NETWORK SECURITY

Firewall, IPS, VPN, SSL

Firewalls are an indispensable part of network security. A firewall controls the traffic flow between networks within the framework of pre-defined rules thereon. Their most common purpose of use is protection of your organization’s intranet against Internet-based threats. They examine incoming traffic, compares it against the pre-defined rules , and accordingly either prevents or permits it, or otherwise transmits to other network security technologies for a different action.

Among the most basic capabilities of these products are: Access control, authentication and NAT. Today firewalls have many other capabilities besides these basic functions (such as VPN, SSL, IPS, URL Filtering, Web Security, Anti-Virus, Anti-Spam, Anti-Malware, Clustering, VOIP, etc.). Because of their capabilities beyond those of a conventional firewall, these advanced solutions are also called the “Security Gateway” or next generation firewall.

Our partner in the field

Firewall Rule Analysis and Configuration Management

Firewall rule analysis and configuration management solutions allow management of security policies available on firewalls, routers, VPN products and other related devices used in an organization and prevent security vulnerabilities that may be caused by incorrect rules. It will help you implement your network security policy easily by automating control processes that are labor-intensive and prone to errors.

Our partner in the field

Content Filtering / Proxy

Content filtering is applied in user e-mails and web access. The purpose here is to prevent contents such as spam, virus and malware from harming systems through both e-mail and web access.

Considering that today, there are new websites being opened constantly, website contents being changed instantaneously, and e-mails containing phishing and malicious codes changing their look and becoming wide-spread, it is crucial that content filtering solutions effectively keep up with this quick change.  Content filtering makes it also possible to prevent user access to non-work related websites and applications.

Our partner in the field

Malware Analysis and Prevention (APT)

Firewall, IPS, anti-virus and content filtering solutions capable of detecting malicious codes with signature-based methods fail to satisfy detection of malware developed exclusively for a specific organization. These so-called APT (Advanced Persistent Threat) attacks are also referred to as “zero-day attacks” as the signature has yet to be developed. Use of malware analysis and prevention solutions that run a copy of the traffic on virtual systems to examine its behaviors and stop it if they detect a suspicious situation makes it possible to prevent APT attacks.

Our partners in the field

forcepoint_bg-e1456412258739forcepoint-e1456412515658
sb_checkpointr_checkpoint

Security Incident and Event Management System (Log Management, SIEM)

Records kept on system components are used for several purposes such as troubleshooting, security, collecting evidence and compliance. Log management is one of the important components required for compliance with regulations such as ISO 27001, SOX, the Law 5651 and PCI DSS. It is possible to collect and record several information depending on the type of records kept, such as which systems users have accessed and when, system occupancy, performance values, tables accessed in databases, and changes made.

Log management is necessary, but not enough. Collected logs must be correlated, archived and reported. Security Incident and Event Management System (SIEM)  solutions make it easier to find information significant for the organization from among millions of lines of logs, thus allowing discovery of suspicious security incidents and sound security analyses.

Our partner in the field

Network Access Control

The common perception is that the attacks to corporate systems are coming from external sources. Yet, the primary threat is actually coming from the internal. If you do not know what is happening in the network, you cannot take precautions. It is crucial to get the outmost protection on the physical access jacks or ports (printers, IP Phones, CCTV cameras, TVs) in the unrestricted locations. For instance, malicious individuals can gain access into internal network resources using unprotected network jacks in a meeting room. Even if you have MAC control, they can copy MAC or IP addresses from other devices. You would need a true Network Access Control solution to overcome these penetration attempts. NAC solutions can see details of every device in the network and take automated actions towards unforeseen threats.

Our partner in the field

DoS/DDoS (Distributed Denial of Service) Protection

One of the common type of attacks today is DoS and DDos attacks.  These attacks aim to render the target system inaccessible/unavailable for a time.

DoS/DDoS protection prevents attacks targeting servers operating on the web.  These solutions make it possible to reduce response time of open connections, ensure protection against abnormal traffic and prevent DoS/DDoS attacks.

Our partners in the field

Vulnerability Management System

Vulnerability scan and management system solutions used to detect vulnerabilities in IT systems and network devices generally identify open ports on the system and identify vulnerabilities by simulating known attacks. They also enable management of vulnerabilities by work flows making it possible to assign vulnerabilities to respective system administrators for elimination.

Although most organizations outsource penetration and other security tests, there are also those that prefer to do them with their resources. Moreover, this approach is generally preferred because the systems are controlled more than once with different viewpoints.

Our partners in the field

sb_tenabler_tenable
qualyssbqualysrb

Network Security Level Identification and Test Tool

The network security test tool solution helps to identify necessary precautions before an attack takes place by testing how systems will respond to a possible cyber attack. It also constantly controls your security devices to ensure that they are accessible and operate efficiently against the latest attacks and allows you to fulfill the related requirements of the standards such as ISO 27001 and PCI DSS.

Our partner in the field

sb_picusr_picus

Security Delivery Platform

Security Delivery Platform connects into the network, both physical and virtual, and can be configured to deliver traffic to all of the applications that require it. Security appliances simply connect into the platform—at whatever interface speeds they are capable of—to receive a high-fidelity stream of relevant traffic from across the network infrastructure. This platform also extracts flow-based meta-data from network traffic, which can be routed to various security tools for analysis.

Our partner in the field

gigamon2gigamon

Deception-based Threat Detection

You may use honeypots to track and gather information about malicious users trying to gain unauthorized access to your Information Systems. Honeypots can help you identify the attack techniques and hence lead you to take precautions before any compromise. Using baits, attackers will take all their time to hack the honeypot. Meanwhile, you can apply patches and improve your security.

Our partner in the field

Threat Intelligence Solutions

In conventional warfare, the more you gather intelligence from opponents, the more you become invulnerable to attacks. The same applies to cyber security. Getting aware of the preparations for a possible attack to a company or executives provides great advantage for getting ready to protect your assets. Threat Intelligence solutions collect data from open and dark web sources, and makes it human readable and ready to analyze with machine learning, as well as they provide real-time integration with existing security systems.

Our partner in the field

Backup and Recovery of Network Devices

Your configurations and rules may be completely erased due to a hardware or software issue that may occur on the device. Because of this, your network may become unprotected. You should take a backup of your network device periodically or after each change and keep it in a safe place. Backup and storage may not be an issue for an organization with few devices, but in organizations with complex structures and devices, you should choose solutions that automate safe storage, monitoring and restoring.

Our partner in the field

WAN Optimization and Software-Defined Edge solutions

Access to applications in organizations using WAN (Wide Area Network) has always been challenging in the remote locations. Productivity has always been reduced in the remote office environments due to insufficient bandwidth, slowliness of Internet speed, or interruptions in the line. In order to increase productivity, the related application can be installed in the remote office environments, but in this case, providing the maintenance and support of the relevant application and infrastructure may incur additional costs. In addition, it is necessary to carry this information securely to the primary data center in order to have redundancy and integrity.

One of the ways to improve communication between the primary datacenter and the remote office environment is WAN optimization. With WAN optimization, unnecessary and dirty communications of protocols are not sent through the network. At the same time, by compressing the traffic, the same traffic can be transported with a lower bandwidth, no need to invest additional bandwidth. In addition to WAN Optimization, application access to users in remote office environments can easily be accessed by endpoints with software-defined edge solutions. With SD-Edge solutions, you can converge remote storage, server, backup and networking infrastructure into one appliance, which eliminates the need to access primary datacenter. The company data resides in primary datacenter and in the solution where it is optimized and securely send to primary datacenter. Hence corporate data is secure. With this solution, IT professionals can achieve agile IT with instant provisioning of new network services, line of business apps and entirely new sites and minimize operational costs.

Our partner in the field