NETWORK SECURITY SOLUTIONS
In order to achieve a holistic network security approach, it is necessary to use different and/or integrated solutions in many areas for protection, detection, analysis and increasing network efficiency. TEKNOSER provides project design, installation, configuration and maintenance services with its technical experts that has international certifications.
DENIAL OF SERVICE (DoS)
Denial of Service (DoS) is a cyber-attack that aims to disrupt the services of an internet connected network temporarily or indefinitely, making the machine or the network resources unavailable to the users. Distributed Denial of Service (DDoS) attacks use multiple techniques aiming to prevent commercial use of internet or to damage the reputation of organizations by limiting their internet Access. Sometimes these attacks can be used to threaten the organizations to force them pay to stop, and sometimes, these attacks can be used to hide other attacks. Anti-DDoS products and services detect these attacks and decreases their frequency. Any website can be targeted by DDoS attackers. Sometimes the attackers aim out of web resources (e.g. firewalls) to prevent users’ internet access. DDoS mitigation services are very effective in decreasing the frequency of these attacks. For example, a good DDoS mitigation service can allow the organizations’ website to function during a full-scale attack. Organizations without DDoS mitigation services might face heavy financial damages in case of such an attack. In addition to that, if the organization fails to defend itself properly, its reputation might be damaged as well. For this reason, DDoS mitigation services are a valuable investment for every organization that needs to protect its website and internet access.
Partners:
FIREWALL (FW – NGFW)
Enterprise firewalls (sometimes referred as NGFW), are deep packet inspection firewalls that go beyond connection point / protocol inspection to prevent application level inspection, authentication and intrusion and block them by utilizing intelligence from outside the firewall. This extra firewall capabilities include cloud based advanced threat detection (ATD) and threat intelligence (TI). These technologies are advanced in time and helped them mostly replace stateful firewalls. The advancements such as the effects of the increasing number of services added to firewalls (such as the latest integrations with cloud access security brokers – the CASBs) and the public and private cloud domains, firewalls that creates competitiveness in the datacenter shows that this technology will lead the security market for a long time. For IaaS environments to fulfill its aim, enterprise firewalls need to have a soft integration with IaaS environments and better policy automation. Additionally, the rise of the encrypted traffic forces enterprise firewall companies to improve encryption capacity and performance of their products by hardware and software optimizations.
- 1st gen – Packet filtering FW: Address and port filtering with ACL, Network Address Translation (NAT)
- 2nd gen – Stateful Inspection FW; Session Control and IPSec VPN capabilities in addition to 1st gen FWs.
- 3rd gen – Unified Threat Management FW (UTM FW); Deep Packet Inspection and Session Control, IPS/IPD, URL Filtering, AntiSpam capabilities in addition to 2nd gen FWs.
Next gen – Next Generation FW (NG FW); App detection and control, SSL VPN, SSL traffic analysis, Threat Intelligence (TI), malware analysis with Sandbox capabilities in addition to 3rd gen FWs.
Partners:
SOFTWARE DEFINED WIDE AREA NETWORK (SDWAN)
SD-WAN products are expected to replace traditional branch routers. SD-WAN products can create secure paths on multiple WAN connections. SD-WAN products can be managed directly by organizations or with a managed service offering.
The difficulties in current WAN technologies
- Branch internet traffic load
- Difficulties in providing QoS due to the lack of application sensitivity on router
- Operational and management difficulties
- Branch security vulnerabilities (backdoor etc.)
- Dense usage of cloud services
- Lack of access flexibility
- Lack of WAN Optimization
It provides following features on top of others:
- Easy setup – Zero Touch
- Application detection sensitivity
- Dynamic link selection
- Combining different links on one SD-WAN link
- WAN Optimization
- Data transmission independent of the environment (ADSL, PON, 5G, 4G, ME, F/O etc.)
- Easy management
- Detailed traffic monitoring
- Added branch security
- Seclusion of branch traffic
Partners:
NETWORK ACCESS CONTROL (NAC)
Network access control (NAC) defines technologies that enable organizations to enforce policies to control access to corporate networks by both user-oriented devices and Internet of Things (IoT) devices. NAC solutions are used to profile and identify wired and wireless devices and evaluate their configurations. For example, organizations can choose to provide wireless LAN access to tablets and smartphones, but use different content variables (such as location, time / date, day of the week, or even device type) to determine whether the permissions are used only for internet access or access to the corporate network. In most cases, businesses can benefit from the integration of NAC with other security components. Many NAC manufacturers have integrated with SIEM, NGFWs and advanced threat defense (ATD) solutions. NAC use demands include access management from an external contractor or guest, and management of non-user-oriented devices such as IoT as well as increased visibility. The following features are important for effective NAC solutions:
- Policy lifecycle management
- Security posture control
- Guest management
- Profiling and visibility
IoT devices (for example, VCRs, CCTV and webcams, smart lighting systems, building automation and facility management systems) may be partially or completely connected to corporate data networks without IT awareness in the enterprise. A simple step to provide protection from IoT-based attacks will be appropriate network segmentation with NAC.
Partners:
NEW GENERATION INTRUSION DETECTION AND PREVENTION SYSTEM (NGIDPS)
IDPS technologies provide user visibility and content awareness by using advanced analytics such as UEBA, ML / AI, first-generation IPS capabilities (for example, detecting and blocking line-speed threats and vulnerabilities), as well as providing full visibility by recognizing the application. The development trend in technology is in the form of developing by new sources of information such as threat intelligence (TI), advanced threat detection (ATD), advanced analytics (ML / AI) sandboxing and payload analysis.
IDS / IDP is still widely used and has seen significant innovation with the use of advanced analytics such as machine learning (ML / AI) to deliver UEBA capabilities.
IDS / IDP is still widely used and has seen significant innovation with the use of advanced analytics such as machine learning (ML / AI) to deliver UEBA capabilities.
Partners: