FIREWALL. Features SECURITY OF INFORMATION TECHNOLOGIES



Similar documents
MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

INTRUSION PREVENTION (IPS) Features SECURITY OF INFORMATION TECHNOLOGIES

PROTECTING YOUR MAILBOXES. Features SECURITY OF INFORMATION TECHNOLOGIES

WEB PROTECTION. Features SECURITY OF INFORMATION TECHNOLOGIES

Stormshield Network Security vs Fortinet

PROTECTION FOR SERVERS, WORKSTATIONS AND TERMINALS ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS NETWORK SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Astaro Gateway Software Applications

NETASQ MIGRATING FROM V8 TO V9

Readiness Assessments: Vital to Secure Mobility

Does your Citrix or Terminal Server environment have an Achilles heel?

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

Cisco ASA 5500 Series Business Edition

Did you know your security solution can help with PCI compliance too?

Building A Secure Microsoft Exchange Continuity Appliance

NETASQ ACTIVE DIRECTORY INTEGRATION

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

INSTANT MESSAGING SECURITY

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions

Firewall and UTM Solutions Guide

Managed Security Services for Data

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

Achieving PCI-Compliance through Cyberoam

The Cisco ASA 5500 as a Superior Firewall Solution

GFI White Paper PCI-DSS compliance and GFI Software products

The Ultimate WLAN Management and Security Solution for Large and Distributed Deployments

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

Industrial Security Solutions

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

NETASQ SSO Agent Installation and deployment

Next-Generation Firewalls: Critical to SMB Network Security

EasyConnect. Any application - Any device - Anywhere. Faster, Simpler & Safer Networks

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Providing Secure IT Management & Partnering Solution for Bendigo South East College

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

PRODUCT CATEGORY BROCHURE

Chapter 9 Firewalls and Intrusion Prevention Systems

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

Using Palo Alto Networks to Protect the Datacenter

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

McAfee Next Generation Firewall (NGFW) Administration Course

End-user Security Analytics Strengthens Protection with ArcSight

Citrix Access Gateway

Move over, TMG! Replacing TMG with Sophos UTM

Proven LANDesk Solutions

Wireless Services. The Top Questions to Help You Choose the Right Wireless Solution for Your Business.

Best Practices for Outdoor Wireless Security

Network Security Solution. Arktos Lam

Microsoft TMG Replacement. How FORTINET integrated secuity platforms Help Protect the Perimeter in a Microsoft Infrastructure Environment

WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise

PCI Requirements Coverage Summary Table

Deploying Firewalls Throughout Your Organization

Applications erode the secure network How can malware be stopped?

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Cyberoam Perspective BFSI Security Guidelines. Overview

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Jort Kollerie SonicWALL

McAfee Security Architectures for the Public Sector

FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201

A HELPING HAND TO PROTECT YOUR REPUTATION

ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows

Implementing Cisco IOS Network Security

FileCloud Security FAQ

Meru MobileFLEX Architecture

How To Buy Nitro Security

Network Access Control ProCurve and Microsoft NAP Integration

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Guideline on Auditing and Log Management

Symantec Endpoint Protection Analyzer Report

Emerging Trends in the Network Security Market in India, CY 2013

Preparing your network for the mobile onslaught

The Payment Card Industry (PCI) Data Security Standards (DSS) v1.2 Requirements:

EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

Industrial Security for Process Automation

Remote Access Clients for Windows

IINS Implementing Cisco Network Security 3.0 (IINS)

FortiMail Filtering. Course 221 (for FortiMail v4.2) Course Overview

Protecting Your Organisation from Targeted Cyber Intrusion

New possibilities in latest OfficeScan and OfficeScan plug-in architecture

Introduction to Endpoint Security

Cyberoam Next-Generation Security for Enterprises

Fortigate Features & Demo

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

How To Secure Your Store Data With Fortinet

Security Administration R77

Security. TestOut Modules

Transcription:

FIREWALL Features SECURITY OF INFORMATION TECHNOLOGIES

To ensure that they stay competitive and in order to expand their activity, businesses today know it is in their best interests to open up more channels for direct communication and exchange with their clients and partners, sometimes even to the extent of opening up a section of their information system. In the meantime, corporate networks grow more complex, e.g. the development of Wi-Fi connectivity within local networks or increasingly thorough segmentation of privileges and usage often as a result of compliance measures (ISO270X, PCI-DSS, etc). In this context, it is a fundamental security requirement to restrict traffic on the network and to use solutions that can seamlessly apply filtering based on user identity. NEXT-GENERATION FIREWALL Such segmentation, in addition to enabling the control of user access to each of the resources on the network, can offer some protection against external attacks. It also prevents the spread of viruses internally between departments. Furthermore, if your business is subject to standards such as PCI-DSS, you are required to screen certain areas of your network. In many cases the installation of a firewall is a requirement to ensure compliance. Many studies indicate that most threats emanate from within the network. Once your network is segmented, you can configure your Stormshield Network Security appliance to control which traffic and users are authorized to move between protected zones. Stormshield Network Security s integrated intrusion prevention engine uses protocol scans, application filtering and antivirus scans to inspect authorized traffic and strengthen application security. Stormshield enables you to establish and configure user-based security policies, giving you greater control over the network resources each user is authorized to access. WINDOWS SERVICE FILTER Thanks to the feature that filters Windows services, you can closely manage how these services are used (Active Directory backup and restoration, IIS services, Microsoft Messenger, etc) on your network. An inspection of the Windows DCE-RPC protocol enables the identification of accessible services and the application of an adapted filter policy, thereby protecting your infrastructure from malware or security evasion techniques that exploit the slew of vulnerabilities on these services. IPv6 The IPv6 protocol has been implemented in the filter features on Stormshield Network Security appliances. The security of your network is therefore ready for a smooth transition to new-generation networks.

APPLICATION FIREWALL As threats to corporate networks grow and evolve, simple firewalls no longer form an effective barrier. The only adequate response is to upgrade networks with the latest security technologies. Network layer protection is no longer enough. A modern approach addresses both the threats to applications and services, as well as to the network itself. Monitoring and restrictions must be applied to applications, users and traffic content. A traditional firewall can no longer deal with threats such as the use of non-standard Benefits: ports and encrypted attacks. Stormshield multifunction firewalls include a range of modules for proactive security. A policy of continuous development ensures they are able to meet the needs of even the most demanding corporation. The Intrusion Prevention System (IPS) from Stormshield Network Security Full protection against application vulnerabilities Complete network overview High-level filtering without reliance on ports synthesizes an array of technologies and over 10 years of research from 2 companies that specialize in security (Arkoon and Netasq) to deliver exceptional levels of protection. The Application Firewall feature from Stormshield Network Security contains a real-time analysis module. The Stormshield Network Vulnerability Manager module enables control of applications, services and all network vulnerabilities. It offers a complete overview of the network to facilitate fast, effective risk management, giving you end-to-end control of the entire infrastructure. The built-in antivirus feature conducts antivirus, antispyware and antiphishing scans for exceptional protection against malware applications. Analytical processes are updated automatically to provide incremental protection. Stormshield Network Security solutions deliver the highest levels of security at all times. USER-BASED SECURITY As user mobility intensifies, so does network complexity. It is becoming increasingly difficult to manage network security and access to applications purely on the basis of an established and known network architecture. Today, users access applications in a variety of ways, including remote access, laptops, tablets and smartphones. Therefore, effective security management needs to be based on the concept of the user. So rather than being set up to block PCs and servers, a modern security system must be enabled to block users. To achieve this, you need to implement highly modular security rules. Stormshield s unique multifunction firewalls enable security rule management based on user identity. When a computer is used as a gateway, access to resources depends on the user s identity. You will no longer need to devote time and effort to managing the resources on the network as each new device which is connected is automatically linked to the policy associated with its user.

All Stormshield Network Security products feature modular security policies. This allows you to ensure the appropriate and effective use of network resources. You can also implement connection schedules, content filtering and VPN, SSL and IPSec access to remote resources based on the identity of the user. This limits the number of rules to apply to all of the user s resources, regardless of the installation or device they are using. User access control can be based on your internal directories (LDAP, Windows Active Directory) and be a fully seamless operation, thanks to the SSO (Single-Sign-On) agent installed directly on the controller or on a machine on the domain. As soon as users open a Windows session, they will be automatically authenticated on the Stormshield Network Security appliance, even when they log on through a multi-user system such as Citrix or TSE. Stormshield Network Security appliances offer various simultaneous authentication methods, thereby providing multiple possibilities for identifying users (certificates, captive authentication portal, Windows transparent authentication, internal LDAP, guest mode, etc). CONTROL OF MOBILE DEVICES, AN ANSWER TO BYOD ISSUES The boom in the use of mobile devices such as smartphones, touch screen tablets or ordinary personal laptops in the workplace or elsewhere presents a real headache for security managers. How is it possible to keep pace with the spreading practice of BYOD (Bring Your Own Device) while maintaining an efficient level of protection and monitoring these devices? With Stormshield Network Security, you can easily identify the mobile terminals connected to the information system and control their use. It is therefore possible to allow or deny the use of these devices during certain time slots, or for certain users or user groups or for access to certain resources. A stronger protection profile can even be applied. Benefits: User-based security Enables a modular security policy Network modifications do not affect established rules No impact for users thanks to seamless authentication Stormshield Network Security offers incomparable flexibility for the authentication of users, whether they are using professional or personal devices. The many authentication methods offered can be used jointly to validate access from all types of devices.

ABOUT Arkoon and Netasq, fully owned subsidiaries of Airbus Defence and Space CyberSecurity, run the Stormshield brand and offer innovative end-to-end security solutions both in France and worldwide to protect networks (Stormshield Network Security), workstations (Stormshield Endpoint Security) and data (Stormshield Data Security). All trademarks are the property of their respective companies. Phone +33 9 69 32 96 29 The cost of a call may vary according to the country you are calling from and your telecoms operator. WWW.STORMSHIELD.EU Netasq Parc Scientifique Haute Borne - Parc Horizon, Bat 6, Avenue de l Horizon 59650 Villeneuve d Ascq - FRANCE Arkoon & Netasq Copyright 2014

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information