|Firewalls||Next Generation Firewalls||First line of defense against Internet traffic to protect enterprise networks from intrusions introduced through Web applications and other malicious activity with the employment of IPS, Anti-spam, Anti-virus and Application Control.|
|Web Application Firewalls||Identifies and acts upon dangers maliciously woven into innocent-looking website traffic; traffic that slips right through traditional defenses. This includes blocking technical attacks such as SQL injection, cross-site scripting and other top OWASP attacks before fraudulent transactions can be performed.|
|DDoS||Out-of-Bounds||Helps to identify and stop volumetric, TCP state exhaustion and application-layer DDoS attacks. Its mitigation architecture redirects only the traffic stream (carrying the DDoS attack) to Scrubbing device. The device removes only the malicious traffic and forwards only legitimate traffic to its intended destination.|
|Inline||Secures the Internet data center’s edge from threats against application-layer, distributed denial of service (DDoS) attacks. It is a single, stand-alone device that deploys at ingress points to an enterprise to detect & to block.|
|Malware Solution||Captures Evasive Malware & Monitor Suspicious Network Traffic on different operating systems (Windows, Mac OS X, and Android), virtual hosts, network infrastructure and web, email, content, mobile applications. It also blocks traffic, logs advanced threats and quarantine malware.|
|DNS Security||Protects against fast-evolving, elusive malware threats that exploit DNS to communicate with command and control (C&C) servers and also against botnets that uses DDoS attacks.|
A public-key infrastructure is to manage keys and certificates services such as:
Client-side software interacting with all of the above in a secure, consistent, and trustworthy manner.
Key backup and recovery.
|Proxy||Forward Proxy||Utilizes URL filtering, advanced threat defense, legacy malware protection and application control technologies to defend users from Internet-borne threats and to help enterprises enforce Internet policy compliance.|
|Reverse Proxy||Distributes network or application traffic across a number of servers. Load balancers are used to increase capacity (concurrent users) and reliability of applications.|
|DPI||Deep Packet Inspection enables advanced network management, user service, and security functions as well as internet data mining, DDoS, network management, congestion management and fair-use policies.|
|Security Testing||Vulnerability Management||Discovers which vulnerabilities are present, but they do not differentiate between flaws that can be exploited to cause damage and those that cannot.|
|Penetration Test||Exploits the vulnerabilities in a system to determine whether unauthorized access or other malicious activity is possible and identify which flaws pose a threat to the application rather than find every flaw in a system.|
The Enterprise Firewall is a high-performance perimeter appliance that adds intrusion prevention, application and user visibility, SSL inspection, and unknown threat detection to the traditional firewall.
WAFs are designed to protect web applications/servers from web-based attacks that IPSs cannot prevent. They sit in-line and monitor traffic to and from web applications/servers. Basically, the difference is in the level of ability to analyse the Layer 7 web application logic.
DDoS solutions help to identify and stop volumetric, TCP state exhaustion and application-layer DDoS attacks. Its mitigation architecture redirects only the traffic stream (carrying the DDoS attack) to Scrubbing device. The device removes only the malicious traffic and forwards only legitimate traffic to its intended destination.
With Advanced DNS Protection, you can comprehensively defend your DNS server from the widest range of DNS-based attacks, while maintaining service availability and business continuity.
"The traditional defence-in-depth components are still necessary, but are no longer sufficient in protecting against advanced targeted attacks and advanced malware" said Gartner Report. Today's threats require an updated layered defence model that utilises "lean forward" technologies at three levels: network, payload (executables, files and Web objects) and endpoint. Combining two or all three layers offers highly effective protection against today's threat environment.
A PKI-based MDM not only enable IT to secure and manage mobile devices, providing secure corporate email, automatic device configuration, certificate-based security, and selective wipe of enterprise data for both corporate and user-owned devices but also provides full lifecycle management of certificate-based digital identities.
In addition, the solution helps automating several onboarding processes such as guest registration, onboarding of employee-owned personal devices, and automating MDM enrollment to onboard mobile devices.
Vulnerability Management is an important mechanism through which organizations can identify potential security exposures and have a process in place to correct any deficiencies. Routine self-assessments provide a good picture of how security is managed and improved over time, and to help identify areas most in need of attention.