, and can also be used as a centralized monitoring system for small enterprises.

Implementation of such solution works without sacrificing the productivity of the network.

Benefits:

  • High degree of advanced technologies integration in one device
  • Threat monitoring, control and prioritization of vulnerabilities remediation
  • Detection and protection against emerging threats
  • Minimal false positive triggering
Services and Solutions

Unified threat management (UTM)

A limited budget for problem troubleshooting capabilities related to the protection of enterprise IT assets is a common problem for many companies.
The presence of several individual devices, each of which is designed to perform specialized tasks, such as spam filtering or anti-virus protection, does not facilitate function, increasing the cost and complexity of management.

The development of the Internet of things and the use of public clouds erode the traditional security perimeter of the network and open up opportunities for hackers to create new penetration strategies. These trends force the use of more complex and expensive integrated IT security solutions.

To address these security concerns, we introduce Unified threat management (UTM) solution in conjunction with the new generation NGFW firewall.
The purpose of such systems is to provide the most complete set of functions and security utilities (antivirus, antispam, content filtering and web filtering) in one device to maximize the capability to protect against possible attack vectors and attack methods, both external and internal.

Benefits:

  • Antivirus protection, malware protection
  • Prevention of information attacks
  • Enhanced web filtering
  • Automatic updates
  • Single pane of management
Services and Solutions

Encrypted traffic inspection

The ever-increasing volume of HTTPS traffic creates new threats and opens new possibilities for the confidential information leakages and databreach. All these threats can be out of the scope of security devices being encrypted with SSL/TLS protocol.

Encrypted traffic inspection allows to analyse of encrypted traffic for potential threats, which drastically increases the security of IT assets.

SSL inspection is usually implemented on NGFW / UTM devices at the perimeter of the protected network.
Validation is done in accordance with a set of rules that determine the type of SSL traffic being analyzed and its security criteria.
The analysis is performed using UTM software components that support the inspection of encrypted traffic: application control, URL filtering, IPS, DLP, antivirus and anti-botnet functionality.

Benefits:

  • Data leak protection
  • Detection and control of unwanted connections and malicious activity
  • Detection and monitoring of network activity and unwanted or malicious applications
  • Encrypted trafic analysis
Services and Solutions

Confidential information leakage prevention

Valuable information leak prevention may occur as a result of a targeted attack, or due to the negligence of employees siphoning valuable information to third parties in an uncontrollable manner.

However, statistics shows that more than 80% of incidents related to data theft are caused by internal events, the sources of which were legal users of the company, when most of the traditional security tools are aimed only to protect against external threats.

To eliminate the threat of theft of valuable information it is strongly recommended to use the DLP system (Data Loss / Leakage Prevention).
These are hardware and software technologies that monitor the most probable leak channels and identify data by degree of confidentiality.

Benefits:

  • Monitoring and blocking of incoming and outgoing messages of employees
  • Monitoring and blocking the sending of files to external media
  • Monitoring and control of network storages and web resources
  • Control of voice and text messages transmitted via SIP
Services and Solutions

Two-factor authentication solution

Due to the wide spread of malware and phishing sites that can easily intercept complex passwords, a one-factor password authentication system is not able to provide secure access to corporate resources.

For reliable data protection, you need to use two-factor authentication solutions to confirm the identity of users in reliable manner.
We offer modern two-factor authentication systems that offset the shortcomings of the classic password system.

The first factor of such a system is the username and password, and the second is a one-time, limited-for-life access code in the form of a smart message that is randomly generated and which cannot be intercepted. This allows you to reliably protect data from potential intruders.

Benefits:

  • Intuitive, centralized authentication and authorization services
  • Two-factor authentication and token management
  • Single sign-on (SSO) for web / cloud and network resources
  • guest access management, BYOD and certificate management
  • Ease of protection and transparent licensing
  • Security feeds integration
Services and Solutions

Local Area Networking and Remote Access

Supporting a single transparent security policy and appropriate access control for users, software and network software, regardless of their location, in the corporate environment is an important aspect of information protection.

We develop solutions for building secure networks of any complexity.

Benefits:

  • A variety of VPNs based on IPsec or SSL Unified management for effective crypto VPN control, routing and firewalls
  • Hardware encryption support
  • Integrated data transfer security: “application-application”, “user-user”, “user-machine”, “machine-machine”