Stateful firewall protects network by tracking and monitoring the state of the active network connections. It analyzes incoming traffic and looking for potential traffic and data risks. If incoming traffic is not part of the already existing session, then it is denied. This type of firewall runs at the transport layer. It delivers steadfast protection again multitude of DDoS and packet-based attacks, ports scans and other malicious reconnaissance activities.
Traditional firewalls do IP and port filtering as well as can track the existing connections (e.g. stateful firewall). With the rise of clouds use, introduction of next gen applications and services, IoT and anywhere-anytime access the scale of attack surface increases exponentially and regular firewalls are not enough to stop sophistically crafted malicious activity. Next Generation Firewalls (NGFW) go beyond regular firewall functionalities to address the modern and complex attacks. It includes not only stateful inspection but also have applications and services control and awareness. While identifying more than 3000 applications and protocols it uses traffic signatures (standard as well as customer defined) and IPS/IDS to identify and block traffic anomalies and suspicious behavior. NGFW provides multilayered approach and protection. It can be integrated with customer authentication and authorization mechanism already on the ground. Hence integrating itself into already existing security policies in place.
URL filtering is a security functionality which controls access to the web content on the Internet. It has sophisticated URL filtering and categorizing mechanisms to monitor and act upon (alert, block, drop, justify, reject) based on corporate business security polices deployed. This solution comes with multitude of preloaded categories and profiles helping to manage the web traffic in and out. Profiles are periodically updating reflecting changes in the Internet.
IP filtering is another security mechanism available at customer disposal. Sending and receiving traffic to and from IPs are effectively controlled or actioned upon on IP reputation and geo location. This feature is based on regularly amassed global data related to IP addresses worldwide. So it protects users from accessing concerning resources on the Internet as well as receiving questionable traffic from the latter. This profiles are updated periodically, but it also has an option of tailoring user specific profiles.
Antivirus (AV) service is a part of UTM solution. It is augmented with several heuristic and signature matching technics. Customized AV profiles can be created to satisfy customer particular needs. As part of the UTM service it can be activated momentary upon customer request, no truck roll is required. Antivirus submodule can scan and control Web and/or Email traffics.
IPS/IDS service is a part of UTM solution. It delivers detection, prevention and logging of
malicious traffic, malware activities and different kinds of vulnerabilities and attacks.
IPS/IDS can monitor and control not only the external traffic coming into the network, but also
internal activities. The solution is preloaded with multitude of profiles against different
sorts of attacks and malware, OS and Database vulnerabilities, lateral movement. The platform is
flexible enough to tailor a customized profiles for specific customer needs.
Next critical factor to consider when it comes to security is how agile your service is. How
fast you can respond to a security breach, be it an attack, unauthorized access, virus outbreak
or a corporate policy violation. Or how proactive your platform is. Consider a common scenario
whereby a remote branch has got a virus outbreak or is under the DDoS attack and the branch
doesn’t have a security appliance or it’s there but lacking the features (due to non-criticality
or some CapEx and OpEx matters). The branch is connected to regional HQ via a backhaul. In such
scenarios what can be frequently noted is that network resources are quickly exhausted (not to
mention more dangerous and hidden impacts such as lateral movements). Hence backhaul is choked
and branch is out of production. The next thing is the IT personnel is deployed to install the
appliance (if it is not there) or to procure the licenses required. This can take hours, days,
or even weeks.
Our SECaaS platform delivers an immediate effect with no heavy rolls-on involved. Customer can
deploy new features needed (DDoS protection, IPS/IDS, etc.) by just activating them on the
centralized dashboard. Platform immediately projects the services whenever they need it wherever
required.
Industries and businesses worldwide move to the clouds, shifting their workloads away from legacy and resource constraint infrastructures, making SaaS and IaaS inseparable parts of the business. The goal is to make the productions and operations efficient, cost effective and agile. In today’s hyper dynamic world, the organizations and companies are heavily dependent on data networks. And legacy networks are becoming a bottleneck, being not agile, hard wired and static, failing to scale and deliver performance. In today’s digitally scrambled world time to market matters. For successful business agility and adaptivity are KPIs to adhere hence enterprises can’t wait lengthy time (days, weeks, months) to bring the service up neither they expect heavy truck rolls involved. Our NaaS offer having SDWAN with an advanced networking at its core has made connectivity easier than ever. It provides secure, performance oriented and none geographically constraint services to any point that customer requires be it local, regional and beyond. Working on a hybrid infrastructure it is a robust and elastic delivering agile, speedy connections and cost effective deployments. Having network functions, services and connectivity delivered on the fly the platform NaaS allows companies to build their own networks absolutely with no (or little) hardware involved. All they need is the Internet at hand.