NETWORK SECURITY

Today, everyone has access to the web from virtually everywhere thanks to laptops, tablets and smartphones. Therefore, control over who and under what conditions has access to your network is crucial.

Thanks to the NAC system, you can:

• introduce access standards to your network by parameters such as: user account, device type or operating system,
  • introduce the access level based on the above parameters, e.g. division into employees, contractors and guests,
    • mitigate threats by quarantining/blocking devices that do not meet security standards.

    If you care about gaining visibility and control over the network access methods in your company – NAC is the first step.

     

    Use cases for Network Access Control:

     

    What is Network Access Control

     

Proofpoint Web Browser Isolation (PWBI) is a web isolation that helps minimize the attack surface and provides complete browser security. Web Browser Isolation. Integrates with Targeted Attack Protection to provide adaptive controls that allow corporate email to isolate URL clicks based on the user’s risk profile or the URL itself.

Key features include:

• Protection against potentially malicious URL links in private webmail (PBI includes Email Isolation) through URL isolation technology.

• Blocks the ability to open external content, such as JavaScript or Active Content, on corporate devices.

• “Kills” user browser sessions when they are terminated and opens new browsers for each new session.

Intrusion Prevention System (IPS) systems are a response to advanced network attacks which used evasion techniques to avoid security found in traditional firewalls.

Thanks to apply of both – signature and heuristic analysis, they are able to detect both known and completely new zero-day attacks. IPS will allow you to:

• protect the network from exploitation of vulnerabilities using two mechanisms: signatures, code&behavior anomalies;

• automate incident responses based on historical events data.

IPS is the next step in the evolving landscape of network solutions.
– advanced heuristics, access to daily updated signature databases, granular access policies are just a few of the options they provide. Our experts will help you adjust the configuration based on the wealth of experience from hundreds of use cases introduced so far.

What exactly is an IPS:

McAfee Network Security Platform

What is an Intrusion Prevention System (IPS)?

Intrusion Detection System (IDS) are network devices that increase the security of computer networks by detecting attacks in real time. The essence of IDS is to use advanced network traffic analysis tools to monitor and notify – not block suspicious traffic. The main role of intrusion detection systems is the detection and cataloging of suspicious packets and breach attempts, such as cryptographic algorithms or firewall by-passing.

IDS is best suited for organizations where:

• blocking the traffic could be harmful to business – e.g. connection with a potential client or server providing the service;

• the recommended defense-in-depth approach is used if the attacker exploits a firewall vulnerability from a given vendor, an IDS from another vendor detects the attack.

IDS is able to provide visibility in terms of threats in network traffic using tools such as pattern recognition, dictionary methods, anomaly detection or heuristic analysis (consisting of defragmentation, combining packets into data streams, analyzing packet headers and analyzing application protocols).

The Evolution of Intrusion Detection/Prevention: Then, Now and the Future

Next-generation firewall is part of the third generation firewall technology, combining the traditional firewall with other network device filtering features such as application firewall with built-in deep packet control and intrusion prevention system.

It is a network security device that provides capabilities that go beyond the traditional state firewall. While a traditional firewall typically provides stateful control of inbound and outbound network traffic, next-generation firewall includes additional features such as application recognition and control, integrated intrusion prevention, and cloud threat intelligence.

Secure Web Gateway is used to monitor and restrict the traffic of suspicious malware and data before entering or exiting an organization’s network. Secures your network against Internet threats or malicious threats from Internet services and websites.

Unlike Firewall, the secure web gateway covers the inside of the application layer – 7 of the OSI model:

• URL filtering and dynamic website reputation assessment,

• data leakage prevention (DLP),

• Application-level control and detection of malicious code through page content analysis.

The key is to focus on data analysis at the application layer to block the threat, and not to block a suspicious connection attempt as in firewall devices.

An important advantage of this technology is the possibility of hybrid implementation – users working inside your network will use a stationary implemented proxy as “exit” to the Internet, and on devices outside the network, the agent will redirect traffic through the manufacturer’s cloud proxy containing the same set of policies.

They can also be two different sets – for users inside and outside the organizational network.

Web Secure Gateway is chosen by companies that:

• Value application-layer network protection – to neutralize malware, redirect attempts, or data exfilteration via web protocols in real time.

• Care about their Web culture – by blocking malicious categories and categories selected by the company, time restrictions, application control (restrictions on internal website functions), e.g. maybe someone should not be able to publish on the company’s Facebook?