WiJungle is a Unified Network Securty Gateway Appliance that combinedly serves the functions of NextGen Firewall/Unified Threat Management, Web Application Firewall, Hotspot Gateway, Vulnerability Assessment etc.
{"global":{"lastError":{},"locale":"de","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"company":{"role-vendor":{"en":"Vendor","ru":"Производитель","_type":"localeString"},"role-supplier":{"ru":"Поставщик","_type":"localeString","en":"Supplier"},"products-popover":{"_type":"localeString","en":"Products","de":"die produkte","ru":"Продукты"},"introduction-popover":{"_type":"localeString","en":"introduction","ru":"внедрения"},"partners-popover":{"ru":"партнеры","_type":"localeString","en":"partners"},"update-profile-button":{"_type":"localeString","en":"Update profile","ru":"Обновить профиль"},"read-more-button":{"_type":"localeString","en":"Show more","ru":"Показать ещё"},"hide-button":{"ru":"Скрыть","_type":"localeString","en":"Hide"},"user-implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"categories":{"en":"Categories","ru":"Компетенции","_type":"localeString"},"description":{"ru":"Описание","_type":"localeString","en":"Description"},"role-user":{"ru":"Пользователь","_type":"localeString","en":"User"},"partnership-vendors":{"ru":"Партнерство с производителями","_type":"localeString","en":"Partnership with vendors"},"partnership-suppliers":{"_type":"localeString","en":"Partnership with suppliers","ru":"Партнерство с поставщиками"},"reference-bonus":{"en":"Bonus 4 reference","ru":"Бонус за референс","_type":"localeString"},"partner-status":{"_type":"localeString","en":"Partner status","ru":"Статус партнёра"},"country":{"en":"Country","ru":"Страна","_type":"localeString"},"partner-types":{"ru":"Типы партнеров","_type":"localeString","en":"Partner types"},"branch-popover":{"_type":"localeString","en":"branch","ru":"область деятельности"},"employees-popover":{"ru":"количество сотрудников","_type":"localeString","en":"number of employees"},"partnership-programme":{"ru":"Партнерская программа","_type":"localeString","en":"Partnership program"},"partner-discounts":{"en":"Partner discounts","ru":"Партнерские скидки","_type":"localeString"},"registered-discounts":{"en":"Additional benefits for registering a deal","ru":"Дополнительные преимущества за регистрацию сделки","_type":"localeString"},"additional-advantages":{"en":"Additional Benefits","ru":"Дополнительные преимущества","_type":"localeString"},"additional-requirements":{"en":"Partner level requirements","ru":"Требования к уровню партнера","_type":"localeString"},"certifications":{"en":"Certification of technical specialists","ru":"Сертификация технических специалистов","_type":"localeString"},"sales-plan":{"ru":"Годовой план продаж","_type":"localeString","en":"Annual Sales Plan"},"partners-vendors":{"en":"Partners-vendors","ru":"Партнеры-производители","_type":"localeString"},"partners-suppliers":{"en":"Partners-suppliers","ru":"Партнеры-поставщики","_type":"localeString"},"all-countries":{"ru":"Все страны","_type":"localeString","en":"All countries"},"supplied-products":{"_type":"localeString","en":"Supplied products","ru":"Поставляемые продукты"},"vendored-products":{"en":"Produced products","ru":"Производимые продукты","_type":"localeString"},"vendor-implementations":{"ru":"Производимые внедрения","_type":"localeString","en":"Produced deployments"},"supplier-implementations":{"ru":"Поставляемые внедрения","_type":"localeString","en":"Supplied deployments"},"show-all":{"en":"Show all","ru":"Показать все","_type":"localeString"},"not-yet-converted":{"ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время.","_type":"localeString","en":"Data is moderated and will be published soon. Please, try again later."},"schedule-event":{"en":"Events schedule","ru":"Pасписание событий","_type":"localeString"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"register":{"ru":"Регистрация ","_type":"localeString","en":"Register"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"auth-message":{"ru":"Для просмотра ивентов компании авторизируйтесь или зарегистрируйтесь на сайт.","_type":"localeString","en":"To view company events please log in or register on the sit."},"company-presentation":{"ru":"Презентация компании","_type":"localeString","en":"Company presentation"}},"header":{"help":{"en":"Help","de":"Hilfe","ru":"Помощь","_type":"localeString"},"how":{"de":"Wie funktioniert es","ru":"Как это работает","_type":"localeString","en":"How does it works"},"login":{"en":"Log in","de":"Einloggen","ru":"Вход","_type":"localeString"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"_type":"localeString","en":"FAQ","de":"FAQ","ru":"FAQ"},"references":{"ru":"Мои запросы","_type":"localeString","en":"Requests","de":"References"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find-it-product":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"_type":"localeString","en":"Bonus for reference","ru":"Бонус за референс"},"business-booster":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"catalogs":{"ru":"Каталоги","_type":"localeString","en":"Catalogs"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"_type":"localeString","en":"Companies","ru":"Компании"},"categories":{"en":"Categories","ru":"Категории","_type":"localeString"},"for-suppliers":{"ru":"Поставщикам","_type":"localeString","en":"For suppliers"},"blog":{"en":"Blog","ru":"Блог","_type":"localeString"},"agreements":{"ru":"Сделки","_type":"localeString","en":"Deals"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"en":"Register","ru":"Зарегистрироваться","_type":"localeString"},"comparison-deletion":{"_type":"localeString","en":"Deletion","ru":"Удаление"},"comparison-confirm":{"ru":"Подтвердите удаление","_type":"localeString","en":"Are you sure you want to delete"},"search-placeholder":{"_type":"localeString","en":"Enter your search term","ru":"Введите поисковый запрос"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"en":"About Us","_type":"localeString"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"en":"Get reference from user","_type":"localeString"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"en":"Create an avatar for the event","_type":"localeString"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"},"it_our_it_catalogs":{"en":"Our IT Catalogs","_type":"localeString"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"en":"Find vendor and company-supplier","_type":"localeString"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"en":"Our Products","_type":"localeString"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"ru":"Все права защищены","_type":"localeString","en":"All rights reserved","de":"Alle rechte vorbehalten"},"company":{"de":"Über die Firma","ru":"О компании","_type":"localeString","en":"My Company"},"about":{"_type":"localeString","en":"About us","de":"Über uns","ru":"О нас"},"infocenter":{"ru":"Инфоцентр","_type":"localeString","en":"Infocenter","de":"Infocenter"},"tariffs":{"_type":"localeString","en":"Subscriptions","de":"Tarife","ru":"Тарифы"},"contact":{"_type":"localeString","en":"Contact us","de":"Kontaktiere uns","ru":"Связаться с нами"},"marketplace":{"_type":"localeString","en":"Marketplace","de":"Marketplace","ru":"Marketplace"},"products":{"de":"Produkte","ru":"Продукты","_type":"localeString","en":"Products"},"compare":{"_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche","ru":"Подобрать и сравнить"},"calculate":{"_type":"localeString","en":"Calculate the cost","de":"Kosten berechnen","ru":"Расчитать стоимость"},"get_bonus":{"en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс","_type":"localeString"},"salestools":{"de":"Salestools","ru":"Salestools","_type":"localeString","en":"Salestools"},"automatization":{"_type":"localeString","en":"Settlement Automation","de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов"},"roi_calcs":{"de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"matrix":{"_type":"localeString","en":"Comparison matrix","de":"Vergleichsmatrix","ru":"Матрица сравнения"},"b4r":{"en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString"},"our_social":{"_type":"localeString","en":"Our social networks","de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети"},"subscribe":{"ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an"},"subscribe_info":{"en":"and be the first to know about promotions, new features and recent software reviews","ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString"},"policy":{"en":"Privacy Policy","ru":"Политика конфиденциальности","_type":"localeString"},"user_agreement":{"ru":"Пользовательское соглашение ","_type":"localeString","en":"Agreement"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"quote":{"_type":"localeString","en":"Price calculator","ru":"Калькулятор цены"},"boosting":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"ru":"блог","_type":"localeString","en":"blog"},"pay4content":{"en":"we pay for content","ru":"платим за контент","_type":"localeString"},"categories":{"en":"categories","ru":"категории","_type":"localeString"},"showForm":{"ru":"Показать форму","_type":"localeString","en":"Show form"},"subscribe__title":{"_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!","ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!"},"subscribe__email-label":{"_type":"localeString","en":"Email","ru":"Email"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"en":"This field is required","ru":"Это поле обязательное","_type":"localeString"},"subscribe__notify-label":{"_type":"localeString","en":"Yes, please, notify me about news, events and propositions","ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"en":"Subscribe","ru":"Подписаться","_type":"localeString"},"subscribe__email-message":{"_type":"localeString","en":"Please, enter the valid email","ru":"Пожалуйста, введите корректный адрес электронной почты"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"en":"Last, first name","ru":"Имя Фамилия","_type":"localeString"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString","en":"Subscription is unsuccessful. Please, try again later."},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"}},"breadcrumbs":{"home":{"ru":"Главная","_type":"localeString","en":"Home"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"registration":{"ru":"Регистрация","_type":"localeString","en":"Registration"},"b2b-platform":{"_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ"}},"comment-form":{"title":{"en":"Leave comment","ru":"Оставить комментарий","_type":"localeString"},"firstname":{"ru":"Имя","_type":"localeString","en":"First name"},"lastname":{"_type":"localeString","en":"Last name","ru":"Фамилия"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"ru":"Фактическая стоимость","_type":"localeString","en":"Actual cost"},"received-roi":{"ru":"Полученный ROI","_type":"localeString","en":"Received ROI"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"_type":"localeString","en":"Comment","ru":"Комментарий"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString"},"send":{"ru":"Отправить","_type":"localeString","en":"Send"},"required-message":{"en":"{NAME} is required filed","ru":"{NAME} - это обязательное поле","_type":"localeString"}},"maintenance":{"title":{"ru":"На сайте проводятся технические работы","_type":"localeString","en":"Site under maintenance"},"message":{"_type":"localeString","en":"Thank you for your understanding","ru":"Спасибо за ваше понимание"}}},"translationsStatus":{"company":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"company":{"title":{"ru":"ROI4CIO: Компания","_type":"localeString","en":"ROI4CIO: Company"},"meta":[{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"},{"content":"website","name":"og:type"}],"translatable_meta":[{"name":"title","translations":{"_type":"localeString","en":"Company","ru":"Компания"}},{"translations":{"en":"Company description","ru":"Описание компании","_type":"localeString"},"name":"description"},{"name":"keywords","translations":{"ru":"Ключевые слова для компании","_type":"localeString","en":"Company keywords"}}]}},"pageMetaDataStatus":{"company":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{"wijungle":{"id":7007,"title":"WiJungle","logoURL":"https://old.roi4cio.com/uploads/roi/company/WiJungle-Gateway-logo-Large-New-1200-2_1.png","alias":"wijungle","address":"","roles":[{"id":2,"type":"supplier"},{"id":3,"type":"vendor"}],"description":"WiJungle is a Unified Network Securty Gateway Appliance that combinedly serves the functions of NextGen Firewall/Unified Threat Management, Web Application Firewall, Hotspot Gateway, Vulnerability Assessment etc.","companyTypes":["supplier","vendor"],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":1,"categories":{"4":{"id":4,"title":"Data center","description":" A data center (or datacenter) is a facility composed of networked computers and storage that businesses or other organizations use to organize, process, store and disseminate large amounts of data. A business typically relies heavily upon the applications, services and data contained within a data center, making it a focal point and critical asset for everyday operations.\r\nData centers are not a single thing, but rather, a conglomeration of elements. At a minimum, data centers serve as the principal repositories for all manner of IT equipment, including servers, storage subsystems, networking switches, routers and firewalls, as well as the cabling and physical racks used to organize and interconnect the IT equipment. A data center must also contain an adequate infrastructure, such as power distribution and supplemental power subsystems, including electrical switching; uninterruptable power supplies; backup generators and so on; ventilation and data center cooling systems, such as computer room air conditioners; and adequate provisioning for network carrier (telco) connectivity. All of this demands a physical facility with physical security and sufficient physical space to house the entire collection of infrastructure and equipment.","materialsDescription":" <span style=\"font-weight: bold;\">What are the requirements for modern data centers?</span>\r\nModernization and data center transformation enhances performance and energy efficiency.\r\nInformation security is also a concern, and for this reason a data center has to offer a secure environment which minimizes the chances of a security breach. A data center must therefore keep high standards for assuring the integrity and functionality of its hosted computer environment.\r\nIndustry research company International Data Corporation (IDC) puts the average age of a data center at nine years old. Gartner, another research company, says data centers older than seven years are obsolete. The growth in data (163 zettabytes by 2025) is one factor driving the need for data centers to modernize.\r\nFocus on modernization is not new: Concern about obsolete equipment was decried in 2007, and in 2011 Uptime Institute was concerned about the age of the equipment therein. By 2018 concern had shifted once again, this time to the age of the staff: "data center staff are aging faster than the equipment."\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Meeting standards for data centers</span></span>\r\nThe Telecommunications Industry Association's Telecommunications Infrastructure Standard for Data Centers specifies the minimum requirements for telecommunications infrastructure of data centers and computer rooms including single tenant enterprise data centers and multi-tenant Internet hosting data centers. The topology proposed in this document is intended to be applicable to any size data center.\r\nTelcordia GR-3160, NEBS Requirements for Telecommunications Data Center Equipment and Spaces, provides guidelines for data center spaces within telecommunications networks, and environmental requirements for the equipment intended for installation in those spaces. These criteria were developed jointly by Telcordia and industry representatives. They may be applied to data center spaces housing data processing or Information Technology (IT) equipment. The equipment may be used to:\r\n<ul><li>Operate and manage a carrier's telecommunication network</li><li>Provide data center based applications directly to the carrier's customers</li><li>Provide hosted applications for a third party to provide services to their customers</li><li>Provide a combination of these and similar data center applications</li></ul>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Data center transformation</span></span>\r\nData center transformation takes a step-by-step approach through integrated projects carried out over time. This differs from a traditional method of data center upgrades that takes a serial and siloed approach. The typical projects within a data center transformation initiative include standardization/consolidation, virtualization, automation and security.\r\n<ul><li>Standardization/consolidation: Reducing the number of data centers and avoiding server sprawl (both physical and virtual) often includes replacing aging data center equipment, and is aided by standardization.</li><li>Virtualization: Lowers capital and operational expenses, reduce energy consumption. Virtualized desktops can be hosted in data centers and rented out on a subscription basis. Investment bank Lazard Capital Markets estimated in 2008 that 48 percent of enterprise operations will be virtualized by 2012. Gartner views virtualization as a catalyst for modernization.</li><li>Automating: Automating tasks such as provisioning, configuration, patching, release management and compliance is needed, not just when facing fewer skilled IT workers.</li><li>Securing: Protection of virtual systems is integrated with existing security of physical infrastructures.</li></ul>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Machine room</span></span>\r\nThe term "Machine Room" is at times used to refer to the large room within a Data Center where the actual Central Processing Unit is located; this may be separate from where high-speed printers are located. Air conditioning is most important in the machine room.\r\nAside from air-conditioning, there must be monitoring equipment, one type of which is to detect water prior to flood-level situations. One company, for several decades, has had share-of-mind: Water Alert. The company, as of 2018, has 2 competing manufacturers (Invetex, Hydro-Temp) and 3 competing distributors (Longden,Northeast Flooring, Slayton). ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_center.png","alias":"data-center"},"33":{"id":33,"title":"UPS - Uninterruptible Power Supply","description":"An uninterruptible power supply (UPS), also known as a battery backup, provides backup power when your regular power source fails or voltage drops to an unacceptable level. A UPS allows for the safe, orderly shutdown of a computer and connected equipment. The size and design of a UPS determine how long it will supply power.\r\nDifferent UPS topologies provide specific levels of power protection.\r\nStandby is the most basic UPS topology. A standby UPS resorts to battery backup power in the event of common power problems such as a blackout, voltage sag, or voltage surge. When incoming utility power drops below or surges above safe voltage levels, the UPS switches to DC battery power and then inverts it to AC power to run connected equipment. These models are designed for consumer electronics, entry-level computers, POS systems, security systems, and other basic electronic equipment.\r\nA line-interactive UPS incorporates technology which allows it to correct minor power fluctuations (under-voltages and over voltages) without switching to battery. This type of UPS has an autotransformer that regulates low voltages (e.g., brownouts) and over voltages (e.g., swells) without having to switch to battery. Line-interactive UPS models are typically used for consumer electronics, PCs, gaming systems, home theater electronics, network equipment, and entry-to-mid-range servers. They provide power during such events as a blackout, voltage sag, voltage surge, or over-voltage.\r\nA double-conversion (online) UPS provides consistent, clean, and near-perfect power regardless of the condition of incoming power. This UPS converts incoming AC power to DC, and then back to AC. UPS systems with this technology operate on isolated DC power 100 percent of the time and have a zero transfer time because they never need to switch to DC power. Double-conversion UPS systems are designed to protect mission-critical IT equipment, data center installations, high-end servers, large telecom installations and storage applications, and advanced network equipment from damage caused by a power blackout, voltage sag, voltage surge, over-voltage, voltage spike, frequency noise, frequency variation, or harmonic distortion.","materialsDescription":" <span style=\"font-weight: bold;\">What is a UPS system?</span>\r\nUPS stands for an uninterruptible power supply. This means that a UPS system is designed to keep the power running at all times. For instance, load shedding will be a problem of the past with our wide variety of products and solutions keeping your business moving.\r\n<span style=\"font-weight: bold;\">Where is a UPS used?</span>\r\nUPS systems can be used anywhere that needs to ensure that the power stays on. The most common applications are where power is critical to avoid infrastructure damage e.g. Data centers and manufacturing facilities.\r\n<span style=\"font-weight: bold;\">What is the difference between a battery and a UPS?</span>\r\nA battery is a device that stores energy, a UPS detects when there is no longer any power coming from the mains and switches over to the UPS batteries.\r\n<span style=\"font-weight: bold;\">Can I use a UPS for 6-7 hours?</span>\r\nIf the power requirement is low and the UPS is overrated, possibly, but normally running a UPS for this long requires so many UPS batteries it becomes unfeasible both financially and physically. It would be best to run a standby generator alongside your UPS to achieve this.\r\n<span style=\"font-weight: bold;\">What is the difference between a UPS and an Inverter?</span>\r\nThe UPS and inverter both provide the backup supply to the electrical system. The major difference between the UPS and inverter is that the UPS switches from the main supply to the battery immediately, but the inverter takes much longer.\r\n<span style=\"font-weight: bold;\">What is a non-critical load in a power system?</span>\r\nA non-critical load is an electrical device or devices, that aren’t key to keeping a business running or won’t be damaged by a power cut. In short, it doesn’t matter if these devices lose power in an outage.\r\n<span style=\"font-weight: bold;\">What is backup power?</span>\r\nBackup power is a term that simply means, a source of power if the main power source fails. This can be anything from some AA batteries in your mains powered alarm clock to UPS system and standby generator that is connected to your data center.\r\n<span style=\"font-weight: bold;\">What is the difference between a standby generator and a UPS system?</span>\r\nWhile both protect against a power cut, a UPS is an immediate, short term solution, provide power straight away for as long as its UPS batteries have a charge. A standby generator is a longer turn solution, that is slower to start up but will provide power for as long as it has fuel.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UPS.png","alias":"ups-uninterruptible-power-supply"},"55":{"id":55,"title":"Structuring Cabling","description":"In telecommunications, structured cabling is building or campus cabling infrastructure that consists of a number of standardized smaller elements (hence structured) called subsystems.\r\nStructured cabling is the design and installation of a cabling system that will support multiple hardware uses and be suitable for today's needs and those of the future. With a correctly installed system, current and future requirements can be met, and hardware that is added in the future will be supported.\r\nStructured cabling design and installation is governed by a set of standards that specify wiring data centers, offices, and apartment buildings for data or voice communications using various kinds of cable, most commonly category 5e (Cat 5e), category 6 (Cat 6), and fiber optic cabling and modular connectors. These standards define how to lay the cabling in various topologies in order to meet the needs of the customer, typically using a central patch panel (which is normally 19-inch rack-mounted), from where each modular connection can be used as needed. Each outlet is then patched into a network switch (normally also rack-mounted) for network use or into an IP or PBX (private branch exchange) telephone system patch panel.\r\nLines patched as data ports into a network switch require simple straight-through patch cables at each end to connect a computer. Voice patches to PBXs in most countries require an adapter at the remote end to translate the configuration on 8P8C modular connectors into the local standard telephone wall socket. No adapter is needed in North America as the 6P2C and 6P4C plugs most commonly used with RJ11 and RJ14 telephone connections are physically and electrically compatible with the larger 8P8C socket. RJ25 and RJ61 connections are physically but not electrically compatible, and cannot be used. In the United Kingdom, an adapter must be present at the remote end as the 6-pin BT socket is physically incompatible with 8P8C.\r\nIt is common to color-code patch panel cables to identify the type of connection, though structured cabling standards do not require it except in the demarcation wall field.\r\nCabling standards require that all eight conductors in Cat 5e/6/6A cable be connected.\r\nIP phone systems can run the telephone and the computer on the same wires, eliminating the need for separate phone wiring.\r\nRegardless of copper cable type (Cat 5e/6/6A), the maximum distance is 90 m for the permanent link installation, plus an allowance for a combined 10 m of patch cords at the ends.\r\nCat 5e and Cat 6 can both effectively run power over Ethernet (PoE) applications up to 90 m. However, due to greater power dissipation in Cat 5e cable, performance and power efficiency are higher when Cat 6A cabling is used to power and connect to PoE devices.","materialsDescription":" <span style=\"font-weight: bold;\">What is structured cabling?</span>\r\nStructured cabling is the highway that information travels on in a building. The building can be large or small, commercial or residential, or a combination of both as in the mixed-use retail, commercial, and residential buildings now found in most large cities. Structured cabling systems are designed around telecommunications code standards to ensure that computer equipment will operate as designed when connected to the structured cabling system. Some of these factors include distance limitations, cable types, flammability ratings, and bend radii.\r\n<span style=\"font-weight: bold;\">Cat5/Cat6 what’s the difference?</span>\r\nThe general difference between Cat5e cabling and Cat6 cabling is in the transmission performance and extension of the available bandwidth from 100 MHz for category 5e to 250 MHz for category 6. This includes better insertion loss, near-end crosstalk (NEXT), return loss, and equal level far-end crosstalk (ELFEXT). These improvements provide a higher signal to noise ratio, allowing higher reliability for current applications and higher data rates for future applications.\r\n<span style=\"font-weight: bold;\">Do I need Plenum or PVC?</span>\r\nPlenum cable is designed to operate in a “return air” space in the building. Typically these spaces are above a suspended ceiling or beneath a raised floor. They are said to be a “return air” space because that is where the HVAC system gets the air to the heat or cool. If ever in question, the building inspector is typically the AHJ (authority having jurisdiction). Plenum cable is more expensive than PVC because of the less flammable compounds used in production. A plenum cable must pass a burn test that measures flame spread and smoke emissivity when exposed to the flame of a certain intensity and duration.\r\n<span style=\"font-weight: bold;\">Do I need 1 or 2 cables per work area?</span>\r\nThis decision is a commonly debated topic. The fact is that the cable is very inexpensive relative to the entire telecommunications system and the building that it serves. The increased functionality and bandwidth that one additional data cable can provide at each work area outlet can prove to be priceless, especially after the drywall is in place.\r\n<span style=\"font-weight: bold;\">Do I need a cabinet, can’t I just plug straight into my equipment?</span>\r\nA cabinet is always recommended even for the smallest installs. Cabling plugged directly into equipment has a tendency to break away at the termination ends as the solid cable is not suitable for direct termination. Also, a cabinet provides protection for the equipment from theft, breakage, dust, and employees. Cabinets also allow all the equipment to be stored together and in a manageable way for moves and changes.\r\n<span style=\"font-weight: bold;\">Why do I need such a big cabinet?</span>\r\nThe cabinet should be large enough to house the current equipment with some space for possible future requirements. I.e. for a VOIP telephone system to be housed. The depth of the cabinet should keep in mind what is to be stored in the cabinet. Some ISP switches and blade servers are extra deep and required an 800/1000mm deep cabinet.\r\n<span style=\"font-weight: bold;\">What do Data cable installation test results show?</span>\r\nTest Results show a range of tests depending on the grade of cabling used (Cat5e/Cat6 etc.). These tests for Cat6 include Wire Map, Length, Insertion Loss, NEXT Loss, PS NEXT Loss, ACRF Loss, PS ACRF Loss, Return Loss, Propagation Delay, and Delay Skew. These are tests to ensure installation standards have been met, the terminations have been done correctly and that the cable doesn’t have any unnecessary bends, kinks, and twists.\r\n<span style=\"font-weight: bold;\">What should the end deliverable be for a structured cabling system?</span>\r\nWhen properly designed and installed, the end deliverable should be a structured cabling system that supports the customer’s needs now and well into the foreseeable future. The Main Distribution Frames and Intermediate Distribution Frames should be well thought out, and cables should be neatly dressed. It should have additional cable runs that support a wireless overlay and have sufficient bandwidth in the backbone to handle a step-change in bandwidth needs. For the last 20 years, clients have utilized more bandwidth in the current year than the year preceding it. Nobody ever says “we put in too much cable.”","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Structuring_Cabling.png","alias":"structuring-cabling"},"172":{"id":172,"title":"WLAN - wireless network","description":"Unified Communications (UC) is a marketing buzzword describing the integration of real-time, enterprise, communication services such as instant messaging (chat), presence information, voice (including IP telephony), mobility features (including extension mobility and single number reach), audio, web & video conferencing, fixed-mobile convergence (FMC), desktop sharing, data sharing (including web connected electronic interactive whiteboards), call control and speech recognition with non-real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax). UC is not necessarily a single product, but a set of products that provides a consistent unified user-interface and user-experience across multiple devices and media-types.\r\n\r\nIn its broadest sense, UC can encompass all forms of communications that are exchanged via a network to include other forms of communications such as Internet Protocol Television (IPTV) and digital signage Communications as they become an integrated part of the network communications deployment and may be directed as one-to-one communications or broadcast communications from one to many.\r\n\r\nUC allows an individual to send a message on one medium, and receive the same communication on another medium. For example, one can receive a voicemail message and choose to access it through e-mail or a cell phone. If the sender is online according to the presence information and currently accepts calls, the response can be sent immediately through text chat or video call. Otherwise, it may be sent as a non-real-time message that can be accessed through a variety of media.\r\n\r\nSource: https://en.wikipedia.org/wiki/Unified_communications","materialsDescription":"","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/WLAN_-_wireless_network.png","alias":"wlan-wireless-network"},"178":{"id":178,"title":"IoT - Internet of Things","description":"The Internet of things (IoT) is the extension of Internet connectivity into physical devices and everyday objects. Embedded with electronics, Internet connectivity, and other forms of hardware (such as sensors), these devices can communicate and interact with others over the Internet, and they can be remotely monitored and controlled.\r\nThe definition of the Internet of things has evolved due to the convergence of multiple technologies, real-time analytics, machine learning, commodity sensors, and embedded systems. Traditional fields of embedded systems, wireless sensor networks, control systems, automation (including home and building automation). and others all contribute to enabling the Internet of things. In the consumer market, IoT technology is most synonymous with products pertaining to the concept of the "smart home", covering devices and appliances (such as lighting fixtures, thermostats, home security systems and cameras, and other home appliances) that support one or more common ecosystems, and can be controlled via devices associated with that ecosystem, such as smartphones and smart speakers.\r\nThe IoT concept has faced prominent criticism, especially in regards to privacy and security concerns related to these devices and their intention of pervasive presence.","materialsDescription":"<span style=\"font-weight: bold;\">What is the Internet of Things (IoT)?</span>\r\nThe Internet of things refers to the network of things (physical objects) that can be connected to the Internet to collect and share data without human-to-human or human-to-computer interaction.\r\n<span style=\"font-weight: bold;\">Why is it called the Internet of Things?</span>\r\nThe term Internet of things was coined by Kevin Ashton in 1999. Stemming from Kevin Ashton’s experience with RFID, the term Internet of things originally described the concept of tagging every object in a person’s life with machine-readable codes. This would allow computers to easily manage and inventory all of these things.\r\nThe term IoT today has evolved to a much broader prospect. It now encompasses ubiquitous connectivity, devices, sensors, analytics, machine learning, and many other technologies.\r\n<span style=\"font-weight: bold;\">What is an IoT solution?</span>\r\nAn IoT solution is a combination of devices or other data sources, outfitted with sensors and Internet connected hardware to securely report information back to an IoT platform. This information is often a physical metric which can help users answer a question or solve a specific problem.\r\n<span style=\"font-weight: bold;\">What is an IoT Proof of Concept (PoC)?</span>\r\nThe purpose of a PoC is to experiment with a solution in your environment, collect data, and evaluate performance from a set timeline on a set budget. A PoC is a low-risk way to introduce IoT to an organization.\r\n<span style=\"font-weight: bold;\">What is an IoT cloud platform?</span>\r\nAn IoT platform provides users with one or more of these key elements — visualization tools, data security features, a workflow engine and a custom user interface to utilize the information collected from devices and other data sources in the field. These platforms are based in the cloud and can be accessed from anywhere.\r\n<span style=\"font-weight: bold;\">What is industrial equipment monitoring?</span>\r\nIndustrial equipment monitoring uses a network of connected sensors - either native to a piece of equipment or retrofitted - to inform owners/operators of a machine’s output, component conditions, need for service or impending failure. Industrial equipment monitoring is an IoT solution which can utilize an IoT platform to unify disparate data and enable decision-makers to respond to real-time data.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/IoT_-_Internet_of_Things.png","alias":"iot-internet-of-things"},"194":{"id":194,"title":"Air Conditioning","description":" A large proportion of the total power consumption of the data center comes from cooling. That is why the cooling system in the data center often has the most significant energy-saving potential. Properly selected cooling system is able to maintain the optimum temperature in the data center, avoiding overcooling.\r\nIn modern machine rooms for cooling, the most commonly used cables are water-cooled or so-called “hot”/“cold aisles” between the rows of server racks. Free-cooling, in which cold outside air is used by chillers of the cooling system, is an efficient and environmentally friendly solution for data centers. When cooled, unclaimed heat is formed, which can then be used, for example, to heat rooms and stairwells.\r\nThe data processing center can also be cooled by connecting to the network of the district cooling station (if there is one in the area). Chilled water from the production plant is delivered to end users through pipes. Such a cooling system allows re-use of energy, since the heat generated during the cooling process can be used to heat the area and in places where heating is required.\r\nSeveral types of air conditioning systems are suitable for cooling a medium-sized data center - cabinet air conditioners, in-row air conditioners, and solutions based on free cooling technology.","materialsDescription":" <span style=\"font-weight: bold; \">Hot Aisle Containment System (HACS)</span>\r\nHot Aisle Containment System is a professional climate control system. Designed for technological rooms that require maintaining the specified parameters of temperature, humidity and air purity with high reliability and accuracy.\r\n<span style=\"font-weight: bold; \">In-house conditioners</span>\r\nIn-row air conditioners are designed for the removal of ultra-high heat loads typical of modern data centers. Ideal for "hot"/"cold corridors", providing additional cold air to the cold corridor.\r\n<span style=\"font-weight: bold; \">Rack cooling systems</span>\r\nIn-cabinet air conditioner is mounted in a hermetically sealed rack. It is used when there is no cooling capacity reserve in the data center, when it is necessary to add a rack with electronic equipment to the data center.\r\n<span style=\"font-weight: bold; \">Chillers</span>\r\nChillers cool (or heat) the heat-transfer fluid that is fed into the piping system, from where it enters the heat exchangers and fan coil units. The heat carrier has a higher heat capacity than the air.\r\n<span style=\"font-weight: bold; \">Cooling towers</span>\r\nThe principle of the cooling tower is the cooling of a large volume of water by a directed stream of atmospheric air. This type of equipment is used in various systems of circulating water supply to lower the temperature of heat exchangers.\r\n<span style=\"font-weight: bold; \">Adiabatic systems</span>\r\nThe principle of the adiabatic cooling system consists in spraying purified water from impurities in the form of tiny droplets into hot air. Water evaporating in the air can cool it to a temperature close to that of a “wet thermometer.”\r\n<span style=\"font-weight: bold; \">Outdoor units</span>\r\nRemote components of a precision air-conditioning system (condensers, compressors) are mounted outdoors and are connected to a precision air conditioner and a direct evaporation system by refrigerant lines.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Air_Conditioning__1_.png","alias":"air-conditioning"},"435":{"id":435,"title":"Rack Server","description":"A rack mount server is a great way to maximize your shelf space by packing a lot of servers into a small space. Rackmount servers are typically easier for administrators to manage due to proximity, modularity and better cable management. Lockable rack cabinet doors and steel server front panels provide an additional level of physical security. Additionally, rack unit designed servers are better able to keep the server components cool than traditional tower form factor. Industry standard 19-inch racks will allow you to easily expand your business without taking up more valuable floor space.\r\nThere is a lot of thought that needs to go into which size rack server is best bet for your project. Both current requirements and future expansion plans need to be taken into account to ensure your server remains capable in the future.\r\nBoth large and small projects can be built on the 1U server platform. "U" stands for unit, “unit”, and this means thickness: server rack 1U = 1.75 inches or 44 mm wide. A reasonable amount of storage can fit within a 1U, processing power has no limits, and some models even allow up to two PCI-Express cards. Modern computer hardware uses much less power than it ever has in the past, which means less heat generation. Some 1U servers to still produce some acoustic noise, but is nowhere near the level of needing earmuffs like the old days. The only reason to go up in size is for additional expansion options.\r\n2U models allow for multiple "low-profile" PCI-Express cards while keeping a compact form factor and also providing some additional storage space. If the plan is to use multiple full height cards, then 3U or 4U servers should be the focus. The 4U models are very popular and offer flexible options. The 3U models do have limitations on expansion card compatibility and are really only for situations where rack space needs to be absolutely optimized (14x3U servers or 10x4U servers can fit in a 42u rack).","materialsDescription":"<span style=\"font-weight: bold;\">What is a ‘rack unit’?</span>\r\nA rack unit is the designated unit of measurement used when describing or quantifying the vertical space you have available in any equipment rack. One unit is equal to 1.75 inches, or 4.45 centimeters. Any equipment that has the ability to be mounted onto a rack is generally designed in a standard size to fit into many different server rack heights. It’s actually been standardized by the Electronic Industries Alliance (EIA). The most common heights are between 8U to 50U, but customization is also a viable option if you’re working with nonstandard sizes.\r\n<span style=\"font-weight: bold;\">Are there any specific ventilation requirements with server racks?</span>\r\nOver 65% of IT equipment failures are directly attributed to inadequate, poorly maintained, or failed air conditioning in the server room. So yes, proper ventilation is a critical part of maintaining any data center. Some cabinet manufacturers construct side panel ventilation instead of front and back ventilation, but experts say it’s inadequate for rack mount servers. This can be especially dangerous if more than one cabinet is being set up at once. The importance of proper ventilation should not be taken lightly, and you should always opt for front to back ventilation except in network applications where the IT equipment exhausts out the side.\r\n<span style=\"font-weight: bold;\">What is meant by ‘server rack depth’?</span>\r\nServer rack depth is a critical aspect of the ventilation process. Connectworld.net says, “Server cabinet depth is important not only because it has to allow room for the depth of the particular equipment to be rack-mounted (deep servers vs. routers or switches), but also it has to allow sufficient room for cables, PDU’s as well as airflow.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Rack_Server.png","alias":"rack-server"},"441":{"id":441,"title":"Pen Tablets","description":" A graphics tablet (also known as a digitizer, drawing tablet, drawing pad, digital drawing tablet, pen tablet, or digital art board) is a computer input device that enables a user to hand-draw images, animations and graphics, with a special pen-like stylus, similar to the way a person draws images with a pencil and paper. These tablets may also be used to capture data or handwritten signatures. It can also be used to trace an image from a piece of paper which is taped or otherwise secured to the tablet surface. Capturing data in this way, by tracing or entering the corners of linear poly-lines or shapes, is called digitizing.\r\nThe device consists of a flat surface upon which the user may "draw" or trace an image using the attached stylus, a pen-like drawing apparatus. The image is displayed on the computer monitor, though some graphic tablets now also incorporate an LCD screen for a more realistic or natural experience and usability.\r\nSome tablets are intended as a replacement for the computer mouse as the primary pointing and navigation device for desktop computers.\r\nGraphic tablets, because of their stylus-based interface and ability to detect some or all of pressure, tilt, and other attributes of the stylus and its interaction with the tablet, are widely considered to offer a very natural way to create computer graphics, especially two-dimensional computer graphics. Indeed, many graphic packages can make use of the pressure (and, sometimes, stylus tilt or rotation) information generated by a tablet, by modifying the brush size, shape, opacity, color, or other attributes based on data received from the graphic tablet.\r\nIn East Asia, graphic tablets, known as "pen tablets", are widely used in conjunction with input-method editor software (IMEs) to write Chinese, Japanese, and Korean characters (CJK). The technology is popular and inexpensive and offers a method for interacting with the computer in a more natural way than typing on the keyboard, with the pen tablet supplanting the role of the computer mouse. Uptake of handwriting recognition among users who use alphabetic scripts has been slower.\r\nGraphic tablets are commonly used in the artistic world. Using a pen-like stylus on a graphic tablet combined with a graphics-editing program, such as Illustrator or Photoshop by Adobe Systems, or CorelDraw, gives artists a lot of precision when creating digital drawings or artwork. Photographers can also find working with a graphic tablet during their post processing can really speed up tasks like creating a detailed layer mask or dodging and burning.\r\nEducators make use of tablets in classrooms to project handwritten notes or lessons and to allow students to do the same, as well as providing feedback on student work submitted electronically. Online teachers may also use a tablet for marking student work, or for live tutorials or lessons, especially where complex visual information or mathematical equations are required. Students are also increasingly using them as note-taking devices, especially during university lectures while following along with the lecturer.\r\nTablets are also popular for technical drawings and CAD, as one can typically put a piece of paper on them without interfering with their function.\r\nFinally, tablets are gaining popularity as a replacement for the computer mouse as a pointing device. They can feel more intuitive to some users than a mouse, as the position of a pen on a tablet typically corresponds to the location of the pointer on the GUI shown on the computer screen. Those artists using a pen for graphic work will as a matter of convenience use a tablet and pen for standard computer operations rather than put down the pen and find a mouse. A popular game osu! allows utilizing a tablet as a way of playing.\r\nGraphic tablets are available in various sizes and price ranges; A6-sized tablets being relatively inexpensive and A3-sized tablets far more expensive. Modern tablets usually connect to the computer via a USB or HDMI interface. ","materialsDescription":" <span style=\"font-weight: bold;\">What is a pen tablet?</span>\r\nAlso called a drawing tablet or a pen tablet, a graphics tablet is a natural input device that converts information from a handheld stylus. The user uses the stylus like a pen, pencil, or paintbrush, pressing its tip on the tablet surface. The device can also be used in the replacement of a computer mouse.\r\n<span style=\"font-weight: bold;\">Who uses graphics tablets?</span>\r\n<ul><li>Architects and Engineers;</li><li>Artists;</li><li>Cartoonist;</li><li>Fashion designers;</li><li>Graphic designers;</li><li>Illustrators;</li><li>Photographers;</li><li>Teachers.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Pen_Tablets.png","alias":"pen-tablets"},"443":{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png","alias":"application-delivery-controller-load-balancer-appliance"},"447":{"id":447,"title":"Corporate Telephony","description":" Corporate telephony is the complexes and networks within corporate communications, usually created for geographically distributed enterprises, providing communication, single address space and a single service. Converging telephony is actively used when building the telephone network.\r\nWhen creating corporate telephony, the following tasks are solved:\r\n<ul><li>Improving the security of information transmitted over communication channels</li><li>Reducing telephone costs</li><li>Simplified operation</li><li>Improving communication reliability</li><li>Improving communication quality</li></ul>\r\nConvergent telephony involves the use of both traditional and IP-telephony. IP-telephony has a high-quality voice transmission, which confirms a very large number of successfully installed telephony systems around the world.","materialsDescription":" <span style=\"font-weight: bold; \">What is corporate IP telephony software?</span>\r\nThe corporate telephony market is evolving from a focus on innovation in proprietary hardware to use of commodity hardware and standards-based software. While most telephony solutions are Internet Protocol (IP)-enabled or IP-PBX solutions, the associated endpoints are a mix of time division multiplexing (TDM) and IP. Corporate telephony platforms focus on high-availability, scalable solutions, which support Session Initiation Protocol (SIP), desktop and soft phone functionality, and the ability to integrate with enterprise IT applications while delivering toll-grade voice quality.\r\n<span style=\"font-weight: bold; \">What is a Call Center?</span>\r\nCall Center (Call Center) is a set of specialized automatic call distribution software that provides efficient routing and optimal selection of resources that increase the productivity of operators and the contact center as a whole. In a call center, a client can get online help, place an order, leave a message, etc.\r\nThe composition:\r\n<ul><li>The telephone platform + automatic call router (ACD)</li><li>The camera room</li><li>The interactive Voice Response System</li><li>The reporting system</li><li>Multimedia client interaction systems</li><li>Recording Systems (Nice, Verint)</li><li>The fax Server (Smartphone)</li><li>The management software</li></ul>\r\nBenefits from the implementation of call centers:\r\n<ul><li>Operational processing of a large number of incoming calls with a minimum number of operators</li><li>Improving the quality of customer service by operators</li><li>Control over the activities of operators</li><li>Automating the process of providing standard background information.</li></ul>\r\n<span style=\"font-weight: bold;\">What are DECT Microcellular Communication Systems?</span>\r\nRecently, more and more users have preferred the use of microcellular DECT-systems for organizing wireless communications in an enterprise, office or institution. The standard is based on digital radio transmission of data between radio base stations and radiotelephones using time division multiple access technologies.\r\nThis technology provides the most efficient use of the radio frequency spectrum, has high noise immunity and low transmitter radiation.\r\nThe introduction of DECT-systems will give the company a number of advantages:\r\n<ul><li>Increased mobility and accessibility of staff for communication interaction.</li><li>Ensuring a high degree of protection of telephone conversations (inability to listen).</li><li>Providing high-quality corporate communications.</li><li>No need for permission to use frequencies.</li><li>Ability to organize an autonomous telephone network in the office. there are no restrictions on the distance to locate base stations within the corporate network (including in any remote branches, warehouses, etc., as a result of which the need to install separate PBX systems in remote offices).</li><li>Reducing the cost of building a corporate IT infrastructure by reducing the total number of cables.</li></ul>\r\nThis type of communication is safe for the health of employees. DECT uses the frequency range of 1880-1900 MHz and has an extremely low radiation power - 10 MW.\r\nThen choosing a DECT microcellular system, there are the following limitations:\r\n<ul><li>The maximum number of base stations in the system (it is important if you need stable radio communication in large areas).</li><li>The maximum number of mobile DECT handsets in the system (it is important when planning the organization of a communication system in a company based primarily on the wireless principle).</li><li>The number of simultaneous calls supported by each base station (important when using a large number of mobile subscribers in a limited space).</li></ul>\r\nA qualified team of the System Project company will implement for your organization projects of telephony deployment based on DECT-systems in an enterprise, office or institution.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Corporate_Telephony.png","alias":"corporate-telephony"},"449":{"id":449,"title":"Digital Press","description":" Digital printing refers to methods of printing from a digital-based image directly to a variety of media. It usually refers to professional printing where small-run jobs from desktop publishing and other digital sources are printed using large-format and/or high-volume laser or inkjet printers. Digital printing has a higher cost per page than more traditional offset printing methods, but this price is usually offset by avoiding the cost of all the technical steps required to make printing plates. It also allows for on-demand printing, short turnaround time, and even a modification of the image (variable data) used for each impression. The savings in labor and the ever-increasing capability of digital presses means that digital printing is reaching the point where it can match or supersede offset printing technology's ability to produce larger print runs of several thousand sheets at a low price.\r\nThe greatest difference between digital printing and traditional methods such as lithography, flexography, gravure, or letterpress is that there is no need to replace printing plates in digital printing, whereas in analog printing the plates are repeatedly replaced. This results in quicker turnaround time and lower cost when using digital printing, but typically a loss of some fine-image detail by most commercial digital printing processes. The most popular methods include inkjet or laser printers that deposit pigment or toner onto a wide variety of substrates including paper, photo paper, canvas, glass, metal, marble, and other substances.\r\nIn many of the processes, the ink or toner does not permeate the substrate, as does conventional ink, but forms a thin layer on the surface that may be additionally adhered to the substrate by using a fuser fluid with heat process (toner) or UV curing process.","materialsDescription":"<span style=\"font-weight: bold; \">What is digital printing?</span>\r\nDigital printing is a modern method of production that makes prints from electronic files. It involves your artwork being created on a computer and then printed directly onto the material of your choice. Digital printing is an alternative to traditional methods such as lithography, flexography, gravure, letter press, and others – it eliminates many of the mechanical steps required for conventional printing, such as making films and color proofs, manually stripping the pieces together, and making plates.\r\n<span style=\"font-weight: bold; \">How it works?</span>\r\nWith the method of digital printing, an image is sent directly to the printer using digital files in PDF, TIFF, PSD or other formats. Digital printing is best used for items that require high amounts of detail and smaller quantity orders. Unlike conventional printing, there are no pre-press stages between the digital document files and the final product; there is also no need for messy formatting equipment like film plates or photo chemicals.\r\nDigital prints should come out perfectly when the following stages of production are done accurately.\r\n<ul><li>The file is prepared with a clean and sharp image in a high enough resolution for the print’s size requirements.</li><li>Crop marks and bleed are added as needed. Crop marks are lines on the corner of the print job. After trimming the bleed, crop marks ensure that no unprinted edges occur in the final trimmed document.</li><li>The next stage is imposition – ensuring that as much of the area of the paper as possible is used for the print in order to make the job efficient and cut down on paper waste.</li><li>Before being sent to the printer, your electronic document file (the image or text that you are printing) will need to be converted to a BMP, TIFF, GIF, or JPEG file format. These are known as raster image files or bitmaps. Depending on the software used, PDF files can also be used to print from.</li></ul>\r\n<span style=\"font-weight: bold; \">Why Digital Printing?</span>\r\nDigital printing is a new paradigm for the industry. It provides more choices, features and flexibility than older methods such as offset or flexographic printing. Today, we expect printed materials to be accurate and up to date – clients need printers to be able to produce cost effective, high quality, short run color printing in the fastest possible time frame. However, it is not always easy to decide which process will best suit your job, so before you choose how to print your design, there are a few things you should consider. Below is a guide to help you understand the advantages of digital printing.\r\n<span style=\"font-weight: bold;\">What are the benefits of digital printing?</span>\r\n<span style=\"font-weight: bold;\">High Quality:</span> This offers impressive quality and consistency over the other options. The colors show up perfectly on the prints and there are no issues with harsh lines. With digital printing, the quality of the last card, brochure or flyer in a batch is same as that of the first.\r\n<span style=\"font-weight: bold;\">Timeliness:</span> There are fewer steps in the printing process, and as a result, the final product can be delivered quicker.\r\n<span style=\"font-weight: bold;\">Cost Effective:</span> Because printing plates are not required, there is less investment involved to set up a single job.\r\n<span style=\"font-weight: bold;\">Short Runs:</span> Digital printing is the ideal method of producing short to medium print runs compared to traditional methods.\r\n<span style=\"font-weight: bold;\">Customization:</span> Digital printing provides the most affordable solution to customize marketing materials, direct mail pieces and letters, business cards, and more.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Digital_Press.png","alias":"digital-press"},"451":{"id":451,"title":"Printers and All-in-Ones","description":" An MFP (multi-function product/printer/peripheral), multi-functional, all-in-one (AIO), or multi-function device (MFD), is an office machine which incorporates the functionality of multiple devices in one, so as to have a smaller footprint in a home or small business setting (the SOHO market segment), or to provide centralized document management/distribution/production in a large-office setting. A typical MFP may act as a combination of some or all of the following devices: email, fax, photocopier, printer, scanner.\r\nMFP manufacturers traditionally divided MFPs into various segments. The segments roughly divided the MFPs according to their speed in pages-per-minute (ppm) and duty-cycle/robustness. However, many manufacturers are beginning to avoid the segment definition for their products, as speed and basic functionality alone do not always differentiate the many features that the devices include. Two-color MFPs of a similar speed may end in the same segment, despite having potentially very different feature-sets, and therefore very different prices. From a marketing perspective, the manufacturer of the more expensive MFP would want to differentiate their product as much as possible to justify the price difference, and therefore avoids the segment definition.\r\nMany MFP types, regardless of the category they fall into, also come in a "printer only" variety, which is the same model without the scanner unit included. This can even occur with devices where the scanner unit physically appears highly integrated into the product.\r\nAs of 2013, almost all printer manufacturers offer multifunction printers. They are designed for home, small business, enterprise, and commercial use. Naturally, the cost, usability, robustness, throughput, output quality, etc. all vary with the various use cases. However, they all generally do the same functions; Print, Scan, Fax, and Photocopy. In the commercial/enterprise area, most MFP has used laser-printer technology, while the personal, SOHO environments, utilize inkjet methods. Typically, inkjet printers have struggled with delivering the performance and color-saturation demanded by enterprise/large business use. However, HP has recently launched a business-grade MFP using inkjet technology.\r\nIn any case, instead of rigidly defined segments based on speed, more general definitions based on the intended target audience and capabilities are becoming much more common as of 2013. While the sector lacks formal definitions, it is commonly agreed amongst MFP manufacturers that the products fall roughly into the following categories: all-in-one, SOHO MFP, office MFP, production printing MFP.","materialsDescription":" <span style=\"font-weight: bold; \">What is a multifunction printer?</span>\r\nA multifunction printer (MFP) is a device that consolidates the functionality of a printer, copier, scanner and/or fax into one machine. Multifunction printers are a common choice for budget-minded businesses that want to consolidate assets, reduce costs and improve workflow. As you move to more digital workflows, take a look at our list of multifunction printers specifically recommended for scanning documents.\r\n<span style=\"font-weight: bold; \">Multifunction Printer Evaluation Considerations</span>\r\nTo make an informed decision about what multifunction printer is right for you, you need to ask the right questions. Here are the 10 things you must know before you buy a multifunction printer.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">1. Know your requirements.</span></span>\r\nUnderstand what you need the multifunction printer to do for you and your end users. Beyond printing and copying, how do you want to use the multifunction printer to help manage documents, reduce paper, simplify workflow, scan to the cloud, work remotely, etc.? How many copy, print, fax, scan and email jobs will you run each day? How many users will share the device? Will you need it to be color capable? Wireless? Mobile- and cloud-connected? There are a number of requirements to consider.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">2. Know the total cost of ownership (TCO) and cost/value benefits.</span></span>\r\nWhen evaluating a multifunction printer, beware of looking only at the cost of the initial hardware. There are a number of other factors to consider, including the cost of supplies. Once ink costs are taken into consideration, inkjet multifunction printers, initially perceived as being low-cost, often turn out to have an equivalent or higher TCO than the better-performing laser multifunction printers. TCO can also increase significantly for devices that are hard to use and maintain, unreliable, or lack the features and capability to efficiently and effectively produce the results you need.\r\nYour multifunction printer can become a useful asset in managing and controlling costs for printing and imaging, and can also add new capabilities to your organization if you choose wisely. Consider how multifunction printers can address total cost of ownership for printing and imaging assets, better consolidate and improve management of resources across the organization, and improve business process efficiency.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">3. Know what third parties have to say.</span></span>\r\nCompare the data on the actual performance and management and support issues promoted on the vendor's specification sheets with data from independent testing agencies. What are experienced people in the industry saying about the quality and performance of the product you are considering?\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">4. Know how easy it is to connect to an existing network.</span></span>\r\nConsider how easily the multifunction printer system will integrate with your existing network. Is it easy to deploy? Does it require minimal start-up training? Does it come with software or wizards to guide you through installation, troubleshooting and upgrading?\r\nIf your workgroup needs to print from multiple, distributed devices (smartphones, tablets, laptops, etc.) to one easily accessible location, then consider buying a wireless, or WiFi, multifunction printer. WiFi multifunction printers connect to a network without needing to be hard-wired or cabled into that network. This enables easy mobile printing, without unsightly cords to trip over.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">5. Know how easy it is to use.</span></span>\r\nPrevent bottlenecks and costly employee downtime by finding a multifunction printer that's easy to operate. Check for intuitive user interfaces, minimal training requirements, and easily accessible online help and documentation. If you do need support, check that the product is backed by manufacturer-provided service and support coverage.\r\nTablet-like interfaces make the newest-generation multifunction printers especially easy to use. They let you touch, swipe, pinch and scroll just like you would on a smartphone or tablet. And with apps integrated into the interface, you can add, delete or swap tools for your own customized workflows.\r\nMobile- and cloud-connected multifunction printers make it easy to work from just about anywhere. On these MFPs, apps become your shortcut for downloading, sharing, printing, scanning, distributing -- even translating -- documents on the go.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">6. Know its multitasking abilities.</span></span>\r\nLook for a multifunction printer that can truly multifunction. Can users access each function they need, even if other functions are already in use? Be aware that some products, such as All-in-Ones (AiOs), offer multiple functions all in one device, but may not multitask simultaneously. If they cannot deliver all the functions of a multifunction printer concurrently, then you may risk downtime due to bottlenecks.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">7. Know its bi-directional communication capabilities.</span></span>\r\nA failure to communicate timely and accurate information to users and IT administrators on the status of jobs, queues, and devices will result in more intervention by you and your staff to solve, prevent or anticipate problems. Solid bi-directional communication, both at the multifunction printer and across the network is essential to keeping a product running consistently. Look for print job and device status capabilities from the desktop and the ability to view all job queues at the device and across the network.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">8. Know the available device management, remote intelligence and support.</span></span>\r\nConsider the vendor's commitment to providing robust device and fleet management tools and utilities. This is something you may want now or in the future. Look for device relationship management software that optimizes the multifunction printer’s availability and uptime. Does the vendor provide superior response time and provide consistent quality of service? You want to trust your multifunction printer will stay up and running to ensure you have an efficient and productive office.\r\nThe more sophisticated multifunction printers let you not only manage fleets, but also information. With the right tools built in, such as integration with Managed Print Services, your MFP becomes the hub of your document environment. It can automate business processes, optimize device management remotely, and assist your help desk with built-in tools. An app-connected interface opens a gateway of future possibilities for device, and document, management as well.\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">9. Know whether it provides the level of security and confidentiality you need.</span></span>\r\nDoes the device offer the appropriate level of security for your business? Is it scalable to provide more security if your needs change?\r\nLeft unchecked, multifunction printers can be vulnerable entry points for data breaches or malicious attacks. The best way to keep your data secure is to choose multifunction printers that exceed industry standards for intrusion prevention, device detection and data encryption. Also look for multifunction printer manufacturers who partner with information technology security experts, such as McAfee and Cisco.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">10. Know what software and solutions are available.</span></span>\r\nUnderstand what compatible software and solutions are available from the vendor, as well as their solution partners.\r\nMultifunction printers can help you streamline duplicate and cumbersome document processes and electronically organize, edit and archive your paper documents. With a multifunction printer and a simple software application, you can turn paper documents into electronic formats and send them to multiple destinations - email, cloud-based document repositories, network folders, remote printers, back-office automation systems, etc. - with a single scan.\r\nApp-enabled multifunction printers take these processes a step further. They put functions and workflows into an easy, app interface like what you see on your mobile phone or tablet. They let you print from or scan to the cloud, and connect smartphones to WiFi MFPs so you can work from anywhere, anytime.\r\nOnce you're armed with the knowledge you've gathered by asking these questions, you'll be prepared to make the right decision for your business.\r\n\r\nMultifunction printers can help you streamline duplicate and cumbersome document processes and electronically organize, edit and archive your paper documents. With an multifunction printer and a simple software application you can turn paper documents into electronic format and send to multiple destinations - email, document repositories, network folders, even remote printers - with a single scan.\r\nOnce you're armed with the knowledge you've gathered by asking these questions, you'll be prepared to make the right decision for your business.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Printers_and_All_in_Ones.png","alias":"printers-and-all-in-ones"},"453":{"id":453,"title":"Desktop PC","description":" A desktop computer is a personal computer designed for regular use at a single location on or near a desk or table due to its size and power requirements. The most common configuration has a case that houses the power supply, motherboard (a printed circuit board with a microprocessor as the central processing unit (CPU), memory, bus, and other electronic components), disk storage (usually one or more hard disk drives, solid state drives, optical disc drives, and in early models a floppy disk drive); a keyboard and mouse for input; and a computer monitor, speakers, and, often, a printer for output. The case may be oriented horizontally or vertically and placed either underneath, beside, or on top of a desk.\r\nDesktop computers are designed to work at the table. Usually, they are bigger and more powerful than other types of personal computers. Desktop computers are made up of individual components. The main component is called the system unit - usually, it is a rectangular case that is on or under the table. Other components, such as the monitor, mouse and keyboard, are connected to the system unit.\r\nAs a rule, all additional external devices are connected to the PC system unit using special connectors. Their main part is located on its rear wall. Some, the most popular ones, are brought to the front, for example, USB connectors and audio outputs. The system unit itself consists of internal devices, called components.","materialsDescription":" Main components of the desktop system unit:\r\n<ul><li><span style=\"font-weight: bold;\">A CPU</span> is the main information processing and computer control device.</li><li><span style=\"font-weight: bold;\">A video card</span> is a device for processing two-dimensional and three-dimensional graphics, as well as displaying an image on a monitor (screen).</li><li><span style=\"font-weight: bold;\">RAM</span> - used for short-term storage of data during operation of the computer. When it is turned off, the information recorded in the RAM disappears.</li><li><span style=\"font-weight: bold;\">A storage device (hard disk)</span> - used as the primary means for storing all user data and programs. Its capacity is much more than the amount of RAM, however, the speed of reading and writing information is less than when working with RAM.</li><li><span style=\"font-weight: bold;\">A motherboard</span> is a complex device that combines all the components of a personal computer and ensures their well-coordinated work.</li><li><span style=\"font-weight: bold;\">An optical drive</span> - a device for reading and writing information on optical CDs, DVDs and Blue-ray discs.</li><li><span style=\"font-weight: bold;\">A case</span> - protects all components from harmful external influences (for example, moisture) and gives an aesthetic look to your computer.</li><li><span style=\"font-weight: bold;\">A power supply unit</span> converts the alternating current of ordinary electric networks of high voltage (220 Volt) into direct current of low voltage (12 V, 5 V and 3 V), required for powering computer components.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Desktop_PC.png","alias":"desktop-pc"},"455":{"id":455,"title":"Portable PC","description":" A portable computer is a computer designed to be easily moved from one place to another and included a display and keyboard. The first commercially sold portable was the 50 pound IBM 5100, introduced 1975. The next major portables were Osborne's 24 pound CP/M-based Osborne 1 (1981) and Compaq's 28 pound 100% IBM PC compatible Compaq Portable (1983). These "luggable" computers lacked the next technological development, not requiring an external power source; that feature was introduced by the laptop. Laptops were followed by lighter models, so that in the 2000's mobile devices and by 2007 smartphones made the term almost meaningless. The 2010's introduced wearable computers such as smartwatches.\r\nPortable computers, by their nature, are generally microcomputers. Larger portable computers were commonly known as 'Lunchbox' or 'Luggable' computers. They are also called 'Portable Workstations' or 'Portable PCs'. In Japan they were often called 'Bentocom'. (ベントコン, Bentokon) from "bento".\r\nPortable computers, more narrowly defined, are distinct from desktop replacement computers in that they usually were constructed from full-specification desktop components, and often do not incorporate features associated with laptops or mobile devices. A portable computer in this usage, versus a laptop or other mobile computing device, have a standard motherboard or backplane providing plug-in slots for add-in cards. This allows mission specific cards such as test, A/D, or communication protocol (IEEE-488, 1553) to be installed. Portable computers also provide for more disk storage by using standard disk drives and provide for multiple drives.\r\nPortable computers have been increasing in popularity over the past decade, as they do not restrict the user's mobility as a desktop computer does, and do not restrict the computer power and storage available as a laptop computer does. Wireless access to the Internet, extended battery life, and more elaborate cases permitting multiple screens and even significant RAID capacity, have contributed.","materialsDescription":"<span style=\"font-weight: bold; \">What does Portable Computer mean?</span>\r\nA Portable computer is a computer that comes with a keyboard and display and one which can be easily relocated or transported, although less convenient compared to a notebook.\r\nThey have lower specifications and are not well suited for full-time usage as they are less ergonomic. However, they take less space than desktop computers and come with most features found on a desktop. \r\n<span style=\"font-weight: bold; \">What are the advantages of portable PC?</span>\r\nAdvantages of a portable computer:\r\n<ul><li>Compared to other mobile computing device or laptop, portable computer makes use of standard motherboards and also provide plug in slots for add in cards.</li><li>Portability and flexibility to use is a definite advantage for portable computer over desktop computers.</li><li>Portable computers use less space than desktop computers and are smaller in size.</li><li>Compared to a desktop computer, the power consumed is less in case of portable computer and can help in power and cost savings.</li><li>Compared to desktop computers, immediacy is more pronounced in the case of portable computers.</li></ul>\r\n<span style=\"font-weight: bold;\">What are the disadvantages of portable PC?</span>\r\nDisadvantages of a portable computer:\r\n<ul><li>They have a lower specification than most desktop systems.</li><li>They are less ergonomic and are less suited for full-time usage in most of the cases.</li><li>Expansion is tough and any repair could prove costly.</li><li>Most of portable computers are not upgradeable.</li><li>Compared to desktop systems, they are less reliable mostly due to overheating problems and often run slower.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Portrable_PC.png","alias":"portable-pc"},"459":{"id":459,"title":"Monitor","description":" A computer monitor is an output device that displays information in pictorial form. A monitor usually comprises the display device, circuitry, casing, and power supply. The display device in modern monitors is typically a thin film transistor liquid crystal display (TFT-LCD) with LED backlighting having replaced cold-cathode fluorescent lamp (CCFL) backlighting. Older monitors used a cathode ray tube (CRT). Monitors are connected to the computer via VGA, Digital Visual Interface (DVI), HDMI, DisplayPort, Thunderbolt, low-voltage differential signaling (LVDS) or other proprietary connectors and signals.\r\nOriginally, computer monitors were used for data processing while television sets were used for entertainment. From the 1980s onwards, computers (and their monitors) have been used for both data processing and entertainment, while televisions have implemented some computer functionality. The common aspect ratio of televisions, and computer monitors, has changed from 4:3 to 16:10, to 16:9.\r\nModern computer monitors are easily interchangeable with conventional television sets. However, as computer monitors do not necessarily include integrated speakers, it may not be possible to use a computer monitor without external components.","materialsDescription":" <span style=\"font-weight: bold; \">What is an LCD monitor (TFT)?</span>\r\nLiquid crystal monitor (also Liquid crystal display, LCD monitor, flat indicator) - a flat monitor based on liquid crystals.\r\nLCD TFT is one of the names of the liquid crystal display, which uses an active matrix controlled by thin-film transistors. The TFT amplifier for each subpixel is used to increase the speed, contrast and clarity of the display image.\r\n<span style=\"font-weight: bold; \">How does an LCD monitor work?</span>\r\nEach pixel of the LCD display consists of a layer of molecules between two transparent electrodes, and two polarizing filters, the polarization planes of which (as a rule) are perpendicular. In the absence of liquid crystals, the light transmitted by the first filter is almost completely blocked by the second.\r\nThe surface of the electrodes in contact with liquid crystals is specially processed for the initial orientation of the molecules in one direction. In the TN matrix, these directions are mutually perpendicular, therefore, the molecules line up in a helical structure in the absence of voltage. This structure refracts the light in such a way that, before the second filter, the plane of its polarization rotates, and light passes through it already without loss. Except for the absorption by the first filter of half of the unpolarized light, the cell can be considered transparent. If voltage is applied to the electrodes, the molecules tend to line up in the direction of the field, which distorts the helical structure. In this case, the elastic forces counteract this, and when the voltage is turned off, the molecules return to their original position. With a sufficient field value, almost all molecules become parallel, which leads to the opacity of the structure. By varying the voltage, you can control the degree of transparency. If a constant voltage is applied for a long time, the liquid crystal structure may degrade due to ion migration. To solve this problem, an alternating current is applied, or a change in the field polarity at each addressing of the cell (the opacity of the structure does not depend on the field polarity). In the entire matrix, each of the cells can be controlled individually, but with an increase in their number this becomes difficult to accomplish, as the number of required electrodes increases. Therefore, row and column addressing is used almost everywhere. The light passing through the cells can be natural - reflected from the substrate (in LCD displays without backlight). But more often an artificial light source is used, in addition to independence from external lighting, this also stabilizes the properties of the resulting image. Thus, a full-fledged LCD monitor consists of electronics that process the input video signal, LCD matrix, backlight module, power supply and housing. It is the combination of these components that determines the properties of the monitor as a whole, although some characteristics are more important than others.\r\n<span style=\"font-weight: bold;\">What are the most important features of LCD monitors?</span>\r\n<ul><li><span style=\"font-style: italic;\">Resolution:</span> The horizontal and vertical sizes, expressed in pixels. Unlike CRT monitors, LCDs have one, “native”, physical resolution, the rest is achieved by interpolation.</li><li><span style=\"font-style: italic;\">Point Size:</span> The distance between the centers of adjacent pixels. Directly related to the physical resolution.</li><li><span style=\"font-style: italic;\">Aspect ratio:</span> The ratio of width to height, for example: 5: 4, 4: 3, 5: 3, 8: 5, 16: 9, 16:10.</li><li><span style=\"font-style: italic;\">Visible diagonal:</span> the size of the panel itself, measured diagonally. The display area also depends on the format: a monitor with a 4: 3 format has a larger area than with a 16: 9 format with the same diagonal.</li><li><span style=\"font-style: italic;\">Contrast:</span> the ratio of the brightness of the lightest and darkest points. Some monitors use an adaptive backlight level; the contrast figure given for them does not apply to image contrast.</li><li><span style=\"font-style: italic;\">Brightness:</span> The amount of light emitted by the display is usually measured in candelas per square meter.</li><li><span style=\"font-style: italic;\">Response Time:</span> The minimum time a pixel needs to change its brightness. The measurement methods are ambiguous.</li><li><span style=\"font-style: italic;\">Viewing angle:</span> the angle at which the contrast drop reaches the set one is considered different for different types of matrices and by different manufacturers, and often can not be compared.</li><li><span style=\"font-style: italic;\">Matrix type:</span> LCD technology.</li><li><span style=\"font-style: italic;\">Inputs:</span> (e.g. DVI, D-Sub, HDMI, etc.).</li></ul>\r\n<span style=\"font-weight: bold;\">What are the technologies for LCD monitors?</span>\r\nLCD monitors were developed in 1963 at the David Sarnoff Research Center at RCA, Princeton, New Jersey.\r\nThe main technologies in the manufacture of LCD displays: TN + film, IPS and MVA. These technologies differ in the geometry of the surfaces, the polymer, the control plate, and the front electrode. Of great importance are the purity and type of polymer with the properties of liquid crystals, used in specific developments.\r\nThe response time of LCD monitors designed using SXRD technology (English Silicon X-tal Reflective Display - silicon reflective liquid crystal matrix) is reduced to 5 ms. Sony, Sharp, and Philips have jointly developed PALC technology (Plasma Addressed Liquid Crystal - Plasma Control of Liquid Crystals), which combines the advantages of LCD (brightness and color richness, contrast) and plasma panels (large viewing angles, H, and vertical, V, high refresh rate). These displays use gas-discharge plasma cells as a brightness controller, and an LCD matrix is used for color filtering. PALC technology allows you to address each pixel of the display individually, which means unsurpassed controllability and image quality.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Monitor.png","alias":"monitor"},"461":{"id":461,"title":"Data Diode","description":"A unidirectional network (also referred to as a unidirectional gateway or data diode) is a network appliance or device that allows data to travel in only one direction. Data diodes can be found most commonly in high-security environments, such as defense, where they serve as connections between two or more networks of differing security classifications. Given the rise of Industrial IoT and Digitization, this technology can now be found at the industrial control level for such facilities as nuclear power plants, power generation and safety-critical systems like railway networks.<br />After years of development, the use of data diodes has increased, creating two variations:\r\n<ul><li>Data Diode: more often used to refer to the simple hardware version that physically enforces data to flow in only one direction.</li><li>Unidirectional Gateway: Used to describe a more sophisticated device that typically has a computer on both its critical and open side. Unidirectional gateways are a combination of hardware and software. The hardware (data diode) permits data to flow from one network to another but is physically unable to send any information at all back into the source network. The software replicates databases and emulates protocol servers and devices, enabling compatibility with existing network protocols, allowing organizations to gain their benefits without changes to their existing systems.</li></ul>\r\nOnce only commonly found in high-security military environments, unidirectional gateways are now becoming widely spread in sectors like Oil & Gas, water/wastewater, airplanes (between flight control units and in-flight entertainment systems), manufacturing and cloud connectivity for Industrial IoT primarily as a result of new regulations, increased demand and big industrial powerhouses. These industries/sectors and betting on this technology, which has had the effect of lowering the technology's core cost.","materialsDescription":"<span style=\"font-weight: bold;\">What Is Data Diode Technology & How Does It Work?</span>\r\nToday's business environment is increasingly digital and more vulnerable than ever to a cyber attack. Because of this, various network security technologies have been developed to protect organizational data and infrastructures. One of the most effective of these modern technologies is the data diode. Although it is one of the most effective network security tools available, you may not have heard of this technology and know little of what it does. Below, you'll find a description of what data diode technology is and how it works.\r\n<span style=\"font-weight: bold;\">What Is Data Diode Technology?</span>\r\nA data diode is a communication device that enables the safe, one-way transfer of data between segmented networks. Intelligent data diode design maintains physical and electrical separation of source and destination networks, establishing a non-routable, completely closed one-way data transfer protocol between networks. Intelligent data diodes effectively eliminate external points of entry to the sending system, preventing intruders and contagious elements from infiltrating the network. Securing all of a network’s data outflow with data diodes makes it impossible for an insecure or hostile network to pass along malware, access your system, or accidentally make harmful changes.\r\nData diodes allow companies to send process data in real time to information management systems for use in financial, customer service, and management decisions — without compromising the security of your network. This protects valuable information and network infrastructure from theft, destruction, tampering, and human error, mitigating the potential loss of thousands of dollars and countless hours of work.\r\n<span style=\"font-weight: bold;\">How Does Data Diode Technology Work?</span>\r\nA "diode" is an electronic component that only allows current to flow in one direction. Similarly, data diode technology lets information flow safely in only one direction, from secure areas to less secure systems, without permitting reverse access. A data diode also creates a physical barrier or “air gap” between the two points. This one-way connection prevents data leakage, eliminates the threat of malware, and fully protects the process control network. Moreover, a single data diode can handle data transfers from multiple servers or devices simultaneously, without bottlenecking.\r\n<span style=\"font-weight: bold;\">Where is it used?</span>\r\nIt’s typically used to guarantee information security or protection of critical digital systems, such as industrial control systems, from cyber attacks. While the use of these devices is common in high-security environments such as defense, where they serve as connections between two or more networks of differing security classifications, the technology is also being used to enforce one-way communications outbound from critical digital systems to untrusted networks connected to the Internet.\r\nThe physical nature of unidirectional networks only allows data to pass from one side of a network connection to another, and not the other way around. This can be from the "low side" or untrusted network to the "high side" or trusted network or vice versa. In the first case, data in the high side network is kept confidential and users retain access to data from the low side. Such functionality can be attractive if sensitive data is stored on a network which requires connectivity with the Internet: the high side can receive Internet data from the low side, but no data on the high side is accessible to Internet-based intrusion. In the second case, a safety-critical physical system can be made accessible for online monitoring, yet be insulated from all Internet-based attacks that might seek to cause physical damage. In both cases, the connection remains unidirectional even if both the low and the high network are compromised, as the security guarantees are physical in nature.\r\nThere are two general models for using unidirectional network connections. In the classical model, the purpose of the data diode is to prevent the export of classified data from a secure machine while allowing the import of data from an insecure machine. In the alternative model, the diode is used to allow export of data from a protected machine while preventing attacks on that machine.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Diode.png","alias":"data-diode"},"463":{"id":463,"title":"KVM switch","description":" A KVM switch (with KVM being an abbreviation for "keyboard, video and mouse") is a hardware device that allows a user to control multiple computers from one or more sets of keyboards, video monitors, and mice. Although multiple computers are connected to the KVM, typically a smaller number of computers can be controlled at any given time. Modern devices have also added the ability to share other peripherals like USB devices and audio.\r\nBefore the mouse became relevant in server switching applications, the term Keyboard Video Switch (KVS) was used to describe keyboard and monitor switching devices. With the increased adoption of Microsoft Windows, the mouse and other I/O ports in peripheral switching became prevalent. Remigius Shatas, the founder of Cybex (a popular peripheral switch manufacturer at that time) expanded the initialism to Keyboard, Video and Mouse (KVM) in 1995. Some years later, Universal Serial Bus (USB) began to become the new industry standard for connecting computer peripherals.\r\nAs a result of the growing need to switch peripherals (such as touchscreens) in addition to the keyboard, mouse and monitor, some companies are now selling "KVMP" switch devices (standing for keyboard, video, mouse and peripheral).\r\nA KVM Switch is a hardware device, used in data centers, that allows the control of multiple computers from a single keyboard, monitor and mouse (KVM). This switch then allows data center personnel to connect to any server in the rack. A common example of home use is to enable the use of the full-size keyboard, mouse and monitor of the home PC with a portable device such as a laptop, tablet PC or PDA, or a computer using a different operating system.\r\nKVM switches offer different methods of connecting the computers. Depending on the product, the switch may present native connectors on the device where standard keyboard, monitor and mouse cables can be attached. Another method to have a single DB25 or similar connector that aggregated connections at the switch with three independent keyboard, monitor and mouse cables to the computers. Subsequently, these were replaced by a special KVM cable which combined the keyboard, video and mouse cables in a single wrapped extension cable. The advantage of the last approach is in the reduction of the number of cables between the KVM switch and connected computers. The disadvantage is the cost of these cables.\r\nThe method of switching from one computer to another depends on the switch. The original peripheral switches (Rose, circa 1988) used a rotary switch while active electronic switches (Cybex, circa 1990) used push buttons on the KVM device. In both cases, the KVM aligns operation between different computers and the users' keyboard, monitor and mouse (user console).\r\nIn 1992-1993, Cybex Corporation engineered keyboard hot-key commands. Today, most KVMs are controlled through non-invasive hot-key commands (e.g. Ctrl+Ctrl, Scroll Lock+Scroll Lock and the Print Screen keys). Hot-key switching is often complemented with an on-screen display system that displays a list of connected computers.\r\nKVM switches differ in the number of computers that can be connected. Traditional switching configurations range from 2 to 64 possible computers attached to a single device. Enterprise-grade devices interconnected via daisy-chained and/or cascaded methods can support a total of 512 computers equally accessed by any given user console.","materialsDescription":" <span style=\"font-weight: bold; \">What is KVM?</span>\r\nKVM is an abbreviation for Keyboard (keyboard), Video (video) and Mouse (mouse), which connect to computer ports. KVM products connected to various ports transmit or switch computer signals.\r\nConsequently, KVM is a designation of a group of technologies, not special brands or companies.\r\n<span style=\"font-weight: bold; \">What is KVM technology?</span>\r\nThe acronym KVM means keyboard, video, and mouse, and refers to computer ports. KVM equipment connects to these and other ports, from where computer signals expand or switch. In this way, KVM stands for technology, not a brand or a company.\r\n<span style=\"font-weight: bold; \">Who needs KVM?</span>\r\nKVM products can be used by anyone using computers.\r\nKVM products are used for:\r\n<ul><li><span style=\"font-weight: bold; \">Noise reduction.</span> Ability to move computers from radio studios.</li><li><span style=\"font-weight: bold; \">Save space.</span> Ability to move computers from an air traffic control tower.</li><li><span style=\"font-weight: bold; \">Protect computers from damage.</span> The ability to move computers from the test room to a secure server room.</li><li><span style=\"font-weight: bold; \">Create more ergonomic consoles.</span> The ability to avoid heat generation by moving computers.</li><li><span style=\"font-weight: bold; \">Reduce the number of peripherals.</span> Ability to control multiple computers using one monitor, keyboard and mouse.</li><li><span style=\"font-weight: bold; \">Simplification of administration.</span> The ability to facilitate maintenance and administration of computers by moving to a central server room.</li><li><span style=\"font-weight: bold; \">Create flexible working concepts.</span> The ability for users to access the computer (s) from various consoles.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a KVM switch?</span>\r\nThe KVM switch connects several computers that can be controlled from a single console (monitor, keyboard, mouse).\r\nSwitching between computers is carried out through the button on the switch or using hotkeys. Depending on size, KVM switches also support OSD technology for switching between computers.\r\nFor example, Guntermann & Druck offers KVM switches for DVI and VGA signals that allow the user to control from two to 64 computers.\r\n<span style=\"font-weight: bold; \">What is a KVM transmitter?</span>\r\nThe KVM transmitter transmits keyboard, video, and mouse signals to control the computer remotely.\r\nEach KVM transmission system consists of a transmitter and a receiver. The transmitter connects to the computer keyboard, video, and mouse interfaces, while the receiver connects to a remote console. Both devices are connected by one or more cables.\r\nVarious suppliers offer KVM transmitters for DVI and VGA signals, which use CAT cable (“twisted pair”) or optical fiber for transmission. Signals such as audio, RS-232, USB 1.1 or USB 2.0 can also be transmitted.\r\n<span style=\"font-weight: bold; \">What do I need to work with KVM switches?</span>\r\nDifferent KVM switches have different requirements. In most cases, all you need is a KVM switch, the required number of cables to connect all your computers, keyboard, monitor and mouse, and, in fact, the computers themselves. This is the basic configuration; more complex systems may require more components.\r\n<span style=\"font-weight: bold; \">What is a matrix KVM switch?</span>\r\nThe matrix KVM switch combines multiple transmitters and switches in one device.\r\nMultiple consoles can access multiple computers - even over long distances. Systems are mainly divided by the type of video signal transmitted. Matrix KVM switches are available for expanding DVI, VGA and other signal signals.\r\nIn addition, matrix switchers are divided into compact devices (specific device characteristics, such as the G&D CompactCenter) and modular systems (such as the G&D DVICenter).\r\n<span style=\"font-weight: bold; \">Why are some KVM switches so much cheaper than others?</span>\r\nAs with all products, some of them have more options. Certain switches offer equipment sharing via USB, On-Screen Display (OSD), audio support, emulation ports, multi-platform capabilities, built-in converters, and shipped with cables and power supplies. You decide whether you need these options or not.\r\n<span style=\"font-weight: bold; \">What is an OSD?</span>\r\nOSD, short for On-Screen Display, is a graphical representation of computers connected to the KVM switch, allowing you to select the computer you want without pressing the buttons on the KVM switch or using hotkeys. If you have a multi-user switch, this function can also show you which computer each user currently has access to.\r\n<span style=\"font-weight: bold; \">What is a video splitter?</span>\r\nThe video splitter allows you to split the VGA/DVI signal and display it on multiple monitors. This product also has several options. You can send these signals via a CAT5 cable or a standard VGA cable. You also have the option of transferring audio for multimedia applications.\r\n<span style=\"font-weight: bold;\">What is a remote reboot?</span>\r\nRemote reboot allows you to reboot servers from anywhere in the world using the Internet. You can do this with a simple web browser.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_KVM_switch.png","alias":"kvm-switch"},"473":{"id":473,"title":"Projector","description":" A video projector is an image projector that receives a video signal and projects the corresponding image on a projection screen using a lens system. All video projectors use a very bright ultra high pressure mercury lamp, LED or solid state blue, RB, RGB or remote fiber optic RGB lasers to provide the illumination required to project the image, and most modern ones can correct any curves, blurriness, and other inconsistencies through manual settings. If a blue laser is used, a phosphor wheel is used to turn blue light into white light, which is also the case with white LEDs. (White LEDs do not use lasers.) A wheel is used in order to prolong the lifespan of the phosphor, as it is degraded by the heat generated by the laser diode. Remote fiber optic RGB laser racks can be placed far away from the projector, and several racks can be housed in a single, central room. Each projector can use up to 2 racks, and several monochrome lasers are mounted on each rack, the light of which is mixed and transmitted to the projector booth using optical fibers. Projectors using RB lasers use a blue laser with a phosphor wheel in conjuntion with a conventional solid state red laser.\r\nVideo projectors are used for many applications such as conference room presentations, classroom training, home cinema and concerts. In schools and other educational settings, they are sometimes connected to an interactive whiteboard. In the late 20th century they became commonplace in home cinema. Although large LCD television screens became quite popular, video projectors are still common among many home theater enthusiasts.\r\nA video projector, also known as a digital projector, may project onto a traditional reflective projection screen, or it may be built into a cabinet with a translucent rear-projection screen to form a single unified display device.\r\nCommon display resolutions include SVGA (800×600 pixels), XGA (1024×768 pixels), SXGA+ (1400x1050 pixels), 720p (1280×720 pixels), and 1080p (1920×1080 pixels), 4K UHD (3840x2160), as well as 16:10 aspect ratio resolutions including WXGA+ (1280x800 pixels) and WUXGA (1920x1200 pixels).\r\nThe cost of a projector is typically driven by its base technology, features, resolution, and light output. A projector with a higher light output (measured in lumens, “lm”) is required for a larger screen or for a room with a larger amount of ambient light. For example, a light output of approximately 1500 to 2500 ANSI lumens is suitable for small screens viewed in rooms with low ambient light; approximately 2500 to 4000 lm is suitable for medium-sized screens with some ambient light; over 4000 lm is needed for very large screens or for use in rooms with no lighting control such as conference rooms. High brightness large-venue models are increasingly common in Boardrooms, Auditoriums and other high profile spaces, and models up to 30,000 lm are used in large staging applications such as concerts, keynote addresses and displays projected on buildings.\r\nA few camcorders have a built-in projector suitable to make a small projection; a few more powerful "pico projectors" are pocket-sized, and many projectors are portable. ","materialsDescription":" <span style=\"font-weight: bold;\">What's the Difference Between DLP LCD, and LED Projectors?</span>\r\nMainstream projectors use one of several technologies to project an image on a wall or screen. Liquid Crystal Display (LCD) projectors, which have been around for years, use three separate glass panels that separate the color spectrum into red, green, and blue to create an image. The newer digital light processing (DLP) processing integrates Texas Instruments’ DLP chip, which is a reflective surface with thousands of tiny, spinning mirrors, takes the reflected light and puts it through a color wheel to create an image. The smallest projectors, called Pico projectors, use solid-state technology, such as Light Emitting Diodes (LEDs), which are desirable in portable projectors for low power consumption.\r\n<span style=\"font-weight: bold;\">How Much Brightness Do I Need?</span>\r\nBrightness (how much light the projector can produce) is measured in ANSI lumens. The brightness of the room where you’ll be projecting will dictate the lumens you will need. That is, brighter rooms need a projector with higher lumens. For dark rooms, 1000 to 1200 lumens is probably adequate, although professional presenters tend to want 1800 lumens or more. In addition, if you are projecting large images, you’ll want a projector with a higher brightness rating. When choosing your projector, consider your application, the size of your group, the size of your room and the amount of light in the room.\r\n<span style=\"font-weight: bold;\">What Resolution Do I Need?</span>\r\nResolution is the term used to describe the number of pixels, used to display an image. Higher resolutions--more pixels are used to create the image--allow you to display more information on your screen and create a crisper, cleaner image. Today, you’ll see a number of possible resolutions: SVGA (800x600 pixels), XGA (1024x768 pixels) and SXGA (1280x1024 pixels). For standard presentations, 800x600 pixels may be sufficient, but for other uses (such as larger images or advanced presentations) you’ll want a higher resolution, such as 1024x768. The highest resolutions may be needed for presenting detailed AutoCAD drawings or videos.\r\n<span style=\"font-weight: bold;\">What Contrast Ratio Do I Need?</span>\r\nContrast ratio measures how well a projector can reproduce black and white. Although the contrast ratio is not terribly important to those using projectors for still presentations, this measure is more important if you will be projecting video. Currently, there is no industry-standard method for measuring contrast ratio, so this stat may vary between manufacturers. Basically, a higher contrast ratio indicates a greater ability for the projector to show subtle color details and tolerate extraneous room light.\r\n<span style=\"font-weight: bold;\">What Input/Output Options Do I Want?</span>\r\nToday’s projectors offer an array of input and output connectors. A projector with both HDMI and VGA ports lets you connect to many different video sources, including set-top boxes; DVD, HD DVD, and Blu-ray Disc players; camcorders; PCs; video game consoles; and AV receivers. HDMI (High-Definition Multimedia Interface) supports any uncompressed TV or PC video format on a single cable, including standard, enhanced, and high-definition video; up to eight channels of compressed or uncompressed digital audio; a Consumer Electronics Control (CEC) connection; and an Ethernet data connection.\r\n<span style=\"font-weight: bold;\">How Much Should I Worry About Projector Weight?</span>\r\nCommon sense should reign when decided what size projector to buy. Consider whether you will be traveling with your projector and choose accordingly. A hard-sized case with wheels will also ease transport.\r\n<span style=\"font-weight: bold;\">What Is a Normal Warranty?</span>\r\nDepending on the projector brand, warranties do vary. Generally, the projector is covered for a year, with the lamp having a shorter coverage (30 days to six months).\r\n<span style=\"font-weight: bold;\">How Long Will My Lamp Last?</span>\r\nBoth DLP and LCD projectors integrate lamps (light bulbs optimized for use in a projector). Lamp life is measured in hours (example, 2000 or 4000), which for most users will translate to years of use. Over time, the brightness of the lamp may deteriorate. LED projectors, meanwhile, do not use a lamp. The result is that these projectors generate less heat and demand virtually no maintenance. Meanwhile, since LEDs incorporate no lead or mercury, these projectors provide a compelling solution for those seeking a green projector.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Projector.jpg","alias":"projector"},"475":{"id":475,"title":"Network Management - Hardware","description":" Your business is much more than just a machine that dispenses products or services in exchange for money. It’s akin to a living and breathing thing. Just as with the human body, in business, all the parts are interconnected and work together to move things forward.\r\nIf a company’s management is the brain, then its employees are the muscles. Muscles don’t work without the oxygen carried to them by the blood. Blood doesn’t pump through the body without the heart and circulatory system.\r\nData moves through your network like blood through veins, delivering vital information to employees who need it to do their jobs. In a business sense, the digital network is the heart and circulatory system. Without a properly functioning network, the entire business collapses. That’s why keeping networks healthy is vitally important. Just as keeping the heart healthy is critical to living a healthy life, a healthy network is a key to a thriving business. It starts with network management.\r\nNetwork management is hardware with a broad range of functions including activities, methods, procedures and the use of tools to administrate, operate, and reliably maintain computer network systems.\r\nStrictly speaking, network Management does not include terminal equipment (PCs, workstations, printers, etc.). Rather, it concerns the reliability, efficiency and capacity/capabilities of data transfer channels.","materialsDescription":" <span style=\"font-weight: bold;\">What Is Network Management?</span>\r\nNetwork management refers to the processes, tools, and applications used to administer, operate and maintain network infrastructure. Performance management and fault analysis also fall into the category of network management. To put it simply, network management is the process of keeping your network healthy, which keeps your business healthy.\r\n<span style=\"font-weight: bold;\">What Are the Components of Network Management?</span>\r\nThe definition of network management is often broad, as network management involves several different components. Here are some of the terms you’ll often hear when network management or network management software is talked about:\r\n<ul><li>Network administration</li><li>Network maintenance</li><li>Network operation</li><li>Network provisioning</li><li>Network security</li></ul>\r\n<span style=\"font-weight: bold;\">Why Is Network Management so Important When It Comes to Network Infrastructure?</span>\r\nThe whole point of network management is to keep the network infrastructure running smoothly and efficiently. Network management helps you:\r\n<ul><li><span style=\"font-style: italic;\">Avoid costly network disruptions.</span> Network downtime can be very costly. In fact, industry research shows the cost can be up to $5,600 per minute or more than $300K per hour. Network disruptions take more than just a financial toll. They also have a negative impact on customer relationships. Slow and unresponsive corporate networks make it harder for employees to serve customers. And customers who feel underserved could be quick to leave.</li><li><span style=\"font-style: italic;\">Improve IT productivity.</span> By monitoring every aspect of the network, an effective network management system does many jobs at once. This frees up IT staff to focus on other things.</li><li><span style=\"font-style: italic;\">Improve network security.</span> With a focus on network management, it’s easy to identify and respond to threats before they propagate and impact end-users. Network management also aims to ensure regulatory and compliance requirements are met.</li><li><span style=\"font-style: italic;\">Gain a holistic view of network performance.</span> Network management gives you a complete view of how your network is performing. It enables you to identify issues and fix them quickly.</li></ul>\r\n<span style=\"font-weight: bold;\">What Are the Challenges of Maintaining Effective Network Management and Network Infrastructure?</span>\r\nNetwork infrastructures can be complex. Because of that complexity, maintaining effective network management is difficult. Advances in technology and the cloud have increased user expectations for faster network speeds and network availability. On top of that, security threats are becoming ever more advanced, varied and numerous. And if you have a large network, it incorporates several devices, systems, and tools that all need to work together seamlessly. As your network scales and your company grows, new potential points of failure are introduced. Increased costs also come into play.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Management_Hardware__1_.png","alias":"network-management-hardware"},"477":{"id":477,"title":"Cabinet","description":" An electrical enclosure is a cabinet for electrical or electronic equipment to mount switches, knobs and displays and to prevent electrical shock to equipment users and protect the contents from the environment. The enclosure is the only part of the equipment which is seen by users. It may be designed not only for its utilitarian requirements, but also to be pleasing to the eye. Regulations may dictate the features and performance of enclosures for electrical equipment in hazardous areas, such as petrochemical plants or coal mines. Electronic packaging may place many demands on an enclosure for heat dissipation, radio frequency interference and electrostatic discharge protection, as well as functional, esthetic and commercial constraints.\r\nIn the United States, the National Electrical Manufacturers Association (NEMA) publishes NEMA enclosure type standards for the performance of various classes of electrical enclosures. The NEMA standards cover corrosion resistance, ability to protect from rain and submersion, etc.\r\nFor IEC member countries, standard IEC 60529 classifies the ingress protection rating (IP Codes) of enclosures.\r\nElectrical enclosures are usually made from rigid plastics, or metals such as steel, stainless steel, or aluminum. Steel cabinets may be painted or galvanized. Mass-produced equipment will generally have a customized enclosure, but standardized enclosures are made for custom-built or small production runs of equipment. For plastic enclosures ABS is used for indoor applications not in harsh environments. Polycarbonate, glass-reinforced, and fiberglass boxes are used where stronger cabinets are required, and may additionally have a gasket to exclude dust and moisture.\r\nMetal cabinets may meet the conductivity requirements for electrical safety bonding and shielding of enclosed equipment from electromagnetic interference. Non-metallic enclosures may require additional installation steps to ensure metallic conduit systems are properly bonded.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Stainless steel and carbon steel</span></span>\r\nCarbon steel and stainless steel are both used for enclosure construction due to their high durability and corrosion resistance. These materials are also moisture resistant and chemical resistant. They are the strongest of the construction options.\r\nStainless steel enclosures are suited for medical, pharma, and food industry applications since they are bacterial and fungal resistant due to their non-porous quality. Stainless steel enclosures may be specified to permit wash-down cleaning in, for example, food manufacturing areas.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Aluminum</span></span>\r\nAluminum is chosen because of its light weight, relative strength, low cost, and corrosion resistance. It performs well in harsh environments and it is sturdy, capable of withstanding high impact with a high malleable strength. Aluminum also acts as a shield against electromagnetic interference.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Polycarbonate</span></span>\r\nPolycarbonate used for electrical enclosures is strong but light, non-conductive and non-magnetic. It is also resistant to corrosion and some acidic environments; however, it is sensitive to abrasive cleaners. Polycarbonate is the easiest material to modify.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Fiberglass</span></span>\r\nFiberglass enclosures resist chemicals in corrosive applications. The material can be used over all indoor and outdoor temperature ranges. Fiberglass can be installed in environments that are constantly wet.","materialsDescription":" <span style=\"font-weight: bold; \">What is a 19-inch Rack Cabinet?</span>\r\nA 19-inch rack cabinet is a standardized size frame or enclosure for mounting equipment. Each piece of equipment has a front panel that is 19 inches wide. To determine if your rack cabinet is a 19тА│ rack, measure the hole to hole spacing and it will measure 18.31 inches.\r\n<span style=\"font-weight: bold; \">What are the types of rack cabinets available?</span>\r\nThe most common types are:\r\n<ul><li>Rack cabinets or Server Racks</li><li>Open Frame racks - 4post racks</li><li>Relay racks - 2Post racks</li><li>Portable rack cabinets</li><li>Wall Mount enclosures</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rack Unit (U or RU)?</span>\r\nThe Rack Unit is a unit of measurement used for defining the vertical space available in an equipment rack cabinet. A 'U' equals 1.75 inches or4.45cm. Rack-mountable equipment is usually designed to occupy an integer number of U. This dimension has been standardized by the Electronic Industries Alliance (EIA).\r\n<span style=\"font-weight: bold; \">What are some common or standard heights for rack cabinets?</span>\r\nServer racks come in a wide variety of heights anywhere from 1U to 50U and above.\r\n<span style=\"font-weight: bold; \">When are Four- post racks used?</span>\r\nFour-post racks allow for mounting rails to support equipment at the front and rear. These racks may be open in construction or enclosed by front and/or rear doors, side panels, or tops. Four-post racks can provide both robust support and security.\r\n<span style=\"font-weight: bold; \">When are Two- post racks used?</span>\r\nTwo-post racks provide just two vertical posts. Equipment can be mounted either via its front panel holes, or close to its center of gravity, depending on the design of the rack. Two-post racks are most often used for telecommunication installations.\r\n<span style=\"font-weight: bold; \">What are the Applicable Standards for rack cabinets/enclosures design and manufacturing?</span>\r\n<ul><li>The EIA-310. It is standardizing features like the Rack Unit, vertical & horizontal hole spacing, rack cabinet openings and front panel width.</li><li>IEC Standards. IEC 60297 (IEC 60297-3-100, -101, -102, -104, -105 and IEC 60297-5) standardize the dimensions and the mechanical structure of the 19 inch rack cabinets.</li></ul>\r\n<span style=\"font-weight: bold;\">What is the significance of the Rack Cabinet Depth?</span>\r\nRack cabinet depth is important not only because it has to allow room for the depth of the particular equipment to be rack-mounted (deep servers vs. routers or switches), but also it has to allow sufficient room for cables as well as airflow indispensable in cooling rack cabinets and enclosures.\r\n<span style=\"font-weight: bold;\">What rack cabinet options for front and rear doors are available?</span>\r\nFront as well as Rear doors are available in many different materials, sizes and with various ventilation options. Locking systems are also available on most doors. Choosing a ventilated front and rear door is key in air circulation by creating a front to back flow pattern within the rack cabinet.\r\n<span style=\"font-weight: bold;\">What Side Panel options are available for rack cabinets and enclosures?</span>\r\nThe typical types of rack cabinet side panels are: solid removable, solid fixed and louvered removable and fixed.\r\n<span style=\"font-weight: bold;\">What is the most economical rack cabinet cooling technique?</span>\r\nOur approach to efficient cooling of datacenter rack cabinets begins with a sealed separation between the cold isle in front of the equipment row and the hot isle in the back of the equipment. The sealing between hot and cold is done at the front rail level of the enclosure. We implemented this solution, for instance, for a wide variety of Cisco routers: 2821, 7613, 3560E, 3845, 2911, 6509E, 4507R, 4510R, 4510E, 4900M.\r\nSince the router is designed to intake cold air from the side, which is now left by our separation in the hot isle, we needed to create a duct that would connect the router's intake to the cold isle in front of the cabinet. We accomplished the whole task by designing a cold air intake plenum mounted under the router, and connecting this plenum through a duct to the intake on the side of the router. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Cabinet.png","alias":"cabinet"},"501":{"id":501,"title":"All-flash and Hybrid Storage","description":" Costs have come down making hybrid and all-flash enterprise storage solutions the preferred choice for storing, processing and moving the massive volumes of business data generated in today’s cloud, mobile and IoT environment.\r\nll-flash storage arrays utilize solid-state drives (SSDs) to deliver high-performance and low-latency workloads using data compression and deduplication technologies. Hybrid Storage combines those same solid-state drives (SSDs) with SAS or NL-SAS drives to offer a more cost-effective storage solution that balances cost with superior performance and high storage density.\r\nBoth options lower the complexity of providing scale-out performance at ultralow latency for data-intensive loads and big data analytics.\r\nWhether you are building a new storage array or refreshing your existing storage infrastructure we will work with you to plan, source, install and configure a storage solution to meet you budgetary and business requirements.","materialsDescription":" <span style=\"font-weight: bold;\">What is flash storage and what is it used for?</span>\r\nFlash storage is any storage repository that uses flash memory. Flash memory comes in many form factors, and you probably use flash storage every day. From a single Flash chip on a simple circuit board attached to your computing device via USB to circuit boards in your phone or MP3 player, to a fully integrated “Enterprise Flash Disk” where lots of chips are attached to a circuit board in a form factor that can be used in place of a spinning disk.\r\n<span style=\"font-weight: bold;\">What is flash storage SSD?</span>\r\nA “Solid State Disk” or EFD “Enterprise Flash Disk” is a fully integrated circuit board where many Flash chips are engineered to represent a single Flash disk. Primarily used to replace a traditional spinning disk, SSDs are used in MP3 players, laptops, servers and enterprise storage systems.\r\n<span style=\"font-weight: bold;\">What is the difference between flash storage and SSD?</span>\r\nFlash storage is a reference to any device that can function as a storage repository. Flash storage can be a simple USB device or a fully integrated All-Flash Storage Array. SSD, “Solid State Disk” is an integrated device designed to replace spinning media, commonly used in enterprise storage arrays.\r\n<span style=\"font-weight: bold;\">What is the difference between flash storage and traditional hard drives?</span>\r\nA traditional hard drive leveraged rotating platters and heads to read data from a magnetic device, comparable to a traditional record player; while flash storage leveraged electronic media or flash memory, to vastly improve performance. Flash eliminates rotational delay and seeks time, functions that add latency to traditional storage media.\r\n<span style=\"font-weight: bold;\">What is the difference between an all-flash array and a hybrid array?</span>\r\nA Hybrid Storage Array uses a combination of spinning disk drives and Flash SSD. Along with the right software, a Hybrid Array can be configured to improve overall performance while reducing cost. An All-Flash-Array is designed to support only SSD media.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Al_flash_and_Hybrid_Storage.png","alias":"all-flash-and-hybrid-storage"},"503":{"id":503,"title":"Storage Networking","description":" A storage area network (SAN) or storage network is a computer network which provides access to consolidated, block-level data storage. SANs are primarily used to enhance accessibility of storage devices, such as disk arrays and tape libraries, to servers so that the devices appear to the operating system as locally-attached devices. A SAN typically is a dedicated network of storage devices not accessible through the local area network (LAN) by other devices, thereby preventing interference of LAN traffic in data transfer.\r\nThe cost and complexity of SANs dropped in the early 2000s to levels allowing wider adoption across both enterprise and small to medium-sized business environments.\r\nA SAN does not provide file abstraction, only block-level operations. However, file systems built on top of SANs do provide file-level access, and are known as shared-disk file systems.\r\nStorage area networks (SANs) are sometimes referred to as network behind the servers and historically developed out of the centralised data storage model, but with its own data network. A SAN is, at its simplest, a dedicated network for data storage. In addition to storing data, SANs allow for the automatic backup of data, and the monitoring of the storage as well as the backup process. A SAN is a combination of hardware and software. It grew out of data-centric mainframe architectures, where clients in a network can connect to several servers that store different types of data. To scale storage capacities as the volumes of data grew, direct-attached storage (DAS) was developed, where disk arrays or just a bunch of disks (JBODs) were attached to servers. In this architecture storage devices can be added to increase storage capacity. However, the server through which the storage devices are accessed is a single point of failure, and a large part of the LAN network bandwidth is used for accessing, storing and backing up data. To solve the single point of failure issue, a direct-attached shared storage architecture was implemented, where several servers could access the same storage device.\r\nDAS was the first network storage system and is still widely implemented where data storage requirements are not very high. Out of it developed the network-attached storage (NAS) architecture, where one or more dedicated file server or storage devices are made available in a LAN. Therefore, the transfer of data, particularly for backup, still takes place over the existing LAN. If more than a terabyte of data was stored at any one time, LAN bandwidth became a bottleneck. Therefore, SANs were developed, where a dedicated storage network was attached to the LAN, and terabytes of data are transferred over a dedicated high speed and bandwidth network. Within the storage network, storage devices are interconnected. Transfer of data between storage devices, such as for backup, happens behind the servers and is meant to be transparent. While in a NAS architecture data is transferred using the TCP and IP protocols over Ethernet, distinct protocols were developed for SANs, such as Fibre Channel, iSCSI, Infiniband. Therefore, SANs often have their own network and storage devices, which have to be bought, installed, and configured. This makes SANs inherently more expensive than NAS architectures.","materialsDescription":"<span style=\"font-weight: bold; \">What is storage virtualization?</span>\r\nA storage area network (SAN) is a dedicated high-speed network or subnetwork that interconnects and presents shared pools of storage devices to multiple servers.\r\nA SAN moves storage resources off the common user network and reorganizes them into an independent, high-performance network. This enables each server to access shared storage as if it were a drive directly attached to the server. When a host wants to access a storage device on the SAN, it sends out a block-based access request for the storage device.\r\nA storage area network is typically assembled using three principle components: cabling, host bus adapters (HBAs), and switches attached to storage arrays and servers. Each switch and storage system on the SAN must be interconnected, and the physical interconnections must support bandwidth levels that can adequately handle peak data activities. IT administrators manage storage area networks centrally.\r\nStorage arrays were initially all hard disk drive systems, but are increasingly populated with flash solid-state drives (SSDs).\r\n<span style=\"font-weight: bold; \">What storage area networks are used for?</span>\r\nFibre Channel (FC) SANs have the reputation of being expensive, complex and difficult to manage. Ethernet-based iSCSI has reduced these challenges by encapsulating SCSI commands into IP packets that don't require an FC connection.\r\nThe emergence of iSCSI means that instead of learning, building and managing two networks -- an Ethernet local area network (LAN) for user communication and an FC SAN for storage -- an organization can use its existing knowledge and infrastructure for both LANs and SANs. This is an especially useful approach in small and midsize businesses that may not have the funds or expertise to support a Fibre Channel SAN.\r\nOrganizations use SANs for distributed applications that need fast local network performance. SANs improve the availability of applications through multiple data paths. They can also improve application performance because they enable IT administrators to offload storage functions and segregate networks.\r\nAdditionally, SANs help increase the effectiveness and use of storage because they enable administrators to consolidate resources and deliver tiered storage. SANs also improve data protection and security. Finally, SANs can span multiple sites, which helps companies with their business continuity strategies.\r\n<span style=\"font-weight: bold;\">Types of network protocols</span>\r\nMost storage networks use the SCSI protocol for communication between servers and disk drive devices.[citation needed] A mapping layer to other protocols is used to form a network:\r\n<ul><li>ATA over Ethernet (AoE), mapping of ATA over Ethernet</li><li>Fibre Channel Protocol (FCP), the most prominent one, is a mapping of SCSI over Fibre Channel</li><li>Fibre Channel over Ethernet (FCoE)</li><li>ESCON over Fibre Channel (FICON), used by mainframe computers</li><li>HyperSCSI, mapping of SCSI over Ethernet</li><li>iFCP or SANoIP mapping of FCP over IP</li><li>iSCSI, mapping of SCSI over TCP/IP</li><li>iSCSI Extensions for RDMA (iSER), mapping of iSCSI over InfiniBand</li><li>Network block device, mapping device node requests on UNIX-like systems over stream sockets like TCP/IP</li><li>SCSI RDMA Protocol (SRP), another SCSI implementation for RDMA transports</li></ul>\r\nStorage networks may also be built using SAS and SATA technologies. SAS evolved from SCSI direct-attached storage. SATA evolved from IDE direct-attached storage. SAS and SATA devices can be networked using SAS Expanders.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Storage_Networking.png","alias":"storage-networking"},"505":{"id":505,"title":"Entry Level Storage","description":" Ready-made entry-level storage systems are often used in various solutions for the SMB segment: disk space consolidation, virtualization, various cluster solutions requiring shared block access.\r\nKey architecture features of most entry-level storage systems on the market:\r\n<ul><li>Use one or two hot-swap controllers that use disk sharing. The controller means a specialized server in a special form factor that provides storage operation (working with disks, servicing arrays and providing volumes to hosts, etc.).</li><li>The presence of two controllers provides an increase in the overall reliability of storage - the ability to avoid downtime during the planned shutdown or failure of one of the controllers) and additional scaling of performance when distributing volumes across different controllers. When using the write cache, its integrity is protected: power protection (regular battery or ionistors plus flash memory reset) and duplication of content between controllers.</li><li>The choice of host interfaces: 16 and 8 Gb FiberChannel, 1 and 10 Gb Ethernet (iSCSI, some models may have FCoE support), SAS. For some models, there are combined options, for example, FC + SAS.</li><li>It is possible to connect additional disk shelves (simple cases with SAS expanders) through the SAS interface. To increase the reliability of the connection, a 2-way connection can be applied (below is an example of one of the possible connection schemes).</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">What Is Entry-Level Storage?</span>\r\nEntry-level flash storage is simple, smart, secure, affordable, high-performance data storage for enterprises to start small and grow with seamless cloud connectivity as business requirements increase.\r\nOrganizations large and small are navigating at a rapid pace of change in a data-driven economy. Delivering data simply, quickly, and cost-effectively is essential to driving business growth, and the hybrid cloud has emerged as the most efficient way to meet changing business needs. Every IT organization is trying to determine how to modernize with hybrid cloud, and all-flash storage systems are critical on-premises to speed up enterprise applications. However, small enterprises have continued to use hard disk storage systems because of the high cost of all-flash solutions.\r\nAn entry-level storage system offers compact, dense, cost-effective, and easy-to-use storage. These storage systems can be deployed in small offices, small enterprises, and remote locations to run both file and block workloads effectively and efficiently. A simple storage system should support multiple protocols, including FC, NFS, SMB/CIFS, iSCSI, and FCoE, to help customers consolidate multiple applications onto a single simple system. It must be easy to install and deploy, secure and provide flexibility to connect to the cloud.\r\nEntry-level flash storage systems help accelerate all applications, consolidate workloads with better user experience, more effective storage and offer the best value to the customer.\r\n<span style=\"font-weight: bold;\">What Are the Benefits of Entry-Level Storage?</span>\r\n The benefits of entry-level storage include:\r\n<ul><li>Improved user experience with fast, secure, and continuous access to data;</li><li>Improved storage efficiency;</li><li>Reduced cost through improved TCO;</li><li>Increased ability for IT to support new business opportunities by leveraging the latest technologies like artificial intelligence (AI), machine learning (ML), deep learning (DL), and cloud.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Entry_Level_Storage.png","alias":"entry-level-storage"},"515":{"id":515,"title":"Tower Server","description":"A tower server is a computer that is built in an upright cabinet that stands alone and that is designed to function as a server. The cabinet is known as a tower, and multiple tower servers can work simultaneously for different tasks and processes. Tower servers are popular owing to the scalability and reliability features since unlimited servers can be added to the existing network largely because of the independent nature of the individual tower servers.\r\nTower servers support most basic applications such as system management, file management, print collaboration, ER applications, distribution and system security.\r\nThere are certain advantages in using tower servers. A tower server is robust and simple in nature. As overall component density is low, easier cooling is possible in tower servers. Possible damage, overheating or downtime can thus be prevented. The scalability factor is high in tower servers, and it is much easier to add servers to a simple network, leading to adaptable integration. Again, the maintenance factor is less when compared to other designs. Easy identification both on the network and physically is possible in tower servers as the data are usually stored in a single tower and not across various devices.\r\nThe cabling involved in tower servers can be complicated, and several tower servers in a single location could be noisy due to the fact that each tower might need a dedicated fan. An individual monitor, mouse or keyboard is required for each tower server, or a keyboard, video and mouse (KVM) switch needs to be available for managing devices using a single set of equipment. Again, in comparison to blade servers or rack servers, tower servers could be more bulky.","materialsDescription":" <span style=\"font-weight: bold;\">What is a tower server?</span>\r\nA tower server is a computer that is built in an upright cabinet that stands alone and that is designed to function as a server. The cabinet is known as a tower, and multiple tower servers can work simultaneously for different tasks and processes. Tower servers are popular owing to the scalability and reliability features since unlimited servers can be added to the existing network largely because of the independent nature of the individual tower servers.\r\n<span style=\"font-weight: bold;\">What are the advantages of a tower server?</span>\r\n<ul><li>Easier cooling, because the overall component density is fairly low.</li></ul>\r\nA tower server is robust and simple in nature. As overall component density is low, easier cooling is possible in tower servers. Therefore, it can prevent possible damage, overheating or downtime.\r\n<ul><li>Scalability, an unlimited number of servers can be added to an existing network.</li></ul>\r\nThe scalability factor is high in tower servers, and it is much easier to add servers to a simple network, leading to adaptable integration. Easy identification both on the network and physically is possible in tower servers as the data are usually stored in a single tower and not across various devices.\r\n<span style=\"font-weight: bold;\">What are the disadvantages of tower server?</span>\r\n<ul><li>A set of tower servers is bulkier and heavier than an equivalent blade server or set of rack servers.</li><li>A group of several air-cooled tower servers in a single location can be noisy because each tower requires a dedicated fan.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Tower_Server.png","alias":"tower-server"},"517":{"id":517,"title":"Blade System","description":" A blade server is a stripped-down server computer with a modular design optimized to minimize the use of physical space and energy. Blade servers have many components removed to save space, minimize power consumption and other considerations, while still having all the functional components to be considered a computer. Unlike a rack-mount server, a blade server needs a blade enclosure, which can hold multiple blade servers, providing services such as power, cooling, networking, various interconnects and management. Together, blades and the blade enclosure form a blade system. Different blade providers have differing principles regarding what to include in the blade itself, and in the blade system as a whole.\r\nIn a standard server-rack configuration, one rack unit or 1U—19 inches (480 mm) wide and 1.75 inches (44 mm) tall—defines the minimum possible size of any equipment. The principal benefit and justification of blade computing relates to lifting this restriction so as to reduce size requirements. The most common computer rack form-factor is 42U high, which limits the number of discrete computer devices directly mountable in a rack to 42 components. Blades do not have this limitation. As of 2014, densities of up to 180 servers per blade system (or 1440 servers per rack) are achievable with blade systems.\r\nEnclosure (or chassis) performs many of the non-core computing services found in most computers. Non-blade systems typically use bulky, hot and space-inefficient components, and may duplicate these across many computers that may or may not perform at capacity. By locating these services in one place and sharing them among the blade computers, the overall utilization becomes higher. The specifics of which services are provided varies by vendor.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Power.</span></span> Computers operate over a range of DC voltages, but utilities deliver power as AC, and at higher voltages than required within computers. Converting this current requires one or more power supply units (or PSUs). To ensure that the failure of one power source does not affect the operation of the computer, even entry-level servers may have redundant power supplies, again adding to the bulk and heat output of the design.\r\nThe blade enclosure's power supply provides a single power source for all blades within the enclosure. This single power source may come as a power supply in the enclosure or as a dedicated separate PSU supplying DC to multiple enclosures. This setup reduces the number of PSUs required to provide a resilient power supply.\r\nThe popularity of blade servers, and their own appetite for power, has led to an increase in the number of rack-mountable uninterruptible power supply (or UPS) units, including units targeted specifically towards blade servers (such as the BladeUPS).\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Cooling.</span></span> During operation, electrical and mechanical components produce heat, which a system must dissipate to ensure the proper functioning of its components. Most blade enclosures, like most computing systems, remove heat by using fans.\r\nA frequently underestimated problem when designing high-performance computer systems involves the conflict between the amount of heat a system generates and the ability of its fans to remove the heat. The blade's shared power and cooling means that it does not generate as much heat as traditional servers. Newer blade-enclosures feature variable-speed fans and control logic, or even liquid cooling systems that adjust to meet the system's cooling requirements.\r\nAt the same time, the increased density of blade-server configurations can still result in higher overall demands for cooling with racks populated at over 50% full. This is especially true with early-generation blades. In absolute terms, a fully populated rack of blade servers is likely to require more cooling capacity than a fully populated rack of standard 1U servers. This is because one can fit up to 128 blade servers in the same rack that will only hold 42 1U rack mount servers.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Networking.</span></span> Blade servers generally include integrated or optional network interface controllers for Ethernet or host adapters for Fibre Channel storage systems or converged network adapter to combine storage and data via one Fibre Channel over Ethernet interface. In many blades at least one interface is embedded on the motherboard and extra interfaces can be added using mezzanine cards.\r\nA blade enclosure can provide individual external ports to which each network interface on a blade will connect. Alternatively, a blade enclosure can aggregate network interfaces into interconnect devices (such as switches) built into the blade enclosure or in networking blades.\r\nBlade servers function well for specific purposes such as web hosting, virtualization, and cluster computing. Individual blades are typically hot-swappable. As users deal with larger and more diverse workloads, they add more processing power, memory and I/O bandwidth to blade servers. Although blade server technology in theory allows for open, cross-vendor system, most users buy modules, enclosures, racks and management tools from the same vendor.\r\nEventual standardization of the technology might result in more choices for consumers; as of 2009 increasing numbers of third-party software vendors have started to enter this growing field.\r\nBlade servers do not, however, provide the answer to every computing problem. One can view them as a form of productized server-farm that borrows from mainframe packaging, cooling, and power-supply technology. Very large computing tasks may still require server farms of blade servers, and because of blade servers' high power density, can suffer even more acutely from the heating, ventilation, and air conditioning problems that affect large conventional server farms.","materialsDescription":" <span style=\"font-weight: bold;\">What is blade server?</span>\r\nA blade server is a server chassis housing multiple thin, modular electronic circuit boards, known as server blades. Each blade is a server in its own right, often dedicated to a single application. The blades are literally servers on a card, containing processors, memory, integrated network controllers, an optional Fiber Channel host bus adaptor (HBA) and other input/output (IO) ports.\r\nBlade servers allow more processing power in less rack space, simplifying cabling and reducing power consumption. According to a SearchWinSystems.com article on server technology, enterprises moving to blade servers can experience as much as an 85% reduction in cabling for blade installations over conventional 1U or tower servers. With so much less cabling, IT administrators can spend less time managing the infrastructure and more time ensuring high availability.\r\nEach blade typically comes with one or two local ATA or SCSI drives. For additional storage, blade servers can connect to a storage pool facilitated by a network-attached storage (NAS), Fiber Channel, or iSCSI storage-area network (SAN). The advantage of blade servers comes not only from the consolidation benefits of housing several servers in a single chassis, but also from the consolidation of associated resources (like storage and networking equipment) into a smaller architecture that can be managed through a single interface.\r\nA blade server is sometimes referred to as a high-density server and is typically used in a clustering of servers that are dedicated to a single task, such as:\r\n<ul><li>File sharing</li><li>Web page serving and caching</li><li>SSL encrypting of Web communication</li><li>The transcoding of Web page content for smaller displays</li><li>Streaming audio and video content</li></ul>\r\nLike most clustering applications, blade servers can also be managed to include load balancing and failover capabilities.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Blade_System.png","alias":"blade-system"},"519":{"id":519,"title":"Density Optimized Server","description":" The high-density server system is a modern concept of building an economical and scalable computing equipment subsystem within the data processing center (hereinafter referred to as the data center).\r\nThe high-density server system includes server equipment, modules of the organization of network interaction, technologies of resource virtualization and has constructive opportunities to install all the components of a modern data center within a single structural unit (chassis).\r\nThe virtualization tools used and the adaptive management system combines the high-density server system resources for collective use in processing various combinations of workloads.\r\nThe high-density server system in the information system infrastructure allows achieving significant cost savings by compacting components and reducing the number of cable connections, jointly managing systems, using virtualization tools, reducing power and cooling costs, simplifying deployment and the possibility of rapid interchangeability of server equipment.\r\nThe high-density server system can be used as a subsystem of corporate data centers, as well as act as a computing center for an information system of a small company, thanks to its design features and applied technologies.","materialsDescription":" <span style=\"font-weight: bold;\">The High-Density Server System Structure</span>\r\nThe composition of the high-density server system includes:\r\n<ul><li>server equipment;</li><li>interconnect modules;</li><li>software (software);</li><li>management subsystem the high-density server system.</li></ul>\r\nConstructive the high-density server system is designed to install servers of special performance, called the "blade" (from the English "blade"). At the level of the system and application software, the “blade” does not differ from a typical server installed in a standard mounting rack.\r\nSSVP includes a universal chassis with redundant input-output systems, power, cooling and control, as well as blade servers and storage of similar performance. The use of the high-density server system means the provision of a functional management subsystem and services for installation, launch and maintenance.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Density_Optimized_Server.png","alias":"density-optimized-server"},"531":{"id":531,"title":"Thin client","description":" A thin client is a lightweight computer that has been optimized for establishing a remote connection with a server-based computing environment. The server does most of the work, which can include launching software programs, performing calculations, and storing data. This contrasts with a fat client or a conventional personal computer; the former is also intended for working in a client-server model but has significant local processing power, while the latter aims to perform its function mostly locally.\r\nThin clients occur as components of a broader computing infrastructure, where many clients share their computations with a server or server farm. The server-side infrastructure uses cloud computing software such as application virtualization, hosted shared desktop (HSD) or desktop virtualization (VDI). This combination forms what is known as a cloud-based system where desktop resources are centralized at one or more data centers. The benefits of centralization are hardware resource optimization, reduced software maintenance, and improved security.\r\n<ul><li>Example of hardware resource optimization: Cabling, bussing and I/O can be minimized while idle memory and processing power can be applied to user sessions that most need it.</li><li>Example of reduced software maintenance: Software patching and operating system (OS) migrations can be applied, tested and activated for all users in one instance to accelerate roll-out and improve administrative efficiency.</li><li>Example of improved security: Software assets are centralized and easily fire-walled, monitored and protected. Sensitive data is uncompromised in cases of desktop loss or theft.</li></ul>\r\nThin client hardware generally supports a keyboard, mouse, monitor, jacks for sound peripherals, and open ports for USB devices (e.g., printer, flash drive, webcam). Some thin clients include legacy serial or parallel ports to support older devices such as receipt printers, scales or time clocks. Thin client software typically consists of a graphical user interface (GUI), cloud access agents (e.g., RDP, ICA, PCoIP), a local web browser, terminal emulators (in some cases), and a basic set of local utilities.","materialsDescription":" <span style=\"font-weight: bold;\">What is a Thin Client?</span>\r\nA thin client is a computer with no hard drive or other moving parts that can lead to machine failure. Thin clients operate on a mainframe paradigm. All instructions and sessions come directly from a central, secure Windows server. Each thin client realizes its own session and operates independently from the other thin clients. Because thin clients have no hard drives, there is no loss of data if a local thin client gets damaged or has a local power failure.\r\n<span style=\"font-weight: bold;\">Why use a Thin Client instead of a regular PC?</span>\r\nThe main reason thin clients are better than PCs is that they offer "Lower Total Cost of Ownership". By reducing maintenance and install time, thin clients keep downtime to an absolute minimum. For example, to update 5 PCs you need to reinstall and configure all 5 PCs one at a time. With thin clients, you would simply make the update once on the server and all 5 thin clients would realize the update immediately.\r\n<span style=\"font-weight: bold;\">Where should I use a Thin Client?</span>\r\nThin clients can be used anywhere you would normally have a PC workstation. ACP has a number of partners who provide state of the art Thin Client hardware. These Thin Clients range from office-grade to light industrial, to heavy industrial including Class I Div 2.\r\nThin Clients are particularly favored in harsh conditions - most Thin Clients do not have cooling fans, are very small and easy to mount, and can be replaced within a minute or two.\r\n<span style=\"font-weight: bold;\">When should I use a Thin Client?</span>\r\nUse thin clients when you need to have one or several PC workstations that substantially "Lower Total Cost of Ownership" while remaining easy to install and support. Use thin clients when you have harsh factory conditions or when you don't have the time or money to hire an IT staff to keep your industrial or office systems up and running.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Thin_client.png","alias":"thin-client"},"536":{"id":536,"title":"WAN optimization - appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png","alias":"wan-optimization-appliance"},"542":{"id":542,"title":"UTM - Unified Threat Management Appliance","description":"A unified threat management (UTM) system is a type of network hardware appliance that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.<br />UTM devices are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nWhile UTM systems and next-generation firewalls (NGFWs) are sometimes comparable, UTM devices include added security features that NGFWs don't offer.\r\nUTM systems provide increased protection and visibility, as well as control over network security, which reduces complexity. UTM systems typically do this via inspection methods that address different types of threats.\r\nThese methods include:\r\n<ul><li>Flow-based inspection, also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li>Proxy-based inspection acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\nUTM devices provide a single platform for multiple network security functions and offer the benefit of a single interface for those security functions, as well as a single point of interface to monitor or analyze security logs for those different functions.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">How do UTM Appliances block a computer virus — or many viruses?</span>\r\nUnified threat management appliances have gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. Preventing these types of attacks can be difficult when using separate appliances and vendors for each specific security task, as each aspect has to be managed and updated individually in order to remain current in the face of the latest forms of malware and cybercrime. By creating a single point of defense and providing a single console, UTM solutions make dealing with varied threats much easier.\r\nWhile unified threat management solutions do solve some network security issues, they aren't without some drawbacks, with the biggest one being that the single point of defense that an UTM appliance provides also creates a single point of failure. Because of this, many organizations choose to supplement their UTM device with a second software-based perimeter to stop any malware that got through or around the UTM firewall.\r\nWhat kind of companies use a Unified Threat Management system?\r\nUTM was originally for small to medium office businesses to simplify their security systems. But due to its almost universal applicability, it has since become popular with all sectors and larger enterprises. Developments in the technology have allowed it to scale up, opening UTM up to more types of businesses that are looking for a comprehensive gateway security solution.\r\n<span style=\"font-weight: bold;\">What security features does Unified Threat Management have?</span>\r\nAs previously mentioned, most UTM services include a firewall, antivirus and intrusion detection and prevention systems. But they also can include other services that provide additional security.\r\n<ul><li>Data loss prevention software to stop data from exfiltrating the business, which in turn prevents a data leak from occurring.</li><li>Security information and event management software for real-time monitoring of network health, which allows threats and points of weakness to be identified.</li><li>Bandwidth management to regulate and prioritize network traffic, ensuring everything is running smoothly without getting overwhelmed.</li><li>Email filtering to remove spam and dangerous emails before they reach the internal network, lowering the chance of a phishing or similar attack breaching your defenses.</li><li>Web filtering to prevent connections to dangerous or inappropriate sites from a machine on the network. This lowers the chance of infection through malvertising or malicious code on the page. It can also be used to increase productivity within a business, i.e. blocking or restricting social media, gaming sites, etc.</li><li>Application filtering to either a blacklist or whitelist which programs can run, preventing certain applications from communicating in and out of the network, i.e. Facebook messenger.</li></ul>\r\n<span style=\"font-weight: bold;\">What are the benefits of Unified Threat Management?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Simplifies the network</span></li></ul>\r\nBy consolidating multiple security appliances and services into one, you can easily reduce the amount of time spent on maintaining many separate systems that may have become disorganized. This can also improve the performance of the network as there is less bloat. A smaller system also requires less energy and space to run.\r\n<ul><li><span style=\"font-weight: bold;\">Provides greater security and visibility</span></li></ul>\r\nA UTM system can include reporting tools, application filtering and virtual private network (VPN) capabilities, all of which defend your network from more types of threats or improve the existing security. Additionally, monitoring and analysis tools can help locate points of weakness or identify ongoing attacks.\r\n<ul><li><span style=\"font-weight: bold;\">Can defend from more sophisticated attacks</span></li></ul>\r\nBecause UTM defends multiple parts of a network it means that an attack targeting multiple points simultaneously can be repelled more easily. With cyber-attacks getting more sophisticated, having defenses that can match them is of greater importance.\r\nHaving several ways of detecting a threat also means a UTM system is more accurate at identifying potential attacks and preventing them from causing damage.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM_Unified_Threat_Management_Appliance.png","alias":"utm-unified-threat-management-appliance"},"544":{"id":544,"title":"DLP - Appliance","description":"DLP (Data Loss Prevention) is a technology for preventing leakage of confidential information from an information system to the outside, as well as technical software and hardware devices for such prevention of leakage. According to most definitions, information leakage is the unauthorized distribution of restricted access data that is not controlled by the owner of this data. This implies that the person who committed the leak has the rights to access information.\r\nThe most effective way to ensure data security on corporate computers today is to use specialized data leakage prevention tools (Data Leak Prevention or DLP). DLP solutions are designed to eliminate the “human factor” and prevent misconduct by preventing (and fixing) data leaks from a computer for as many scripts as possible.\r\nEmail and webmail services, instant messaging services, social networks and forums, cloud file storages, FTP servers - all these benefits of the Internet can at any moment be a channel for leaking corporate information, disclosure of which may be undesirable or even dangerous for business.\r\nYou shouldn’t disregard traditional local channels - data storage devices (flash drives, disks, memory cards), printers and data transfer interfaces and synchronization with smartphones.\r\nAn effective DLP solution should control the widest possible range of network communications channels, local devices, and interfaces. At the same time, the effectiveness of a DLP solution is determined by the flexibility of the settings and the ability to ensure a successful combination of business interests and security.\r\nToday, DLP products are a rapidly growing information security industry, and new products are released very often. Installing a DLP system will allow you to distinguish confidential information from the usual, which in turn will reduce the cost of the entire complex for the protection of information and resources in general. No unimportant moment when choosing a DLP-system is its price, but Data Leak Prevention has a modularity that allows you to protect the channels you need and not pay extra for protecting unnecessary ones.","materialsDescription":"<span style=\"font-weight: bold;\">What Is Data Loss Prevention (DLP)?</span>\r\nData loss prevention, or DLP, is a set of technologies, products, and techniques that are designed to stop sensitive information from leaving an organization.\r\nData can end up in the wrong hands whether it’s sent through email or instant messaging, website forms, file transfers, or other means. DLP strategies must include solutions that monitor for, detect, and block the unauthorized flow of information.\r\n<span style=\"font-weight: bold;\">How does DLP work?</span>\r\nDLP technologies use rules to look for sensitive information that may be included in electronic communications or to detect abnormal data transfers. The goal is to stop information such as intellectual property, financial data, and employee or customer details from being sent, either accidentally or intentionally, outside the corporate network.\r\n<span style=\"font-weight: bold;\">Why do organizations need DLP solutions?</span>\r\nThe proliferation of business communications has given many more people access to corporate data. Some of these users can be negligent or malicious. The result: a multitude of insider threats that can expose confidential data with a single click. Many government and industry regulations have made DLP a requirement.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DLP_Appliance.png","alias":"dlp-appliance"},"546":{"id":546,"title":"WAF-web application firewall appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png","alias":"waf-web-application-firewall-appliance"},"550":{"id":550,"title":"Web filtering - Appliance","description":" <span style=\"font-weight: bold; \">A web filter appliance</span> is a device that allows the user to filter all online content for censorship purposes, such that any links, downloads, and email containing offensive materials or pornography is outright blocked or removed. Web filtering appliance can also help you prevent malware infection because, more often than not, malware is usually hidden within links that promise porn or controversial content. Moreover, because the number of online hazards is un stopped increasing every day, it's always prudent to get a web filter appliance that can adapt to the changing times and the ever-evolving hazards posed by the Internet.\r\nAt any rate, content filtering appliance has a distinct advantage over their software counterparts in terms of stable restriction features, unrestricted monitoring, no platform-based limitations, easy upgrades and improvements, and so on. That's because the best web filters are fully integrated software and hardware systems that optimize their hybrid attributes when it comes to content filtering by gaining full, unmitigated control over online usage through well-defined policies as mandated by the owner of the network or the IT security administrator.\r\nGetting a web content filtering appliance that has a list of premium-grade and detailed content analysis with predefined categories (which includes keywords for pornography, game downloads, drugs, violence, adult content, offensive content, racist content, controversial content, and the like) is a must for any major network. All of the items you'll ever need to block should be easily selectable with a click of your mouse as well; after all, sophisticated technology aside, a good web filter appliance should also be intuitive and practical to use as well.<br /> ","materialsDescription":"<h1 class=\"align-center\">How a Web Content Filter Appliance Works</h1>\r\n<p class=\"align-left\">Typically a web content filter appliance protects Internet users and networks by using a combination of blacklists, URIBL and SURBL filters, category filters and keyword filters. Blacklists, URIBL and SURBL filters work together to prevent users visiting websites known to harbor malware, those that have been identified as fake phishing sites, and those who hid their true identity by using the whois privacy feature or a proxy server. Genuine websites have no reason to hide their true identity.</p>\r\n<p class=\"align-left\">In the category filtering process, the content of millions of webpages are analyzed and assigned a category. System administrators can then choose which categories to block access to (i.e. online shopping, alcohol, pornography, gambling, etc.) depending on whether the web content filter appliance is providing a service to a business, a store, a school, a restaurant, or a workplace. Most appliances for filtering web content also offer the facility to create bespoke categories.</p>\r\n<p class=\"align-left\">Keyword filters have multiple uses. They can be used to block access to websites containing specific words (for example the business name of a competitor), specific file extensions (typically those most commonly used for deploying malware and ransomware), and specific web applications; if, for example, a business wanted to allow its marketing department access to Facebook, but not FaceTime. Effectively, the keyword filters fine-tune the category settings, enhance security and increase productivity.</p>\r\n<h1 class=\"align-center\">Are there any home web filter appliance?</h1>\r\nFor children today, the Internet has always existed. To them, it’s second nature to pop online and watch a funny video, find a fact, or chat with a friend. But, of course, the Internet is also filled with a lot of dark corners (It’s a hop, skip, and a click to adult content). Parents, then, are presented with the daunting task of not only monitoring what sites their children visit but also their screen time consumption. There are a number of home content filtering appliance that allow parents to do just this. The best parental control apps and devices, be they hardware or software, not only put parents in command of such things as the content their children can view and the amount of time they can spend online but help restore a parent’s sense of control. With them, parents, from can restrict access to only specific sites and apps, filter dangerous or explicit web-content, manage time, and even track their location.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Web_filtering_Appliance.png","alias":"web-filtering-appliance"},"552":{"id":552,"title":"Secure Web Gateway - Appliance","description":"Secure web gateways are generally appliance-based security solutions that prevent advanced threats, block unauthorized access to systems or websites, stop malware, and monitor real-time activity across websites accessed by users within the institution.\r\nA secure web gateway is primarily used to monitor and prevent malicious traffic and data from entering, or even leaving, an organization’s network. Typically, it is implemented to secure an organization against threats originating from the Internet, websites and other Web 2.0 products/services. It is generally implemented through a hardware gateway device implemented at the outer boundaries of a network. Some of the features a secure Web gateway provides include URL filtering, application-level control, data leakage prevention, and virus/malware code detection.\r\nA Secure web gateway (SWG) protects users against phishing, malware and other Internet-borne threats. Unlike traditional firewalls, SWGs are focused on layer 7 web traffic inspection, both inbound and outbound. As web security solutions, they apply no protection to WAN traffic, which is left to the corporate next generation firewalls. In recent years, SWGs appeared as a cloud service. The cloud instances enable secure web and cloud access from anywhere – including outside the office by mobile users. The traffic coverage and solution form factor remain the key distinctions between SWGs and next generation firewalls, which often provide a very similar level of security capabilities.\r\nA converged, cloud-based network security solution converges the capabilities of a next generation firewall (WAN and Internet traffic inspection) and the extended coverage for mobile users of SWGs.\r\nA converged approach eliminates the need to maintain policies across multiple point solutions and the appliance life cycle.","materialsDescription":"<span style=\"font-weight: bold;\">Why is a secure web gateway important?</span>\r\nSecure web gateways have become increasingly common as cybercriminals have grown more sophisticated in embedding threat vectors into seemingly innocuous or professional-looking websites. These counterfeit websites can compromise the enterprise as users access them, unleashing malicious code and unauthorized access in the background without the user's knowledge. These fake, criminal websites can be quite convincing.\r\nSome of these scam websites appear to be so authentic that they can convince users to enter credit card numbers and personal identification information (PII) such as social security numbers. Other sites require only the connection to the user to bypass web browser controls and inject malicious code such as viruses or malware into the user's network. Examples include fake online shopping sites posing as brand-name sellers, sites that appear to be legitimate government agencies and even business-to-business intranets. Secure web gateways can also prevent data from flowing out of an organization, making certain that restricted data is blocked from leaving the organization.\r\n<span style=\"font-weight: bold;\">How does a secure web gateway work?</span>\r\nSecure web gateways are installed as a software component or a hardware device on the edge of the network or at user endpoints. All traffic to and from users to other networks must pass through the gateway that monitors it. The gateway monitors this traffic for malicious code, web application use, and all user/non-user attempted URL connections.\r\nThe gateway checks or filters website URL addresses against stored lists of known and approved websites—all others not on the approved lists can be explicitly blocked. Known malicious sites can be explicitly blocked as well. URL filters that maintain allowed web addresses are maintained in whitelists, while known, off-limits sites that are explicitly blocked are maintained in blacklists. In enterprises, these lists are maintained in the secure gateway's database, which then applies the list filters to all incoming and outgoing traffic.\r\nSimilarly, data flowing out of the network can be checked, disallowing restricted data sources—data on the network or user devices that are prohibited from distribution. Application-level controls can also be restricted to known and approved functions, such as blocking uploads to software-as-a-service (SaaS) applications (such as Office 365 and Salesforce.com). Although some enterprises deploy secure web gateways in hardware appliances that filter all incoming and outgoing traffic, many organizations use cloud-based, SaaS secure web gateways as a more flexible and less costly solution to deploy and maintain. Organizations with existing hardware investments often combine the two, using hardware at their larger physical sites and cloud-based gateways for remote locations and traveling workers.\r\n<span style=\"font-weight: bold;\">What are some features of secure web gateways?</span>\r\nBeyond basic URL, web application control and data filtering, secure web gateways should provide additional controls and features that enhance network security.\r\n<ul><li>Encrypted traffic analysis. The gateway should compare all traffic to local and global threat lists and reputation sources first, then also analyze the nature of the traffic itself to determine if any content or code poses a threat to the network. This should include SSL-based encrypted traffic.</li><li>Data Loss Prevention. If, for example, a website accepts uploaded documents or data, the documents should first be scanned for sensitive data before being uploaded.</li><li>Social media protection. All information to and from social media should be scanned and filtered.</li><li>Support for all protocols. HTTP, HTTPS, and FTP internet protocols must be supported. While HTTPS is the industry standard now, many sites still support HTTP and FTP connections.</li><li>Integration with zero-day anti-malware solutions. Threats will be discovered, and integration with anti-malware solutions that can detect zero-day (never seen before) threats deliver the best prevention and remediation.</li><li>Integration with security monitoring. Security administrators should be notified of any web gateway security problems via their monitoring solution of choice, typically a security information and event management (SIEM) solution.</li><li>Choice of location. Choose where your secure web gateway best fits in your network—the edge, at endpoints, or in the cloud.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Web_Gateway_Appliance.png","alias":"secure-web-gateway-appliance"},"556":{"id":556,"title":"Antispam - Appliance","description":"Anti-spam appliances are software or hardware devices integrated with on-board software that implement spam filtering and/or anti-spam for instant messaging (also called "spim") and are deployed at the gateway or in front of the mail server. They are normally driven by an operating system optimized for spam filtering. They are generally used in larger networks such as companies and corporations, ISPs, universities, etc.\r\nThe reasons hardware anti-spam appliances might be selected instead of software could include:\r\n<ul><li>The customer prefers to buy hardware rather than software</li><li>Ease of installation</li><li>Operating system requirements</li><li>Independence of existing hardware</li></ul>","materialsDescription":"<span style=\"font-weight: bold;\">How does an Antispam Appliance Work?</span>\r\nSince an antispam appliance is hardware, it can be placed at the entry point of the email server to inspect and filter every message that enters the email server. An antispam appliance is capable of evaluating IP addresses that are included in the email messages from the sender. The appliance can also examine the message content and then compare it against the criteria and parameters that have been set for receiving email messages.\r\n<span style=\"font-weight: bold;\">Advantages of an Antispam Appliance</span>\r\nAntispam appliances are capable of providing more email security to large networks because it is hardware that is specifically designed to handle email security on larger networks. Also, since an antispam appliance is hardware, it is much easier to install and configure on a network, as opposed to software that may require a specific operating system infrastructure. For example, if the organization is running the Linux operating system, this type of system will not support antispam filtering software.\r\nAnother advantage of using an antispam appliance is its ability to protect a large network from codes that are designed to destroy the individual computers on the network. These are malicious codes that can enter the email server and then transmit to the email client via spam. When the individual computers get infected, it slows the productivity of the organization and interrupts the network processes.\r\nAlthough many large networks deploy a vulnerability assessment program that can protect the network against criminals with malicious intent, sometimes vulnerability assessment is not enough to protect the massive amounts of email that enter an email server on a large network. This is why it is important to deploy an antispam appliance to provide added security for your email server and the email clients on the individual computers that are connected to the network.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Antispam_Appliance.png","alias":"antispam-appliance"},"558":{"id":558,"title":"Secure E-mail Gateway - Appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png","alias":"secure-e-mail-gateway-appliance"},"562":{"id":562,"title":"DDoS Protection - Appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png","alias":"ddos-protection-appliance"},"765":{"id":765,"title":"Network Packet Broker","description":" <span style=\"font-weight: bold; \">Network Packet Broker’s</span> (NPBs) are devices that do just what the name suggests, they “broker” incoming network traffic to any number of security, application performance monitoring, or network forensic tools. The need to “broker” packet before it is sent to tools comes from 2 major driving forces. First, the throughput of tools is limited, second, every tool requires a different subset of traffic to maximize performance.\r\nPacket broker is designed to deliver only the traffic of interest required by any specific tool. NPBs achieve this by using a variety of filtering options that will be explained in detail in the next blog in this series. NPBs act as the man-in-the-middle between TAP/SPAN ports and the tool itself and should be designed with 4 different deployment scenarios in mind.\r\n<span style=\"font-weight: bold; \">Broker traffic from a single TAP port to a single tool.</span> In this application the most important function of the NPB is its filtering capability. Most tools currently deployed handle up to 10Gbps of traffic at any given time. If the incoming TAP traffic is 40Gbps, the traffic needs to be filtered by a factor of 4. The NPB needs to ensure the traffic is filtered adequately to meet this limitation while providing every packet the tool needs to do its job.\r\n<span style=\"font-weight: bold; \">Broker traffic from multiple TAP ports to a single tool.</span> This application builds on the previous, but now the NPB needs to support aggregation. Aggregation allows the user to setup single filters that will be applied to all incoming traffic streams, reducing the setup time/complexity of the device. Aggregation also ensures the tool receives traffic from multiple streams.\r\n<span style=\"font-weight: bold; \">Broker traffic from a single TAP port to multiple tools.</span> This application builds on the first, however, the NPB now needs to be able to replicate and/or load balance traffic. The traffic needs to be replicated/mirrored/copied to ensure each tool has access to any necessary packets. To properly handle this application, the NPB must also support egress filtering, to allow unique filters criteria for each different tool. If multiple tools require the same filtered traffic, the NPB must also support load balancing and options on how to load balance. \r\n<span style=\"font-weight: bold; \">Broker Traffic from multiple TAP ports to multiple tools.</span> The final application builds on the previous three and uses filtering, aggregation and load balancing to guarantee each tool operates at its maximum efficiency.\r\nThe current crop of NPBs plays a critical role in enabling businesses to perform several functions, such as moving to a virtual network, upgrading the network, and cost-effectively adding more advanced tools. However, infrastructure evolution continues to march on, and now it’s time for <span style=\"font-weight: bold;\">next generation network packet broker</span>.\r\n<span style=\"font-weight: bold;\">Next-generation NPBs</span> are designed to meet the needs of digital businesses. A good analogy to consider is the evolution of application delivery controllers (ADCs). They started as simple load balancers and then added advanced load-balancing capabilities to become ADCs. After several years, security and cloud capabilities were introduced, and the product category shifted to advanced ADCs. The same trend is happening with NPBs as they evolve to next-generation NPBs.","materialsDescription":"<h1 class=\"align-center\"> Network Packet Brokers - How can they help you? </h1>\r\nAs your network continues to grow physically and virtually and speeds increase up 100 Gig it has become increasingly difficult to ensure that all your security and monitoring tools see and receive the real-time traffic that they need to analyze. These tools need to know exactly what is happening on the network, and are only as good as the data they receive.\r\nThe challenge is to ensure each tool see’s the traffic that it needs to. Using a combination of Taps, Bypass Switches and packet brokers we can set up a visibility architecture that sits between the IT infrastructure and the tools which gives you access to all the traffic traversing the virtual and physical links.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">NPB USES</span></p>\r\n<ul><li>Data from one network link, to one tool</li><li>Data from one network link, to multiple tools – Regeneration</li><li>Data from multiple network links, to one tool - Aggregation</li><li>Data from multiple network links, to multiple tools</li><li>Load balance traffic among all your tools</li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">HOW NPB's BENEFIT YOU</span></p>\r\n<p class=\"align-left\">Ultimately, NPBs make monitoring and security tools more effective, by giving them access to a range of data from across the entire network. Blind spots are reduced, giving tools the visibility they need to identify and tackle performance and security threats.</p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Packet_Broker.png","alias":"network-packet-broker"},"784":{"id":784,"title":"NGFW - next-generation firewall - Appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png","alias":"ngfw-next-generation-firewall-appliance"}},"companyUrl":"https://www.wijungle.com","countryCodes":["IND"],"certifications":[],"isSeller":true,"isSupplier":true,"isVendor":true,"presenterCodeLng":"","seo":{"title":"WiJungle","keywords":"","description":"WiJungle is a Unified Network Securty Gateway Appliance that combinedly serves the functions of NextGen Firewall/Unified Threat Management, Web Application Firewall, Hotspot Gateway, Vulnerability Assessment etc.","og:title":"WiJungle","og:description":"WiJungle is a Unified Network Securty Gateway Appliance that combinedly serves the functions of NextGen Firewall/Unified Threat Management, Web Application Firewall, Hotspot Gateway, Vulnerability Assessment etc.","og:image":"https://old.roi4cio.com/uploads/roi/company/WiJungle-Gateway-logo-Large-New-1200-2_1.png"},"eventUrl":"","vendorPartners":[],"supplierPartners":[],"vendoredProducts":[{"id":4620,"logoURL":"https://old.roi4cio.com/fileadmin/content/u250x-ROI4CIO.jpg","logo":true,"scheme":false,"title":"WiJungle U250X (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License ","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"wijungle-u35-nextgen-firewallutm-appliance-web-application-firewall-appliance-hotspot-gateway-appliance-load-balancer-router-vpn-router-with-3-years-license","companyTitle":"WiJungle","companyTypes":["supplier","vendor"],"companyId":7007,"companyAlias":"wijungle","description":"<p><span class=\"c-message__body\" data-qa=\"message-text\">WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Residential Estates, Events etc. across the globe.<br />The product is available in 30+ different models to serve wide range of concurrent users with throughput range from 3.2 Gbps to 240 Gbps.<br /></span><br />It offers features like</p>\r\n<ul>\r\n<li>Access/Interface Management</li>\r\n<li>Network Management</li>\r\n<li>User/Guest Management</li>\r\n<li>BandWidth Management</li>\r\n<li>Quality Of Service</li>\r\n<li>Data Leakage Prevention</li>\r\n<li>Content Filtering</li>\r\n<li>Load Balancing</li>\r\n<li>High Availability</li>\r\n<li>Gateway Anti-Virus</li>\r\n<li>Anti-Spam</li>\r\n<li>Web Server Protection</li>\r\n<li>Sandbox</li>\r\n<li>Advance Threat Protection</li>\r\n<li>Intrusion Prevention System</li>\r\n<li>Virtual Private Network</li>\r\n<li>Vulnerability Assessment</li>\r\n<li>Intuitive & Location Aware Captive Portals</li>\r\n<li>SMS Gateway Integration</li>\r\n<li>Social Media Engagement/Advertisement option</li>\r\n<li>Feedback Management</li>\r\n<li>User Logging</li>\r\n<li>Reporting and Analytics</li>\r\n<li>Prepaid/Postpaid Billing</li>\r\n<li>Voucher Management</li>\r\n<li>PMS/HIS Integration</li>\r\n<li>AP/Device Management</li>\r\n<li>Alert Management</li>\r\n</ul>\r\n<p> </p>","shortDescription":"WiJungle is a Unified Network Security Gateway Appliance that combinedly serves as NextGen Firewall/Unified Threat Management, Web Application Firewall, Hotspot Gateway, Vulnerability Assessment etc.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"WiJungle U250X (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License ","keywords":"","description":"<p><span class=\"c-message__body\" data-qa=\"message-text\">WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Residential Est","og:title":"WiJungle U250X (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License ","og:description":"<p><span class=\"c-message__body\" data-qa=\"message-text\">WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Residential Est","og:image":"https://old.roi4cio.com/fileadmin/content/u250x-ROI4CIO.jpg"},"eventUrl":"","translationId":4620,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":471,"title":"Hardware","alias":"hardware","description":" Computer hardware includes the physical, tangible parts or components of a computer, such as the cabinet, central processing unit, monitor, keyboard, computer data storage, graphics card, sound card, speakers and motherboard. By contrast, software is instructions that can be stored and run by hardware. Hardware is so-termed because it is "hard" or rigid with respect to changes or modifications; whereas software is "soft" because it is easy to update or change. Intermediate between software and hardware is "firmware", which is software that is strongly coupled to the particular hardware of a computer system and thus the most difficult to change but also among the most stable with respect to consistency of interface. The progression from levels of "hardness" to "softness" in computer systems parallels a progression of layers of abstraction in computing.\r\nHardware is typically directed by the software to execute any command or instruction. A combination of hardware and software forms a usable computing system, although other systems exist with only hardware components.\r\nThe template for all modern computers is the Von Neumann architecture, detailed in a 1945 paper by Hungarian mathematician John von Neumann. This describes a design architecture for an electronic digital computer with subdivisions of a processing unit consisting of an arithmetic logic unit and processor registers, a control unit containing an instruction register and program counter, a memory to store both data and instructions, external mass storage, and input and output mechanisms. The meaning of the term has evolved to mean a stored-program computer in which an instruction fetch and a data operation cannot occur at the same time because they share a common bus. This is referred to as the Von Neumann bottleneck and often limits the performance of the system.","materialsDescription":" <span style=\"font-weight: bold; \">What does Hardware (H/W) mean?</span>\r\nHardware (H/W), in the context of technology, refers to the physical elements that make up a computer or electronic system and everything else involved that is physically tangible. This includes the monitor, hard drive, memory and CPU. Hardware works hand-in-hand with firmware and software to make a computer function.\r\n<span style=\"font-weight: bold; \">What are the types of computer systems?</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Personal computer</span></span>\r\nThe personal computer, also known as the PC, is one of the most common types of computer due to its versatility and relatively low price. Laptops are generally very similar, although they may use lower-power or reduced size components, thus lower performance.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Case</span></span>\r\nThe computer case encloses and holds most of the components of the system. It provides mechanical support and protection for internal elements such as the motherboard, disk drives, and power supplies, and controls and directs the flow of cooling air over internal components. The case is also part of the system to control electromagnetic interference radiated by the computer, and protects internal parts from electrostatic discharge. Large tower cases provide extra internal space for multiple disk drives or other peripherals and usually stand on the floor, while desktop cases provide less expansion room. All-in-one style designs include a video display built into the same case. Portable and laptop computers require cases that provide impact protection for the unit. A current development in laptop computers is a detachable keyboard, which allows the system to be configured as a touch-screen tablet. Hobbyists may decorate the cases with colored lights, paint, or other features, in an activity called case modding.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Power supply</span></span>\r\nA power supply unit (PSU) converts alternating current (AC) electric power to low-voltage direct current (DC) power for the internal components of the computer. Laptops are capable of running from a built-in battery, normally for a period of hours. The PSU typically uses a switched-mode power supply (SMPS), with power MOSFETs (power metal–oxide–semiconductor field-effect transistors) used in the converters and regulator circuits of the SMPS.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Motherboard</span></span>\r\nThe motherboard is the main component of a computer. It is a board with integrated circuitry that connects the other parts of the computer including the CPU, the RAM, the disk drives (CD, DVD, hard disk, or any others) as well as any peripherals connected via the ports or the expansion slots. The integrated circuit (IC) chips in a computer typically contain billions of tiny metal–oxide–semiconductor field-effect transistors (MOSFETs).\r\nComponents directly attached to or to part of the motherboard include:\r\n<ul><li><span style=\"font-weight: bold; \">The CPU (central processing unit)</span>, which performs most of the calculations which enable a computer to function, and is referred to as the brain of the computer which get a hold of program instruction from random-access memory (RAM), interprets and processes it and then send it backs to computer result so that the relevant components can carry out the instructions. The CPU is a microprocessor, which is fabricated on a metal–oxide–semiconductor (MOS) integrated circuit (IC) chip. It is usually cooled by a heat sink and fan, or water-cooling system. Most newer CPU include an on-die graphics processing unit (GPU). The clock speed of CPU governs how fast it executes instructions, and is measured in GHz; typical values lie between 1 GHz and 5 GHz. Many modern computers have the option to overclock the CPU which enhances performance at the expense of greater thermal output and thus a need for improved cooling.</li><li><span style=\"font-weight: bold; \">The chipset</span>, which includes the north bridge, mediates communication between the CPU and the other components of the system, including main memory; as well as south bridge, which is connected to the north bridge, and supports auxiliary interfaces and buses; and, finally, a Super I/O chip, connected through the south bridge, which supports the slowest and most legacy components like serial ports, hardware monitoring and fan control.</li><li><span style=\"font-weight: bold; \">Random-access memory (RAM)</span>, which stores the code and data that are being actively accessed by the CPU. For example, when a web browser is opened on the computer it takes up memory; this is stored in the RAM until the web browser is closed. It is typically a type of dynamic RAM (DRAM), such as synchronous DRAM (SDRAM), where MOS memory chips store data on memory cells consisting of MOSFETs and MOS capacitors. RAM usually comes on dual in-line memory modules (DIMMs) in the sizes of 2GB, 4GB, and 8GB, but can be much larger.</li><li><span style=\"font-weight: bold; \">Read-only memory (ROM)</span>, which stores the BIOS that runs when the computer is powered on or otherwise begins execution, a process known as Bootstrapping, or "booting" or "booting up". The ROM is typically a nonvolatile BIOS memory chip, which stores data on floating-gate MOSFET memory cells.</li><li><span style=\"font-weight: bold; \">The BIOS (Basic Input Output System)</span> includes boot firmware and power management firmware. Newer motherboards use Unified Extensible Firmware Interface (UEFI) instead of BIOS.</li><li><span style=\"font-weight: bold; \">Buses</span> that connect the CPU to various internal components and to expand cards for graphics and sound.</li><li><span style=\"font-weight: bold; \">The CMOS</span> (complementary MOS) battery, which powers the CMOS memory for date and time in the BIOS chip. This battery is generally a watch battery.</li><li><span style=\"font-weight: bold; \">The video card</span> (also known as the graphics card), which processes computer graphics. More powerful graphics cards are better suited to handle strenuous tasks, such as playing intensive video games or running computer graphics software. A video card contains a graphics processing unit (GPU) and video memory (typically a type of SDRAM), both fabricated on MOS integrated circuit (MOS IC) chips.</li><li><span style=\"font-weight: bold; \">Power MOSFETs</span> make up the voltage regulator module (VRM), which controls how much voltage other hardware components receive.</li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Expansion cards</span></span>\r\nAn expansion card in computing is a printed circuit board that can be inserted into an expansion slot of a computer motherboard or backplane to add functionality to a computer system via the expansion bus. Expansion cards can be used to obtain or expand on features not offered by the motherboard.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Storage devices</span></span>\r\nA storage device is any computing hardware and digital media that is used for storing, porting and extracting data files and objects. It can hold and store information both temporarily and permanently, and can be internal or external to a computer, server or any similar computing device. Data storage is a core function and fundamental component of computers.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Fixed media</span></span>\r\nData is stored by a computer using a variety of media. Hard disk drives (HDDs) are found in virtually all older computers, due to their high capacity and low cost, but solid-state drives (SSDs) are faster and more power efficient, although currently more expensive than hard drives in terms of dollar per gigabyte, so are often found in personal computers built post-2007. SSDs use flash memory, which stores data on MOS memory chips consisting of floating-gate MOSFET memory cells. Some systems may use a disk array controller for greater performance or reliability.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Removable media</span></span>\r\nTo transfer data between computers, an external flash memory device (such as a memory card or USB flash drive) or optical disc (such as a CD-ROM, DVD-ROM or BD-ROM) may be used. Their usefulness depends on being readable by other systems; the majority of machines have an optical disk drive (ODD), and virtually all have at least one Universal Serial Bus (USB) port.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input and output peripherals</span></span>\r\nInput and output devices are typically housed externally to the main computer chassis. The following are either standard or very common to many computer systems.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input</span></span>\r\nInput devices allow the user to enter information into the system, or control its operation. Most personal computers have a mouse and keyboard, but laptop systems typically use a touchpad instead of a mouse. Other input devices include webcams, microphones, joysticks, and image scanners.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Output device</span></span>\r\nOutput devices display information in a human readable form. Such devices could include printers, speakers, monitors or a Braille embosser.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Mainframe computer</span></span>\r\nA mainframe computer is a much larger computer that typically fills a room and may cost many hundreds or thousands of times as much as a personal computer. They are designed to perform large numbers of calculations for governments and large enterprises.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Departmental computing</span></span>\r\nIn the 1960s and 1970s, more and more departments started to use cheaper and dedicated systems for specific purposes like process control and laboratory automation.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supercomputer</span></span>\r\nA supercomputer is superficially similar to a mainframe, but is instead intended for extremely demanding computational tasks. As of June 2018, the fastest supercomputer on the TOP500supercomputer list is the Summit, in the United States, with a LINPACK benchmarkscore of 122.3 PFLOPS Light, by around 29 PFLOPS.\r\nThe term supercomputer does not refer to a specific technology. Rather it indicates the fastest computations available at any given time. In mid 2011, the fastest supercomputers boasted speeds exceeding one petaflop, or 1 quadrillion (10^15 or 1,000 trillion) floating point operations per second. Supercomputers are fast but extremely costly, so they are generally used by large organizations to execute computationally demanding tasks involving large data sets. Supercomputers typically run military and scientific applications. Although costly, they are also being used for commercial applications where huge amounts of data must be analyzed. For example, large banks employ supercomputers to calculate the risks and returns of various investment strategies, and healthcare organizations use them to analyze giant databases of patient data to determine optimal treatments for various diseases and problems incurring to the country. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Hardware.jpg"},{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":475,"title":"Network Management - Hardware","alias":"network-management-hardware","description":" Your business is much more than just a machine that dispenses products or services in exchange for money. It’s akin to a living and breathing thing. Just as with the human body, in business, all the parts are interconnected and work together to move things forward.\r\nIf a company’s management is the brain, then its employees are the muscles. Muscles don’t work without the oxygen carried to them by the blood. Blood doesn’t pump through the body without the heart and circulatory system.\r\nData moves through your network like blood through veins, delivering vital information to employees who need it to do their jobs. In a business sense, the digital network is the heart and circulatory system. Without a properly functioning network, the entire business collapses. That’s why keeping networks healthy is vitally important. Just as keeping the heart healthy is critical to living a healthy life, a healthy network is a key to a thriving business. It starts with network management.\r\nNetwork management is hardware with a broad range of functions including activities, methods, procedures and the use of tools to administrate, operate, and reliably maintain computer network systems.\r\nStrictly speaking, network Management does not include terminal equipment (PCs, workstations, printers, etc.). Rather, it concerns the reliability, efficiency and capacity/capabilities of data transfer channels.","materialsDescription":" <span style=\"font-weight: bold;\">What Is Network Management?</span>\r\nNetwork management refers to the processes, tools, and applications used to administer, operate and maintain network infrastructure. Performance management and fault analysis also fall into the category of network management. To put it simply, network management is the process of keeping your network healthy, which keeps your business healthy.\r\n<span style=\"font-weight: bold;\">What Are the Components of Network Management?</span>\r\nThe definition of network management is often broad, as network management involves several different components. Here are some of the terms you’ll often hear when network management or network management software is talked about:\r\n<ul><li>Network administration</li><li>Network maintenance</li><li>Network operation</li><li>Network provisioning</li><li>Network security</li></ul>\r\n<span style=\"font-weight: bold;\">Why Is Network Management so Important When It Comes to Network Infrastructure?</span>\r\nThe whole point of network management is to keep the network infrastructure running smoothly and efficiently. Network management helps you:\r\n<ul><li><span style=\"font-style: italic;\">Avoid costly network disruptions.</span> Network downtime can be very costly. In fact, industry research shows the cost can be up to $5,600 per minute or more than $300K per hour. Network disruptions take more than just a financial toll. They also have a negative impact on customer relationships. Slow and unresponsive corporate networks make it harder for employees to serve customers. And customers who feel underserved could be quick to leave.</li><li><span style=\"font-style: italic;\">Improve IT productivity.</span> By monitoring every aspect of the network, an effective network management system does many jobs at once. This frees up IT staff to focus on other things.</li><li><span style=\"font-style: italic;\">Improve network security.</span> With a focus on network management, it’s easy to identify and respond to threats before they propagate and impact end-users. Network management also aims to ensure regulatory and compliance requirements are met.</li><li><span style=\"font-style: italic;\">Gain a holistic view of network performance.</span> Network management gives you a complete view of how your network is performing. It enables you to identify issues and fix them quickly.</li></ul>\r\n<span style=\"font-weight: bold;\">What Are the Challenges of Maintaining Effective Network Management and Network Infrastructure?</span>\r\nNetwork infrastructures can be complex. Because of that complexity, maintaining effective network management is difficult. Advances in technology and the cloud have increased user expectations for faster network speeds and network availability. On top of that, security threats are becoming ever more advanced, varied and numerous. And if you have a large network, it incorporates several devices, systems, and tools that all need to work together seamlessly. As your network scales and your company grows, new potential points of failure are introduced. Increased costs also come into play.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Management_Hardware__1_.png"},{"id":542,"title":"UTM - Unified Threat Management Appliance","alias":"utm-unified-threat-management-appliance","description":"A unified threat management (UTM) system is a type of network hardware appliance that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.<br />UTM devices are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nWhile UTM systems and next-generation firewalls (NGFWs) are sometimes comparable, UTM devices include added security features that NGFWs don't offer.\r\nUTM systems provide increased protection and visibility, as well as control over network security, which reduces complexity. UTM systems typically do this via inspection methods that address different types of threats.\r\nThese methods include:\r\n<ul><li>Flow-based inspection, also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li>Proxy-based inspection acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\nUTM devices provide a single platform for multiple network security functions and offer the benefit of a single interface for those security functions, as well as a single point of interface to monitor or analyze security logs for those different functions.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">How do UTM Appliances block a computer virus — or many viruses?</span>\r\nUnified threat management appliances have gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. Preventing these types of attacks can be difficult when using separate appliances and vendors for each specific security task, as each aspect has to be managed and updated individually in order to remain current in the face of the latest forms of malware and cybercrime. By creating a single point of defense and providing a single console, UTM solutions make dealing with varied threats much easier.\r\nWhile unified threat management solutions do solve some network security issues, they aren't without some drawbacks, with the biggest one being that the single point of defense that an UTM appliance provides also creates a single point of failure. Because of this, many organizations choose to supplement their UTM device with a second software-based perimeter to stop any malware that got through or around the UTM firewall.\r\nWhat kind of companies use a Unified Threat Management system?\r\nUTM was originally for small to medium office businesses to simplify their security systems. But due to its almost universal applicability, it has since become popular with all sectors and larger enterprises. Developments in the technology have allowed it to scale up, opening UTM up to more types of businesses that are looking for a comprehensive gateway security solution.\r\n<span style=\"font-weight: bold;\">What security features does Unified Threat Management have?</span>\r\nAs previously mentioned, most UTM services include a firewall, antivirus and intrusion detection and prevention systems. But they also can include other services that provide additional security.\r\n<ul><li>Data loss prevention software to stop data from exfiltrating the business, which in turn prevents a data leak from occurring.</li><li>Security information and event management software for real-time monitoring of network health, which allows threats and points of weakness to be identified.</li><li>Bandwidth management to regulate and prioritize network traffic, ensuring everything is running smoothly without getting overwhelmed.</li><li>Email filtering to remove spam and dangerous emails before they reach the internal network, lowering the chance of a phishing or similar attack breaching your defenses.</li><li>Web filtering to prevent connections to dangerous or inappropriate sites from a machine on the network. This lowers the chance of infection through malvertising or malicious code on the page. It can also be used to increase productivity within a business, i.e. blocking or restricting social media, gaming sites, etc.</li><li>Application filtering to either a blacklist or whitelist which programs can run, preventing certain applications from communicating in and out of the network, i.e. Facebook messenger.</li></ul>\r\n<span style=\"font-weight: bold;\">What are the benefits of Unified Threat Management?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Simplifies the network</span></li></ul>\r\nBy consolidating multiple security appliances and services into one, you can easily reduce the amount of time spent on maintaining many separate systems that may have become disorganized. This can also improve the performance of the network as there is less bloat. A smaller system also requires less energy and space to run.\r\n<ul><li><span style=\"font-weight: bold;\">Provides greater security and visibility</span></li></ul>\r\nA UTM system can include reporting tools, application filtering and virtual private network (VPN) capabilities, all of which defend your network from more types of threats or improve the existing security. Additionally, monitoring and analysis tools can help locate points of weakness or identify ongoing attacks.\r\n<ul><li><span style=\"font-weight: bold;\">Can defend from more sophisticated attacks</span></li></ul>\r\nBecause UTM defends multiple parts of a network it means that an attack targeting multiple points simultaneously can be repelled more easily. With cyber-attacks getting more sophisticated, having defenses that can match them is of greater importance.\r\nHaving several ways of detecting a threat also means a UTM system is more accurate at identifying potential attacks and preventing them from causing damage.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM_Unified_Threat_Management_Appliance.png"},{"id":544,"title":"DLP - Appliance","alias":"dlp-appliance","description":"DLP (Data Loss Prevention) is a technology for preventing leakage of confidential information from an information system to the outside, as well as technical software and hardware devices for such prevention of leakage. According to most definitions, information leakage is the unauthorized distribution of restricted access data that is not controlled by the owner of this data. This implies that the person who committed the leak has the rights to access information.\r\nThe most effective way to ensure data security on corporate computers today is to use specialized data leakage prevention tools (Data Leak Prevention or DLP). DLP solutions are designed to eliminate the “human factor” and prevent misconduct by preventing (and fixing) data leaks from a computer for as many scripts as possible.\r\nEmail and webmail services, instant messaging services, social networks and forums, cloud file storages, FTP servers - all these benefits of the Internet can at any moment be a channel for leaking corporate information, disclosure of which may be undesirable or even dangerous for business.\r\nYou shouldn’t disregard traditional local channels - data storage devices (flash drives, disks, memory cards), printers and data transfer interfaces and synchronization with smartphones.\r\nAn effective DLP solution should control the widest possible range of network communications channels, local devices, and interfaces. At the same time, the effectiveness of a DLP solution is determined by the flexibility of the settings and the ability to ensure a successful combination of business interests and security.\r\nToday, DLP products are a rapidly growing information security industry, and new products are released very often. Installing a DLP system will allow you to distinguish confidential information from the usual, which in turn will reduce the cost of the entire complex for the protection of information and resources in general. No unimportant moment when choosing a DLP-system is its price, but Data Leak Prevention has a modularity that allows you to protect the channels you need and not pay extra for protecting unnecessary ones.","materialsDescription":"<span style=\"font-weight: bold;\">What Is Data Loss Prevention (DLP)?</span>\r\nData loss prevention, or DLP, is a set of technologies, products, and techniques that are designed to stop sensitive information from leaving an organization.\r\nData can end up in the wrong hands whether it’s sent through email or instant messaging, website forms, file transfers, or other means. DLP strategies must include solutions that monitor for, detect, and block the unauthorized flow of information.\r\n<span style=\"font-weight: bold;\">How does DLP work?</span>\r\nDLP technologies use rules to look for sensitive information that may be included in electronic communications or to detect abnormal data transfers. The goal is to stop information such as intellectual property, financial data, and employee or customer details from being sent, either accidentally or intentionally, outside the corporate network.\r\n<span style=\"font-weight: bold;\">Why do organizations need DLP solutions?</span>\r\nThe proliferation of business communications has given many more people access to corporate data. Some of these users can be negligent or malicious. The result: a multitude of insider threats that can expose confidential data with a single click. Many government and industry regulations have made DLP a requirement.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DLP_Appliance.png"},{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":550,"title":"Web filtering - Appliance","alias":"web-filtering-appliance","description":" <span style=\"font-weight: bold; \">A web filter appliance</span> is a device that allows the user to filter all online content for censorship purposes, such that any links, downloads, and email containing offensive materials or pornography is outright blocked or removed. Web filtering appliance can also help you prevent malware infection because, more often than not, malware is usually hidden within links that promise porn or controversial content. Moreover, because the number of online hazards is un stopped increasing every day, it's always prudent to get a web filter appliance that can adapt to the changing times and the ever-evolving hazards posed by the Internet.\r\nAt any rate, content filtering appliance has a distinct advantage over their software counterparts in terms of stable restriction features, unrestricted monitoring, no platform-based limitations, easy upgrades and improvements, and so on. That's because the best web filters are fully integrated software and hardware systems that optimize their hybrid attributes when it comes to content filtering by gaining full, unmitigated control over online usage through well-defined policies as mandated by the owner of the network or the IT security administrator.\r\nGetting a web content filtering appliance that has a list of premium-grade and detailed content analysis with predefined categories (which includes keywords for pornography, game downloads, drugs, violence, adult content, offensive content, racist content, controversial content, and the like) is a must for any major network. All of the items you'll ever need to block should be easily selectable with a click of your mouse as well; after all, sophisticated technology aside, a good web filter appliance should also be intuitive and practical to use as well.<br /> ","materialsDescription":"<h1 class=\"align-center\">How a Web Content Filter Appliance Works</h1>\r\n<p class=\"align-left\">Typically a web content filter appliance protects Internet users and networks by using a combination of blacklists, URIBL and SURBL filters, category filters and keyword filters. Blacklists, URIBL and SURBL filters work together to prevent users visiting websites known to harbor malware, those that have been identified as fake phishing sites, and those who hid their true identity by using the whois privacy feature or a proxy server. Genuine websites have no reason to hide their true identity.</p>\r\n<p class=\"align-left\">In the category filtering process, the content of millions of webpages are analyzed and assigned a category. System administrators can then choose which categories to block access to (i.e. online shopping, alcohol, pornography, gambling, etc.) depending on whether the web content filter appliance is providing a service to a business, a store, a school, a restaurant, or a workplace. Most appliances for filtering web content also offer the facility to create bespoke categories.</p>\r\n<p class=\"align-left\">Keyword filters have multiple uses. They can be used to block access to websites containing specific words (for example the business name of a competitor), specific file extensions (typically those most commonly used for deploying malware and ransomware), and specific web applications; if, for example, a business wanted to allow its marketing department access to Facebook, but not FaceTime. Effectively, the keyword filters fine-tune the category settings, enhance security and increase productivity.</p>\r\n<h1 class=\"align-center\">Are there any home web filter appliance?</h1>\r\nFor children today, the Internet has always existed. To them, it’s second nature to pop online and watch a funny video, find a fact, or chat with a friend. But, of course, the Internet is also filled with a lot of dark corners (It’s a hop, skip, and a click to adult content). Parents, then, are presented with the daunting task of not only monitoring what sites their children visit but also their screen time consumption. There are a number of home content filtering appliance that allow parents to do just this. The best parental control apps and devices, be they hardware or software, not only put parents in command of such things as the content their children can view and the amount of time they can spend online but help restore a parent’s sense of control. With them, parents, from can restrict access to only specific sites and apps, filter dangerous or explicit web-content, manage time, and even track their location.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Web_filtering_Appliance.png"},{"id":552,"title":"Secure Web Gateway - Appliance","alias":"secure-web-gateway-appliance","description":"Secure web gateways are generally appliance-based security solutions that prevent advanced threats, block unauthorized access to systems or websites, stop malware, and monitor real-time activity across websites accessed by users within the institution.\r\nA secure web gateway is primarily used to monitor and prevent malicious traffic and data from entering, or even leaving, an organization’s network. Typically, it is implemented to secure an organization against threats originating from the Internet, websites and other Web 2.0 products/services. It is generally implemented through a hardware gateway device implemented at the outer boundaries of a network. Some of the features a secure Web gateway provides include URL filtering, application-level control, data leakage prevention, and virus/malware code detection.\r\nA Secure web gateway (SWG) protects users against phishing, malware and other Internet-borne threats. Unlike traditional firewalls, SWGs are focused on layer 7 web traffic inspection, both inbound and outbound. As web security solutions, they apply no protection to WAN traffic, which is left to the corporate next generation firewalls. In recent years, SWGs appeared as a cloud service. The cloud instances enable secure web and cloud access from anywhere – including outside the office by mobile users. The traffic coverage and solution form factor remain the key distinctions between SWGs and next generation firewalls, which often provide a very similar level of security capabilities.\r\nA converged, cloud-based network security solution converges the capabilities of a next generation firewall (WAN and Internet traffic inspection) and the extended coverage for mobile users of SWGs.\r\nA converged approach eliminates the need to maintain policies across multiple point solutions and the appliance life cycle.","materialsDescription":"<span style=\"font-weight: bold;\">Why is a secure web gateway important?</span>\r\nSecure web gateways have become increasingly common as cybercriminals have grown more sophisticated in embedding threat vectors into seemingly innocuous or professional-looking websites. These counterfeit websites can compromise the enterprise as users access them, unleashing malicious code and unauthorized access in the background without the user's knowledge. These fake, criminal websites can be quite convincing.\r\nSome of these scam websites appear to be so authentic that they can convince users to enter credit card numbers and personal identification information (PII) such as social security numbers. Other sites require only the connection to the user to bypass web browser controls and inject malicious code such as viruses or malware into the user's network. Examples include fake online shopping sites posing as brand-name sellers, sites that appear to be legitimate government agencies and even business-to-business intranets. Secure web gateways can also prevent data from flowing out of an organization, making certain that restricted data is blocked from leaving the organization.\r\n<span style=\"font-weight: bold;\">How does a secure web gateway work?</span>\r\nSecure web gateways are installed as a software component or a hardware device on the edge of the network or at user endpoints. All traffic to and from users to other networks must pass through the gateway that monitors it. The gateway monitors this traffic for malicious code, web application use, and all user/non-user attempted URL connections.\r\nThe gateway checks or filters website URL addresses against stored lists of known and approved websites—all others not on the approved lists can be explicitly blocked. Known malicious sites can be explicitly blocked as well. URL filters that maintain allowed web addresses are maintained in whitelists, while known, off-limits sites that are explicitly blocked are maintained in blacklists. In enterprises, these lists are maintained in the secure gateway's database, which then applies the list filters to all incoming and outgoing traffic.\r\nSimilarly, data flowing out of the network can be checked, disallowing restricted data sources—data on the network or user devices that are prohibited from distribution. Application-level controls can also be restricted to known and approved functions, such as blocking uploads to software-as-a-service (SaaS) applications (such as Office 365 and Salesforce.com). Although some enterprises deploy secure web gateways in hardware appliances that filter all incoming and outgoing traffic, many organizations use cloud-based, SaaS secure web gateways as a more flexible and less costly solution to deploy and maintain. Organizations with existing hardware investments often combine the two, using hardware at their larger physical sites and cloud-based gateways for remote locations and traveling workers.\r\n<span style=\"font-weight: bold;\">What are some features of secure web gateways?</span>\r\nBeyond basic URL, web application control and data filtering, secure web gateways should provide additional controls and features that enhance network security.\r\n<ul><li>Encrypted traffic analysis. The gateway should compare all traffic to local and global threat lists and reputation sources first, then also analyze the nature of the traffic itself to determine if any content or code poses a threat to the network. This should include SSL-based encrypted traffic.</li><li>Data Loss Prevention. If, for example, a website accepts uploaded documents or data, the documents should first be scanned for sensitive data before being uploaded.</li><li>Social media protection. All information to and from social media should be scanned and filtered.</li><li>Support for all protocols. HTTP, HTTPS, and FTP internet protocols must be supported. While HTTPS is the industry standard now, many sites still support HTTP and FTP connections.</li><li>Integration with zero-day anti-malware solutions. Threats will be discovered, and integration with anti-malware solutions that can detect zero-day (never seen before) threats deliver the best prevention and remediation.</li><li>Integration with security monitoring. Security administrators should be notified of any web gateway security problems via their monitoring solution of choice, typically a security information and event management (SIEM) solution.</li><li>Choice of location. Choose where your secure web gateway best fits in your network—the edge, at endpoints, or in the cloud.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Web_Gateway_Appliance.png"},{"id":556,"title":"Antispam - Appliance","alias":"antispam-appliance","description":"Anti-spam appliances are software or hardware devices integrated with on-board software that implement spam filtering and/or anti-spam for instant messaging (also called "spim") and are deployed at the gateway or in front of the mail server. They are normally driven by an operating system optimized for spam filtering. They are generally used in larger networks such as companies and corporations, ISPs, universities, etc.\r\nThe reasons hardware anti-spam appliances might be selected instead of software could include:\r\n<ul><li>The customer prefers to buy hardware rather than software</li><li>Ease of installation</li><li>Operating system requirements</li><li>Independence of existing hardware</li></ul>","materialsDescription":"<span style=\"font-weight: bold;\">How does an Antispam Appliance Work?</span>\r\nSince an antispam appliance is hardware, it can be placed at the entry point of the email server to inspect and filter every message that enters the email server. An antispam appliance is capable of evaluating IP addresses that are included in the email messages from the sender. The appliance can also examine the message content and then compare it against the criteria and parameters that have been set for receiving email messages.\r\n<span style=\"font-weight: bold;\">Advantages of an Antispam Appliance</span>\r\nAntispam appliances are capable of providing more email security to large networks because it is hardware that is specifically designed to handle email security on larger networks. Also, since an antispam appliance is hardware, it is much easier to install and configure on a network, as opposed to software that may require a specific operating system infrastructure. For example, if the organization is running the Linux operating system, this type of system will not support antispam filtering software.\r\nAnother advantage of using an antispam appliance is its ability to protect a large network from codes that are designed to destroy the individual computers on the network. These are malicious codes that can enter the email server and then transmit to the email client via spam. When the individual computers get infected, it slows the productivity of the organization and interrupts the network processes.\r\nAlthough many large networks deploy a vulnerability assessment program that can protect the network against criminals with malicious intent, sometimes vulnerability assessment is not enough to protect the massive amounts of email that enter an email server on a large network. This is why it is important to deploy an antispam appliance to provide added security for your email server and the email clients on the individual computers that are connected to the network.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Antispam_Appliance.png"},{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4619,"logoURL":"https://old.roi4cio.com/fileadmin/content/WiJungle-U5000X-ROI4CIO_03.jpg","logo":true,"scheme":false,"title":"WiJungle Unified Network Security Gateway (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"wijungle-nextgen-firewallutm-appliance-web-application-firewall-appliance-hotspot-gateway-appliance-load-balancer-router-vpn-router-with-3-years-license","companyTitle":"WiJungle","companyTypes":["supplier","vendor"],"companyId":7007,"companyAlias":"wijungle","description":"<p>WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education Institutes, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Events etc. <br />The product is available in 30+ different models to serve wide range of concurrent users.<br /><br />It offers features like</p>\r\n<ul>\r\n<li>Access/Interface Management</li>\r\n<li>Network Management</li>\r\n<li>User/Guest Management</li>\r\n<li>BandWidth Management</li>\r\n<li>Quality Of Service</li>\r\n<li>Data Leakage Prevention</li>\r\n<li>Content Filtering</li>\r\n<li>Load Balancing</li>\r\n<li>High Availability</li>\r\n<li>Gateway Anti-Virus</li>\r\n<li>Anti-Spam</li>\r\n<li>Web Server Protection</li>\r\n<li>Sandbox</li>\r\n<li>Advance Threat Protection</li>\r\n<li>Intrusion Prevention System</li>\r\n<li>Virtual Private Network</li>\r\n<li>Vulnerability Assessment</li>\r\n<li>Intuitive & Location Aware Captive Portals</li>\r\n<li>SMS Gateway Integration</li>\r\n<li>Social Media Engagement/Advertisement option</li>\r\n<li>Feedback Management</li>\r\n<li>User Logging</li>\r\n<li>Reporting and Analytics</li>\r\n<li>Prepaid/Postpaid Billing</li>\r\n<li>Voucher Management</li>\r\n<li>PMS/HIS Integration</li>\r\n<li>AP/Device Management</li>\r\n<li>Alert Management</li>\r\n</ul>","shortDescription":"WiJungle is a Unified Network Security Gateway Appliance that combinedly serves as NextGen Firewall/Unified Threat Management, Web Application Firewall, Hotspot Gateway, Vulnerability Assessment etc.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"WiJungle Unified Network Security Gateway (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License","keywords":"","description":"<p>WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education Institutes, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Events etc. &nbs","og:title":"WiJungle Unified Network Security Gateway (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License","og:description":"<p>WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education Institutes, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Events etc. &nbs","og:image":"https://old.roi4cio.com/fileadmin/content/WiJungle-U5000X-ROI4CIO_03.jpg"},"eventUrl":"","translationId":4619,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":471,"title":"Hardware","alias":"hardware","description":" Computer hardware includes the physical, tangible parts or components of a computer, such as the cabinet, central processing unit, monitor, keyboard, computer data storage, graphics card, sound card, speakers and motherboard. By contrast, software is instructions that can be stored and run by hardware. Hardware is so-termed because it is "hard" or rigid with respect to changes or modifications; whereas software is "soft" because it is easy to update or change. Intermediate between software and hardware is "firmware", which is software that is strongly coupled to the particular hardware of a computer system and thus the most difficult to change but also among the most stable with respect to consistency of interface. The progression from levels of "hardness" to "softness" in computer systems parallels a progression of layers of abstraction in computing.\r\nHardware is typically directed by the software to execute any command or instruction. A combination of hardware and software forms a usable computing system, although other systems exist with only hardware components.\r\nThe template for all modern computers is the Von Neumann architecture, detailed in a 1945 paper by Hungarian mathematician John von Neumann. This describes a design architecture for an electronic digital computer with subdivisions of a processing unit consisting of an arithmetic logic unit and processor registers, a control unit containing an instruction register and program counter, a memory to store both data and instructions, external mass storage, and input and output mechanisms. The meaning of the term has evolved to mean a stored-program computer in which an instruction fetch and a data operation cannot occur at the same time because they share a common bus. This is referred to as the Von Neumann bottleneck and often limits the performance of the system.","materialsDescription":" <span style=\"font-weight: bold; \">What does Hardware (H/W) mean?</span>\r\nHardware (H/W), in the context of technology, refers to the physical elements that make up a computer or electronic system and everything else involved that is physically tangible. This includes the monitor, hard drive, memory and CPU. Hardware works hand-in-hand with firmware and software to make a computer function.\r\n<span style=\"font-weight: bold; \">What are the types of computer systems?</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Personal computer</span></span>\r\nThe personal computer, also known as the PC, is one of the most common types of computer due to its versatility and relatively low price. Laptops are generally very similar, although they may use lower-power or reduced size components, thus lower performance.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Case</span></span>\r\nThe computer case encloses and holds most of the components of the system. It provides mechanical support and protection for internal elements such as the motherboard, disk drives, and power supplies, and controls and directs the flow of cooling air over internal components. The case is also part of the system to control electromagnetic interference radiated by the computer, and protects internal parts from electrostatic discharge. Large tower cases provide extra internal space for multiple disk drives or other peripherals and usually stand on the floor, while desktop cases provide less expansion room. All-in-one style designs include a video display built into the same case. Portable and laptop computers require cases that provide impact protection for the unit. A current development in laptop computers is a detachable keyboard, which allows the system to be configured as a touch-screen tablet. Hobbyists may decorate the cases with colored lights, paint, or other features, in an activity called case modding.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Power supply</span></span>\r\nA power supply unit (PSU) converts alternating current (AC) electric power to low-voltage direct current (DC) power for the internal components of the computer. Laptops are capable of running from a built-in battery, normally for a period of hours. The PSU typically uses a switched-mode power supply (SMPS), with power MOSFETs (power metal–oxide–semiconductor field-effect transistors) used in the converters and regulator circuits of the SMPS.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Motherboard</span></span>\r\nThe motherboard is the main component of a computer. It is a board with integrated circuitry that connects the other parts of the computer including the CPU, the RAM, the disk drives (CD, DVD, hard disk, or any others) as well as any peripherals connected via the ports or the expansion slots. The integrated circuit (IC) chips in a computer typically contain billions of tiny metal–oxide–semiconductor field-effect transistors (MOSFETs).\r\nComponents directly attached to or to part of the motherboard include:\r\n<ul><li><span style=\"font-weight: bold; \">The CPU (central processing unit)</span>, which performs most of the calculations which enable a computer to function, and is referred to as the brain of the computer which get a hold of program instruction from random-access memory (RAM), interprets and processes it and then send it backs to computer result so that the relevant components can carry out the instructions. The CPU is a microprocessor, which is fabricated on a metal–oxide–semiconductor (MOS) integrated circuit (IC) chip. It is usually cooled by a heat sink and fan, or water-cooling system. Most newer CPU include an on-die graphics processing unit (GPU). The clock speed of CPU governs how fast it executes instructions, and is measured in GHz; typical values lie between 1 GHz and 5 GHz. Many modern computers have the option to overclock the CPU which enhances performance at the expense of greater thermal output and thus a need for improved cooling.</li><li><span style=\"font-weight: bold; \">The chipset</span>, which includes the north bridge, mediates communication between the CPU and the other components of the system, including main memory; as well as south bridge, which is connected to the north bridge, and supports auxiliary interfaces and buses; and, finally, a Super I/O chip, connected through the south bridge, which supports the slowest and most legacy components like serial ports, hardware monitoring and fan control.</li><li><span style=\"font-weight: bold; \">Random-access memory (RAM)</span>, which stores the code and data that are being actively accessed by the CPU. For example, when a web browser is opened on the computer it takes up memory; this is stored in the RAM until the web browser is closed. It is typically a type of dynamic RAM (DRAM), such as synchronous DRAM (SDRAM), where MOS memory chips store data on memory cells consisting of MOSFETs and MOS capacitors. RAM usually comes on dual in-line memory modules (DIMMs) in the sizes of 2GB, 4GB, and 8GB, but can be much larger.</li><li><span style=\"font-weight: bold; \">Read-only memory (ROM)</span>, which stores the BIOS that runs when the computer is powered on or otherwise begins execution, a process known as Bootstrapping, or "booting" or "booting up". The ROM is typically a nonvolatile BIOS memory chip, which stores data on floating-gate MOSFET memory cells.</li><li><span style=\"font-weight: bold; \">The BIOS (Basic Input Output System)</span> includes boot firmware and power management firmware. Newer motherboards use Unified Extensible Firmware Interface (UEFI) instead of BIOS.</li><li><span style=\"font-weight: bold; \">Buses</span> that connect the CPU to various internal components and to expand cards for graphics and sound.</li><li><span style=\"font-weight: bold; \">The CMOS</span> (complementary MOS) battery, which powers the CMOS memory for date and time in the BIOS chip. This battery is generally a watch battery.</li><li><span style=\"font-weight: bold; \">The video card</span> (also known as the graphics card), which processes computer graphics. More powerful graphics cards are better suited to handle strenuous tasks, such as playing intensive video games or running computer graphics software. A video card contains a graphics processing unit (GPU) and video memory (typically a type of SDRAM), both fabricated on MOS integrated circuit (MOS IC) chips.</li><li><span style=\"font-weight: bold; \">Power MOSFETs</span> make up the voltage regulator module (VRM), which controls how much voltage other hardware components receive.</li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Expansion cards</span></span>\r\nAn expansion card in computing is a printed circuit board that can be inserted into an expansion slot of a computer motherboard or backplane to add functionality to a computer system via the expansion bus. Expansion cards can be used to obtain or expand on features not offered by the motherboard.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Storage devices</span></span>\r\nA storage device is any computing hardware and digital media that is used for storing, porting and extracting data files and objects. It can hold and store information both temporarily and permanently, and can be internal or external to a computer, server or any similar computing device. Data storage is a core function and fundamental component of computers.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Fixed media</span></span>\r\nData is stored by a computer using a variety of media. Hard disk drives (HDDs) are found in virtually all older computers, due to their high capacity and low cost, but solid-state drives (SSDs) are faster and more power efficient, although currently more expensive than hard drives in terms of dollar per gigabyte, so are often found in personal computers built post-2007. SSDs use flash memory, which stores data on MOS memory chips consisting of floating-gate MOSFET memory cells. Some systems may use a disk array controller for greater performance or reliability.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Removable media</span></span>\r\nTo transfer data between computers, an external flash memory device (such as a memory card or USB flash drive) or optical disc (such as a CD-ROM, DVD-ROM or BD-ROM) may be used. Their usefulness depends on being readable by other systems; the majority of machines have an optical disk drive (ODD), and virtually all have at least one Universal Serial Bus (USB) port.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input and output peripherals</span></span>\r\nInput and output devices are typically housed externally to the main computer chassis. The following are either standard or very common to many computer systems.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input</span></span>\r\nInput devices allow the user to enter information into the system, or control its operation. Most personal computers have a mouse and keyboard, but laptop systems typically use a touchpad instead of a mouse. Other input devices include webcams, microphones, joysticks, and image scanners.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Output device</span></span>\r\nOutput devices display information in a human readable form. Such devices could include printers, speakers, monitors or a Braille embosser.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Mainframe computer</span></span>\r\nA mainframe computer is a much larger computer that typically fills a room and may cost many hundreds or thousands of times as much as a personal computer. They are designed to perform large numbers of calculations for governments and large enterprises.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Departmental computing</span></span>\r\nIn the 1960s and 1970s, more and more departments started to use cheaper and dedicated systems for specific purposes like process control and laboratory automation.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supercomputer</span></span>\r\nA supercomputer is superficially similar to a mainframe, but is instead intended for extremely demanding computational tasks. As of June 2018, the fastest supercomputer on the TOP500supercomputer list is the Summit, in the United States, with a LINPACK benchmarkscore of 122.3 PFLOPS Light, by around 29 PFLOPS.\r\nThe term supercomputer does not refer to a specific technology. Rather it indicates the fastest computations available at any given time. In mid 2011, the fastest supercomputers boasted speeds exceeding one petaflop, or 1 quadrillion (10^15 or 1,000 trillion) floating point operations per second. Supercomputers are fast but extremely costly, so they are generally used by large organizations to execute computationally demanding tasks involving large data sets. Supercomputers typically run military and scientific applications. Although costly, they are also being used for commercial applications where huge amounts of data must be analyzed. For example, large banks employ supercomputers to calculate the risks and returns of various investment strategies, and healthcare organizations use them to analyze giant databases of patient data to determine optimal treatments for various diseases and problems incurring to the country. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Hardware.jpg"},{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":475,"title":"Network Management - Hardware","alias":"network-management-hardware","description":" Your business is much more than just a machine that dispenses products or services in exchange for money. It’s akin to a living and breathing thing. Just as with the human body, in business, all the parts are interconnected and work together to move things forward.\r\nIf a company’s management is the brain, then its employees are the muscles. Muscles don’t work without the oxygen carried to them by the blood. Blood doesn’t pump through the body without the heart and circulatory system.\r\nData moves through your network like blood through veins, delivering vital information to employees who need it to do their jobs. In a business sense, the digital network is the heart and circulatory system. Without a properly functioning network, the entire business collapses. That’s why keeping networks healthy is vitally important. Just as keeping the heart healthy is critical to living a healthy life, a healthy network is a key to a thriving business. It starts with network management.\r\nNetwork management is hardware with a broad range of functions including activities, methods, procedures and the use of tools to administrate, operate, and reliably maintain computer network systems.\r\nStrictly speaking, network Management does not include terminal equipment (PCs, workstations, printers, etc.). Rather, it concerns the reliability, efficiency and capacity/capabilities of data transfer channels.","materialsDescription":" <span style=\"font-weight: bold;\">What Is Network Management?</span>\r\nNetwork management refers to the processes, tools, and applications used to administer, operate and maintain network infrastructure. Performance management and fault analysis also fall into the category of network management. To put it simply, network management is the process of keeping your network healthy, which keeps your business healthy.\r\n<span style=\"font-weight: bold;\">What Are the Components of Network Management?</span>\r\nThe definition of network management is often broad, as network management involves several different components. Here are some of the terms you’ll often hear when network management or network management software is talked about:\r\n<ul><li>Network administration</li><li>Network maintenance</li><li>Network operation</li><li>Network provisioning</li><li>Network security</li></ul>\r\n<span style=\"font-weight: bold;\">Why Is Network Management so Important When It Comes to Network Infrastructure?</span>\r\nThe whole point of network management is to keep the network infrastructure running smoothly and efficiently. Network management helps you:\r\n<ul><li><span style=\"font-style: italic;\">Avoid costly network disruptions.</span> Network downtime can be very costly. In fact, industry research shows the cost can be up to $5,600 per minute or more than $300K per hour. Network disruptions take more than just a financial toll. They also have a negative impact on customer relationships. Slow and unresponsive corporate networks make it harder for employees to serve customers. And customers who feel underserved could be quick to leave.</li><li><span style=\"font-style: italic;\">Improve IT productivity.</span> By monitoring every aspect of the network, an effective network management system does many jobs at once. This frees up IT staff to focus on other things.</li><li><span style=\"font-style: italic;\">Improve network security.</span> With a focus on network management, it’s easy to identify and respond to threats before they propagate and impact end-users. Network management also aims to ensure regulatory and compliance requirements are met.</li><li><span style=\"font-style: italic;\">Gain a holistic view of network performance.</span> Network management gives you a complete view of how your network is performing. It enables you to identify issues and fix them quickly.</li></ul>\r\n<span style=\"font-weight: bold;\">What Are the Challenges of Maintaining Effective Network Management and Network Infrastructure?</span>\r\nNetwork infrastructures can be complex. Because of that complexity, maintaining effective network management is difficult. Advances in technology and the cloud have increased user expectations for faster network speeds and network availability. On top of that, security threats are becoming ever more advanced, varied and numerous. And if you have a large network, it incorporates several devices, systems, and tools that all need to work together seamlessly. As your network scales and your company grows, new potential points of failure are introduced. Increased costs also come into play.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Management_Hardware__1_.png"},{"id":542,"title":"UTM - Unified Threat Management Appliance","alias":"utm-unified-threat-management-appliance","description":"A unified threat management (UTM) system is a type of network hardware appliance that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.<br />UTM devices are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nWhile UTM systems and next-generation firewalls (NGFWs) are sometimes comparable, UTM devices include added security features that NGFWs don't offer.\r\nUTM systems provide increased protection and visibility, as well as control over network security, which reduces complexity. UTM systems typically do this via inspection methods that address different types of threats.\r\nThese methods include:\r\n<ul><li>Flow-based inspection, also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li>Proxy-based inspection acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\nUTM devices provide a single platform for multiple network security functions and offer the benefit of a single interface for those security functions, as well as a single point of interface to monitor or analyze security logs for those different functions.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">How do UTM Appliances block a computer virus — or many viruses?</span>\r\nUnified threat management appliances have gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. Preventing these types of attacks can be difficult when using separate appliances and vendors for each specific security task, as each aspect has to be managed and updated individually in order to remain current in the face of the latest forms of malware and cybercrime. By creating a single point of defense and providing a single console, UTM solutions make dealing with varied threats much easier.\r\nWhile unified threat management solutions do solve some network security issues, they aren't without some drawbacks, with the biggest one being that the single point of defense that an UTM appliance provides also creates a single point of failure. Because of this, many organizations choose to supplement their UTM device with a second software-based perimeter to stop any malware that got through or around the UTM firewall.\r\nWhat kind of companies use a Unified Threat Management system?\r\nUTM was originally for small to medium office businesses to simplify their security systems. But due to its almost universal applicability, it has since become popular with all sectors and larger enterprises. Developments in the technology have allowed it to scale up, opening UTM up to more types of businesses that are looking for a comprehensive gateway security solution.\r\n<span style=\"font-weight: bold;\">What security features does Unified Threat Management have?</span>\r\nAs previously mentioned, most UTM services include a firewall, antivirus and intrusion detection and prevention systems. But they also can include other services that provide additional security.\r\n<ul><li>Data loss prevention software to stop data from exfiltrating the business, which in turn prevents a data leak from occurring.</li><li>Security information and event management software for real-time monitoring of network health, which allows threats and points of weakness to be identified.</li><li>Bandwidth management to regulate and prioritize network traffic, ensuring everything is running smoothly without getting overwhelmed.</li><li>Email filtering to remove spam and dangerous emails before they reach the internal network, lowering the chance of a phishing or similar attack breaching your defenses.</li><li>Web filtering to prevent connections to dangerous or inappropriate sites from a machine on the network. This lowers the chance of infection through malvertising or malicious code on the page. It can also be used to increase productivity within a business, i.e. blocking or restricting social media, gaming sites, etc.</li><li>Application filtering to either a blacklist or whitelist which programs can run, preventing certain applications from communicating in and out of the network, i.e. Facebook messenger.</li></ul>\r\n<span style=\"font-weight: bold;\">What are the benefits of Unified Threat Management?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Simplifies the network</span></li></ul>\r\nBy consolidating multiple security appliances and services into one, you can easily reduce the amount of time spent on maintaining many separate systems that may have become disorganized. This can also improve the performance of the network as there is less bloat. A smaller system also requires less energy and space to run.\r\n<ul><li><span style=\"font-weight: bold;\">Provides greater security and visibility</span></li></ul>\r\nA UTM system can include reporting tools, application filtering and virtual private network (VPN) capabilities, all of which defend your network from more types of threats or improve the existing security. Additionally, monitoring and analysis tools can help locate points of weakness or identify ongoing attacks.\r\n<ul><li><span style=\"font-weight: bold;\">Can defend from more sophisticated attacks</span></li></ul>\r\nBecause UTM defends multiple parts of a network it means that an attack targeting multiple points simultaneously can be repelled more easily. With cyber-attacks getting more sophisticated, having defenses that can match them is of greater importance.\r\nHaving several ways of detecting a threat also means a UTM system is more accurate at identifying potential attacks and preventing them from causing damage.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM_Unified_Threat_Management_Appliance.png"},{"id":544,"title":"DLP - Appliance","alias":"dlp-appliance","description":"DLP (Data Loss Prevention) is a technology for preventing leakage of confidential information from an information system to the outside, as well as technical software and hardware devices for such prevention of leakage. According to most definitions, information leakage is the unauthorized distribution of restricted access data that is not controlled by the owner of this data. This implies that the person who committed the leak has the rights to access information.\r\nThe most effective way to ensure data security on corporate computers today is to use specialized data leakage prevention tools (Data Leak Prevention or DLP). DLP solutions are designed to eliminate the “human factor” and prevent misconduct by preventing (and fixing) data leaks from a computer for as many scripts as possible.\r\nEmail and webmail services, instant messaging services, social networks and forums, cloud file storages, FTP servers - all these benefits of the Internet can at any moment be a channel for leaking corporate information, disclosure of which may be undesirable or even dangerous for business.\r\nYou shouldn’t disregard traditional local channels - data storage devices (flash drives, disks, memory cards), printers and data transfer interfaces and synchronization with smartphones.\r\nAn effective DLP solution should control the widest possible range of network communications channels, local devices, and interfaces. At the same time, the effectiveness of a DLP solution is determined by the flexibility of the settings and the ability to ensure a successful combination of business interests and security.\r\nToday, DLP products are a rapidly growing information security industry, and new products are released very often. Installing a DLP system will allow you to distinguish confidential information from the usual, which in turn will reduce the cost of the entire complex for the protection of information and resources in general. No unimportant moment when choosing a DLP-system is its price, but Data Leak Prevention has a modularity that allows you to protect the channels you need and not pay extra for protecting unnecessary ones.","materialsDescription":"<span style=\"font-weight: bold;\">What Is Data Loss Prevention (DLP)?</span>\r\nData loss prevention, or DLP, is a set of technologies, products, and techniques that are designed to stop sensitive information from leaving an organization.\r\nData can end up in the wrong hands whether it’s sent through email or instant messaging, website forms, file transfers, or other means. DLP strategies must include solutions that monitor for, detect, and block the unauthorized flow of information.\r\n<span style=\"font-weight: bold;\">How does DLP work?</span>\r\nDLP technologies use rules to look for sensitive information that may be included in electronic communications or to detect abnormal data transfers. The goal is to stop information such as intellectual property, financial data, and employee or customer details from being sent, either accidentally or intentionally, outside the corporate network.\r\n<span style=\"font-weight: bold;\">Why do organizations need DLP solutions?</span>\r\nThe proliferation of business communications has given many more people access to corporate data. Some of these users can be negligent or malicious. The result: a multitude of insider threats that can expose confidential data with a single click. Many government and industry regulations have made DLP a requirement.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DLP_Appliance.png"},{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":550,"title":"Web filtering - Appliance","alias":"web-filtering-appliance","description":" <span style=\"font-weight: bold; \">A web filter appliance</span> is a device that allows the user to filter all online content for censorship purposes, such that any links, downloads, and email containing offensive materials or pornography is outright blocked or removed. Web filtering appliance can also help you prevent malware infection because, more often than not, malware is usually hidden within links that promise porn or controversial content. Moreover, because the number of online hazards is un stopped increasing every day, it's always prudent to get a web filter appliance that can adapt to the changing times and the ever-evolving hazards posed by the Internet.\r\nAt any rate, content filtering appliance has a distinct advantage over their software counterparts in terms of stable restriction features, unrestricted monitoring, no platform-based limitations, easy upgrades and improvements, and so on. That's because the best web filters are fully integrated software and hardware systems that optimize their hybrid attributes when it comes to content filtering by gaining full, unmitigated control over online usage through well-defined policies as mandated by the owner of the network or the IT security administrator.\r\nGetting a web content filtering appliance that has a list of premium-grade and detailed content analysis with predefined categories (which includes keywords for pornography, game downloads, drugs, violence, adult content, offensive content, racist content, controversial content, and the like) is a must for any major network. All of the items you'll ever need to block should be easily selectable with a click of your mouse as well; after all, sophisticated technology aside, a good web filter appliance should also be intuitive and practical to use as well.<br /> ","materialsDescription":"<h1 class=\"align-center\">How a Web Content Filter Appliance Works</h1>\r\n<p class=\"align-left\">Typically a web content filter appliance protects Internet users and networks by using a combination of blacklists, URIBL and SURBL filters, category filters and keyword filters. Blacklists, URIBL and SURBL filters work together to prevent users visiting websites known to harbor malware, those that have been identified as fake phishing sites, and those who hid their true identity by using the whois privacy feature or a proxy server. Genuine websites have no reason to hide their true identity.</p>\r\n<p class=\"align-left\">In the category filtering process, the content of millions of webpages are analyzed and assigned a category. System administrators can then choose which categories to block access to (i.e. online shopping, alcohol, pornography, gambling, etc.) depending on whether the web content filter appliance is providing a service to a business, a store, a school, a restaurant, or a workplace. Most appliances for filtering web content also offer the facility to create bespoke categories.</p>\r\n<p class=\"align-left\">Keyword filters have multiple uses. They can be used to block access to websites containing specific words (for example the business name of a competitor), specific file extensions (typically those most commonly used for deploying malware and ransomware), and specific web applications; if, for example, a business wanted to allow its marketing department access to Facebook, but not FaceTime. Effectively, the keyword filters fine-tune the category settings, enhance security and increase productivity.</p>\r\n<h1 class=\"align-center\">Are there any home web filter appliance?</h1>\r\nFor children today, the Internet has always existed. To them, it’s second nature to pop online and watch a funny video, find a fact, or chat with a friend. But, of course, the Internet is also filled with a lot of dark corners (It’s a hop, skip, and a click to adult content). Parents, then, are presented with the daunting task of not only monitoring what sites their children visit but also their screen time consumption. There are a number of home content filtering appliance that allow parents to do just this. The best parental control apps and devices, be they hardware or software, not only put parents in command of such things as the content their children can view and the amount of time they can spend online but help restore a parent’s sense of control. With them, parents, from can restrict access to only specific sites and apps, filter dangerous or explicit web-content, manage time, and even track their location.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Web_filtering_Appliance.png"},{"id":552,"title":"Secure Web Gateway - Appliance","alias":"secure-web-gateway-appliance","description":"Secure web gateways are generally appliance-based security solutions that prevent advanced threats, block unauthorized access to systems or websites, stop malware, and monitor real-time activity across websites accessed by users within the institution.\r\nA secure web gateway is primarily used to monitor and prevent malicious traffic and data from entering, or even leaving, an organization’s network. Typically, it is implemented to secure an organization against threats originating from the Internet, websites and other Web 2.0 products/services. It is generally implemented through a hardware gateway device implemented at the outer boundaries of a network. Some of the features a secure Web gateway provides include URL filtering, application-level control, data leakage prevention, and virus/malware code detection.\r\nA Secure web gateway (SWG) protects users against phishing, malware and other Internet-borne threats. Unlike traditional firewalls, SWGs are focused on layer 7 web traffic inspection, both inbound and outbound. As web security solutions, they apply no protection to WAN traffic, which is left to the corporate next generation firewalls. In recent years, SWGs appeared as a cloud service. The cloud instances enable secure web and cloud access from anywhere – including outside the office by mobile users. The traffic coverage and solution form factor remain the key distinctions between SWGs and next generation firewalls, which often provide a very similar level of security capabilities.\r\nA converged, cloud-based network security solution converges the capabilities of a next generation firewall (WAN and Internet traffic inspection) and the extended coverage for mobile users of SWGs.\r\nA converged approach eliminates the need to maintain policies across multiple point solutions and the appliance life cycle.","materialsDescription":"<span style=\"font-weight: bold;\">Why is a secure web gateway important?</span>\r\nSecure web gateways have become increasingly common as cybercriminals have grown more sophisticated in embedding threat vectors into seemingly innocuous or professional-looking websites. These counterfeit websites can compromise the enterprise as users access them, unleashing malicious code and unauthorized access in the background without the user's knowledge. These fake, criminal websites can be quite convincing.\r\nSome of these scam websites appear to be so authentic that they can convince users to enter credit card numbers and personal identification information (PII) such as social security numbers. Other sites require only the connection to the user to bypass web browser controls and inject malicious code such as viruses or malware into the user's network. Examples include fake online shopping sites posing as brand-name sellers, sites that appear to be legitimate government agencies and even business-to-business intranets. Secure web gateways can also prevent data from flowing out of an organization, making certain that restricted data is blocked from leaving the organization.\r\n<span style=\"font-weight: bold;\">How does a secure web gateway work?</span>\r\nSecure web gateways are installed as a software component or a hardware device on the edge of the network or at user endpoints. All traffic to and from users to other networks must pass through the gateway that monitors it. The gateway monitors this traffic for malicious code, web application use, and all user/non-user attempted URL connections.\r\nThe gateway checks or filters website URL addresses against stored lists of known and approved websites—all others not on the approved lists can be explicitly blocked. Known malicious sites can be explicitly blocked as well. URL filters that maintain allowed web addresses are maintained in whitelists, while known, off-limits sites that are explicitly blocked are maintained in blacklists. In enterprises, these lists are maintained in the secure gateway's database, which then applies the list filters to all incoming and outgoing traffic.\r\nSimilarly, data flowing out of the network can be checked, disallowing restricted data sources—data on the network or user devices that are prohibited from distribution. Application-level controls can also be restricted to known and approved functions, such as blocking uploads to software-as-a-service (SaaS) applications (such as Office 365 and Salesforce.com). Although some enterprises deploy secure web gateways in hardware appliances that filter all incoming and outgoing traffic, many organizations use cloud-based, SaaS secure web gateways as a more flexible and less costly solution to deploy and maintain. Organizations with existing hardware investments often combine the two, using hardware at their larger physical sites and cloud-based gateways for remote locations and traveling workers.\r\n<span style=\"font-weight: bold;\">What are some features of secure web gateways?</span>\r\nBeyond basic URL, web application control and data filtering, secure web gateways should provide additional controls and features that enhance network security.\r\n<ul><li>Encrypted traffic analysis. The gateway should compare all traffic to local and global threat lists and reputation sources first, then also analyze the nature of the traffic itself to determine if any content or code poses a threat to the network. This should include SSL-based encrypted traffic.</li><li>Data Loss Prevention. If, for example, a website accepts uploaded documents or data, the documents should first be scanned for sensitive data before being uploaded.</li><li>Social media protection. All information to and from social media should be scanned and filtered.</li><li>Support for all protocols. HTTP, HTTPS, and FTP internet protocols must be supported. While HTTPS is the industry standard now, many sites still support HTTP and FTP connections.</li><li>Integration with zero-day anti-malware solutions. Threats will be discovered, and integration with anti-malware solutions that can detect zero-day (never seen before) threats deliver the best prevention and remediation.</li><li>Integration with security monitoring. Security administrators should be notified of any web gateway security problems via their monitoring solution of choice, typically a security information and event management (SIEM) solution.</li><li>Choice of location. Choose where your secure web gateway best fits in your network—the edge, at endpoints, or in the cloud.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Web_Gateway_Appliance.png"},{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"suppliedProducts":[{"id":4620,"logoURL":"https://old.roi4cio.com/fileadmin/content/u250x-ROI4CIO.jpg","logo":true,"scheme":false,"title":"WiJungle U250X (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License ","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"wijungle-u35-nextgen-firewallutm-appliance-web-application-firewall-appliance-hotspot-gateway-appliance-load-balancer-router-vpn-router-with-3-years-license","companyTitle":"WiJungle","companyTypes":["supplier","vendor"],"companyId":7007,"companyAlias":"wijungle","description":"<p><span class=\"c-message__body\" data-qa=\"message-text\">WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Residential Estates, Events etc. across the globe.<br />The product is available in 30+ different models to serve wide range of concurrent users with throughput range from 3.2 Gbps to 240 Gbps.<br /></span><br />It offers features like</p>\r\n<ul>\r\n<li>Access/Interface Management</li>\r\n<li>Network Management</li>\r\n<li>User/Guest Management</li>\r\n<li>BandWidth Management</li>\r\n<li>Quality Of Service</li>\r\n<li>Data Leakage Prevention</li>\r\n<li>Content Filtering</li>\r\n<li>Load Balancing</li>\r\n<li>High Availability</li>\r\n<li>Gateway Anti-Virus</li>\r\n<li>Anti-Spam</li>\r\n<li>Web Server Protection</li>\r\n<li>Sandbox</li>\r\n<li>Advance Threat Protection</li>\r\n<li>Intrusion Prevention System</li>\r\n<li>Virtual Private Network</li>\r\n<li>Vulnerability Assessment</li>\r\n<li>Intuitive & Location Aware Captive Portals</li>\r\n<li>SMS Gateway Integration</li>\r\n<li>Social Media Engagement/Advertisement option</li>\r\n<li>Feedback Management</li>\r\n<li>User Logging</li>\r\n<li>Reporting and Analytics</li>\r\n<li>Prepaid/Postpaid Billing</li>\r\n<li>Voucher Management</li>\r\n<li>PMS/HIS Integration</li>\r\n<li>AP/Device Management</li>\r\n<li>Alert Management</li>\r\n</ul>\r\n<p> </p>","shortDescription":"WiJungle is a Unified Network Security Gateway Appliance that combinedly serves as NextGen Firewall/Unified Threat Management, Web Application Firewall, Hotspot Gateway, Vulnerability Assessment etc.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"WiJungle U250X (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License ","keywords":"","description":"<p><span class=\"c-message__body\" data-qa=\"message-text\">WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Residential Est","og:title":"WiJungle U250X (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License ","og:description":"<p><span class=\"c-message__body\" data-qa=\"message-text\">WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Residential Est","og:image":"https://old.roi4cio.com/fileadmin/content/u250x-ROI4CIO.jpg"},"eventUrl":"","translationId":4620,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":471,"title":"Hardware","alias":"hardware","description":" Computer hardware includes the physical, tangible parts or components of a computer, such as the cabinet, central processing unit, monitor, keyboard, computer data storage, graphics card, sound card, speakers and motherboard. By contrast, software is instructions that can be stored and run by hardware. Hardware is so-termed because it is "hard" or rigid with respect to changes or modifications; whereas software is "soft" because it is easy to update or change. Intermediate between software and hardware is "firmware", which is software that is strongly coupled to the particular hardware of a computer system and thus the most difficult to change but also among the most stable with respect to consistency of interface. The progression from levels of "hardness" to "softness" in computer systems parallels a progression of layers of abstraction in computing.\r\nHardware is typically directed by the software to execute any command or instruction. A combination of hardware and software forms a usable computing system, although other systems exist with only hardware components.\r\nThe template for all modern computers is the Von Neumann architecture, detailed in a 1945 paper by Hungarian mathematician John von Neumann. This describes a design architecture for an electronic digital computer with subdivisions of a processing unit consisting of an arithmetic logic unit and processor registers, a control unit containing an instruction register and program counter, a memory to store both data and instructions, external mass storage, and input and output mechanisms. The meaning of the term has evolved to mean a stored-program computer in which an instruction fetch and a data operation cannot occur at the same time because they share a common bus. This is referred to as the Von Neumann bottleneck and often limits the performance of the system.","materialsDescription":" <span style=\"font-weight: bold; \">What does Hardware (H/W) mean?</span>\r\nHardware (H/W), in the context of technology, refers to the physical elements that make up a computer or electronic system and everything else involved that is physically tangible. This includes the monitor, hard drive, memory and CPU. Hardware works hand-in-hand with firmware and software to make a computer function.\r\n<span style=\"font-weight: bold; \">What are the types of computer systems?</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Personal computer</span></span>\r\nThe personal computer, also known as the PC, is one of the most common types of computer due to its versatility and relatively low price. Laptops are generally very similar, although they may use lower-power or reduced size components, thus lower performance.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Case</span></span>\r\nThe computer case encloses and holds most of the components of the system. It provides mechanical support and protection for internal elements such as the motherboard, disk drives, and power supplies, and controls and directs the flow of cooling air over internal components. The case is also part of the system to control electromagnetic interference radiated by the computer, and protects internal parts from electrostatic discharge. Large tower cases provide extra internal space for multiple disk drives or other peripherals and usually stand on the floor, while desktop cases provide less expansion room. All-in-one style designs include a video display built into the same case. Portable and laptop computers require cases that provide impact protection for the unit. A current development in laptop computers is a detachable keyboard, which allows the system to be configured as a touch-screen tablet. Hobbyists may decorate the cases with colored lights, paint, or other features, in an activity called case modding.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Power supply</span></span>\r\nA power supply unit (PSU) converts alternating current (AC) electric power to low-voltage direct current (DC) power for the internal components of the computer. Laptops are capable of running from a built-in battery, normally for a period of hours. The PSU typically uses a switched-mode power supply (SMPS), with power MOSFETs (power metal–oxide–semiconductor field-effect transistors) used in the converters and regulator circuits of the SMPS.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Motherboard</span></span>\r\nThe motherboard is the main component of a computer. It is a board with integrated circuitry that connects the other parts of the computer including the CPU, the RAM, the disk drives (CD, DVD, hard disk, or any others) as well as any peripherals connected via the ports or the expansion slots. The integrated circuit (IC) chips in a computer typically contain billions of tiny metal–oxide–semiconductor field-effect transistors (MOSFETs).\r\nComponents directly attached to or to part of the motherboard include:\r\n<ul><li><span style=\"font-weight: bold; \">The CPU (central processing unit)</span>, which performs most of the calculations which enable a computer to function, and is referred to as the brain of the computer which get a hold of program instruction from random-access memory (RAM), interprets and processes it and then send it backs to computer result so that the relevant components can carry out the instructions. The CPU is a microprocessor, which is fabricated on a metal–oxide–semiconductor (MOS) integrated circuit (IC) chip. It is usually cooled by a heat sink and fan, or water-cooling system. Most newer CPU include an on-die graphics processing unit (GPU). The clock speed of CPU governs how fast it executes instructions, and is measured in GHz; typical values lie between 1 GHz and 5 GHz. Many modern computers have the option to overclock the CPU which enhances performance at the expense of greater thermal output and thus a need for improved cooling.</li><li><span style=\"font-weight: bold; \">The chipset</span>, which includes the north bridge, mediates communication between the CPU and the other components of the system, including main memory; as well as south bridge, which is connected to the north bridge, and supports auxiliary interfaces and buses; and, finally, a Super I/O chip, connected through the south bridge, which supports the slowest and most legacy components like serial ports, hardware monitoring and fan control.</li><li><span style=\"font-weight: bold; \">Random-access memory (RAM)</span>, which stores the code and data that are being actively accessed by the CPU. For example, when a web browser is opened on the computer it takes up memory; this is stored in the RAM until the web browser is closed. It is typically a type of dynamic RAM (DRAM), such as synchronous DRAM (SDRAM), where MOS memory chips store data on memory cells consisting of MOSFETs and MOS capacitors. RAM usually comes on dual in-line memory modules (DIMMs) in the sizes of 2GB, 4GB, and 8GB, but can be much larger.</li><li><span style=\"font-weight: bold; \">Read-only memory (ROM)</span>, which stores the BIOS that runs when the computer is powered on or otherwise begins execution, a process known as Bootstrapping, or "booting" or "booting up". The ROM is typically a nonvolatile BIOS memory chip, which stores data on floating-gate MOSFET memory cells.</li><li><span style=\"font-weight: bold; \">The BIOS (Basic Input Output System)</span> includes boot firmware and power management firmware. Newer motherboards use Unified Extensible Firmware Interface (UEFI) instead of BIOS.</li><li><span style=\"font-weight: bold; \">Buses</span> that connect the CPU to various internal components and to expand cards for graphics and sound.</li><li><span style=\"font-weight: bold; \">The CMOS</span> (complementary MOS) battery, which powers the CMOS memory for date and time in the BIOS chip. This battery is generally a watch battery.</li><li><span style=\"font-weight: bold; \">The video card</span> (also known as the graphics card), which processes computer graphics. More powerful graphics cards are better suited to handle strenuous tasks, such as playing intensive video games or running computer graphics software. A video card contains a graphics processing unit (GPU) and video memory (typically a type of SDRAM), both fabricated on MOS integrated circuit (MOS IC) chips.</li><li><span style=\"font-weight: bold; \">Power MOSFETs</span> make up the voltage regulator module (VRM), which controls how much voltage other hardware components receive.</li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Expansion cards</span></span>\r\nAn expansion card in computing is a printed circuit board that can be inserted into an expansion slot of a computer motherboard or backplane to add functionality to a computer system via the expansion bus. Expansion cards can be used to obtain or expand on features not offered by the motherboard.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Storage devices</span></span>\r\nA storage device is any computing hardware and digital media that is used for storing, porting and extracting data files and objects. It can hold and store information both temporarily and permanently, and can be internal or external to a computer, server or any similar computing device. Data storage is a core function and fundamental component of computers.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Fixed media</span></span>\r\nData is stored by a computer using a variety of media. Hard disk drives (HDDs) are found in virtually all older computers, due to their high capacity and low cost, but solid-state drives (SSDs) are faster and more power efficient, although currently more expensive than hard drives in terms of dollar per gigabyte, so are often found in personal computers built post-2007. SSDs use flash memory, which stores data on MOS memory chips consisting of floating-gate MOSFET memory cells. Some systems may use a disk array controller for greater performance or reliability.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Removable media</span></span>\r\nTo transfer data between computers, an external flash memory device (such as a memory card or USB flash drive) or optical disc (such as a CD-ROM, DVD-ROM or BD-ROM) may be used. Their usefulness depends on being readable by other systems; the majority of machines have an optical disk drive (ODD), and virtually all have at least one Universal Serial Bus (USB) port.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input and output peripherals</span></span>\r\nInput and output devices are typically housed externally to the main computer chassis. The following are either standard or very common to many computer systems.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input</span></span>\r\nInput devices allow the user to enter information into the system, or control its operation. Most personal computers have a mouse and keyboard, but laptop systems typically use a touchpad instead of a mouse. Other input devices include webcams, microphones, joysticks, and image scanners.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Output device</span></span>\r\nOutput devices display information in a human readable form. Such devices could include printers, speakers, monitors or a Braille embosser.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Mainframe computer</span></span>\r\nA mainframe computer is a much larger computer that typically fills a room and may cost many hundreds or thousands of times as much as a personal computer. They are designed to perform large numbers of calculations for governments and large enterprises.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Departmental computing</span></span>\r\nIn the 1960s and 1970s, more and more departments started to use cheaper and dedicated systems for specific purposes like process control and laboratory automation.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supercomputer</span></span>\r\nA supercomputer is superficially similar to a mainframe, but is instead intended for extremely demanding computational tasks. As of June 2018, the fastest supercomputer on the TOP500supercomputer list is the Summit, in the United States, with a LINPACK benchmarkscore of 122.3 PFLOPS Light, by around 29 PFLOPS.\r\nThe term supercomputer does not refer to a specific technology. Rather it indicates the fastest computations available at any given time. In mid 2011, the fastest supercomputers boasted speeds exceeding one petaflop, or 1 quadrillion (10^15 or 1,000 trillion) floating point operations per second. Supercomputers are fast but extremely costly, so they are generally used by large organizations to execute computationally demanding tasks involving large data sets. Supercomputers typically run military and scientific applications. Although costly, they are also being used for commercial applications where huge amounts of data must be analyzed. For example, large banks employ supercomputers to calculate the risks and returns of various investment strategies, and healthcare organizations use them to analyze giant databases of patient data to determine optimal treatments for various diseases and problems incurring to the country. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Hardware.jpg"},{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":475,"title":"Network Management - Hardware","alias":"network-management-hardware","description":" Your business is much more than just a machine that dispenses products or services in exchange for money. It’s akin to a living and breathing thing. Just as with the human body, in business, all the parts are interconnected and work together to move things forward.\r\nIf a company’s management is the brain, then its employees are the muscles. Muscles don’t work without the oxygen carried to them by the blood. Blood doesn’t pump through the body without the heart and circulatory system.\r\nData moves through your network like blood through veins, delivering vital information to employees who need it to do their jobs. In a business sense, the digital network is the heart and circulatory system. Without a properly functioning network, the entire business collapses. That’s why keeping networks healthy is vitally important. Just as keeping the heart healthy is critical to living a healthy life, a healthy network is a key to a thriving business. It starts with network management.\r\nNetwork management is hardware with a broad range of functions including activities, methods, procedures and the use of tools to administrate, operate, and reliably maintain computer network systems.\r\nStrictly speaking, network Management does not include terminal equipment (PCs, workstations, printers, etc.). Rather, it concerns the reliability, efficiency and capacity/capabilities of data transfer channels.","materialsDescription":" <span style=\"font-weight: bold;\">What Is Network Management?</span>\r\nNetwork management refers to the processes, tools, and applications used to administer, operate and maintain network infrastructure. Performance management and fault analysis also fall into the category of network management. To put it simply, network management is the process of keeping your network healthy, which keeps your business healthy.\r\n<span style=\"font-weight: bold;\">What Are the Components of Network Management?</span>\r\nThe definition of network management is often broad, as network management involves several different components. Here are some of the terms you’ll often hear when network management or network management software is talked about:\r\n<ul><li>Network administration</li><li>Network maintenance</li><li>Network operation</li><li>Network provisioning</li><li>Network security</li></ul>\r\n<span style=\"font-weight: bold;\">Why Is Network Management so Important When It Comes to Network Infrastructure?</span>\r\nThe whole point of network management is to keep the network infrastructure running smoothly and efficiently. Network management helps you:\r\n<ul><li><span style=\"font-style: italic;\">Avoid costly network disruptions.</span> Network downtime can be very costly. In fact, industry research shows the cost can be up to $5,600 per minute or more than $300K per hour. Network disruptions take more than just a financial toll. They also have a negative impact on customer relationships. Slow and unresponsive corporate networks make it harder for employees to serve customers. And customers who feel underserved could be quick to leave.</li><li><span style=\"font-style: italic;\">Improve IT productivity.</span> By monitoring every aspect of the network, an effective network management system does many jobs at once. This frees up IT staff to focus on other things.</li><li><span style=\"font-style: italic;\">Improve network security.</span> With a focus on network management, it’s easy to identify and respond to threats before they propagate and impact end-users. Network management also aims to ensure regulatory and compliance requirements are met.</li><li><span style=\"font-style: italic;\">Gain a holistic view of network performance.</span> Network management gives you a complete view of how your network is performing. It enables you to identify issues and fix them quickly.</li></ul>\r\n<span style=\"font-weight: bold;\">What Are the Challenges of Maintaining Effective Network Management and Network Infrastructure?</span>\r\nNetwork infrastructures can be complex. Because of that complexity, maintaining effective network management is difficult. Advances in technology and the cloud have increased user expectations for faster network speeds and network availability. On top of that, security threats are becoming ever more advanced, varied and numerous. And if you have a large network, it incorporates several devices, systems, and tools that all need to work together seamlessly. As your network scales and your company grows, new potential points of failure are introduced. Increased costs also come into play.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Management_Hardware__1_.png"},{"id":542,"title":"UTM - Unified Threat Management Appliance","alias":"utm-unified-threat-management-appliance","description":"A unified threat management (UTM) system is a type of network hardware appliance that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.<br />UTM devices are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nWhile UTM systems and next-generation firewalls (NGFWs) are sometimes comparable, UTM devices include added security features that NGFWs don't offer.\r\nUTM systems provide increased protection and visibility, as well as control over network security, which reduces complexity. UTM systems typically do this via inspection methods that address different types of threats.\r\nThese methods include:\r\n<ul><li>Flow-based inspection, also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li>Proxy-based inspection acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\nUTM devices provide a single platform for multiple network security functions and offer the benefit of a single interface for those security functions, as well as a single point of interface to monitor or analyze security logs for those different functions.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">How do UTM Appliances block a computer virus — or many viruses?</span>\r\nUnified threat management appliances have gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. Preventing these types of attacks can be difficult when using separate appliances and vendors for each specific security task, as each aspect has to be managed and updated individually in order to remain current in the face of the latest forms of malware and cybercrime. By creating a single point of defense and providing a single console, UTM solutions make dealing with varied threats much easier.\r\nWhile unified threat management solutions do solve some network security issues, they aren't without some drawbacks, with the biggest one being that the single point of defense that an UTM appliance provides also creates a single point of failure. Because of this, many organizations choose to supplement their UTM device with a second software-based perimeter to stop any malware that got through or around the UTM firewall.\r\nWhat kind of companies use a Unified Threat Management system?\r\nUTM was originally for small to medium office businesses to simplify their security systems. But due to its almost universal applicability, it has since become popular with all sectors and larger enterprises. Developments in the technology have allowed it to scale up, opening UTM up to more types of businesses that are looking for a comprehensive gateway security solution.\r\n<span style=\"font-weight: bold;\">What security features does Unified Threat Management have?</span>\r\nAs previously mentioned, most UTM services include a firewall, antivirus and intrusion detection and prevention systems. But they also can include other services that provide additional security.\r\n<ul><li>Data loss prevention software to stop data from exfiltrating the business, which in turn prevents a data leak from occurring.</li><li>Security information and event management software for real-time monitoring of network health, which allows threats and points of weakness to be identified.</li><li>Bandwidth management to regulate and prioritize network traffic, ensuring everything is running smoothly without getting overwhelmed.</li><li>Email filtering to remove spam and dangerous emails before they reach the internal network, lowering the chance of a phishing or similar attack breaching your defenses.</li><li>Web filtering to prevent connections to dangerous or inappropriate sites from a machine on the network. This lowers the chance of infection through malvertising or malicious code on the page. It can also be used to increase productivity within a business, i.e. blocking or restricting social media, gaming sites, etc.</li><li>Application filtering to either a blacklist or whitelist which programs can run, preventing certain applications from communicating in and out of the network, i.e. Facebook messenger.</li></ul>\r\n<span style=\"font-weight: bold;\">What are the benefits of Unified Threat Management?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Simplifies the network</span></li></ul>\r\nBy consolidating multiple security appliances and services into one, you can easily reduce the amount of time spent on maintaining many separate systems that may have become disorganized. This can also improve the performance of the network as there is less bloat. A smaller system also requires less energy and space to run.\r\n<ul><li><span style=\"font-weight: bold;\">Provides greater security and visibility</span></li></ul>\r\nA UTM system can include reporting tools, application filtering and virtual private network (VPN) capabilities, all of which defend your network from more types of threats or improve the existing security. Additionally, monitoring and analysis tools can help locate points of weakness or identify ongoing attacks.\r\n<ul><li><span style=\"font-weight: bold;\">Can defend from more sophisticated attacks</span></li></ul>\r\nBecause UTM defends multiple parts of a network it means that an attack targeting multiple points simultaneously can be repelled more easily. With cyber-attacks getting more sophisticated, having defenses that can match them is of greater importance.\r\nHaving several ways of detecting a threat also means a UTM system is more accurate at identifying potential attacks and preventing them from causing damage.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM_Unified_Threat_Management_Appliance.png"},{"id":544,"title":"DLP - Appliance","alias":"dlp-appliance","description":"DLP (Data Loss Prevention) is a technology for preventing leakage of confidential information from an information system to the outside, as well as technical software and hardware devices for such prevention of leakage. According to most definitions, information leakage is the unauthorized distribution of restricted access data that is not controlled by the owner of this data. This implies that the person who committed the leak has the rights to access information.\r\nThe most effective way to ensure data security on corporate computers today is to use specialized data leakage prevention tools (Data Leak Prevention or DLP). DLP solutions are designed to eliminate the “human factor” and prevent misconduct by preventing (and fixing) data leaks from a computer for as many scripts as possible.\r\nEmail and webmail services, instant messaging services, social networks and forums, cloud file storages, FTP servers - all these benefits of the Internet can at any moment be a channel for leaking corporate information, disclosure of which may be undesirable or even dangerous for business.\r\nYou shouldn’t disregard traditional local channels - data storage devices (flash drives, disks, memory cards), printers and data transfer interfaces and synchronization with smartphones.\r\nAn effective DLP solution should control the widest possible range of network communications channels, local devices, and interfaces. At the same time, the effectiveness of a DLP solution is determined by the flexibility of the settings and the ability to ensure a successful combination of business interests and security.\r\nToday, DLP products are a rapidly growing information security industry, and new products are released very often. Installing a DLP system will allow you to distinguish confidential information from the usual, which in turn will reduce the cost of the entire complex for the protection of information and resources in general. No unimportant moment when choosing a DLP-system is its price, but Data Leak Prevention has a modularity that allows you to protect the channels you need and not pay extra for protecting unnecessary ones.","materialsDescription":"<span style=\"font-weight: bold;\">What Is Data Loss Prevention (DLP)?</span>\r\nData loss prevention, or DLP, is a set of technologies, products, and techniques that are designed to stop sensitive information from leaving an organization.\r\nData can end up in the wrong hands whether it’s sent through email or instant messaging, website forms, file transfers, or other means. DLP strategies must include solutions that monitor for, detect, and block the unauthorized flow of information.\r\n<span style=\"font-weight: bold;\">How does DLP work?</span>\r\nDLP technologies use rules to look for sensitive information that may be included in electronic communications or to detect abnormal data transfers. The goal is to stop information such as intellectual property, financial data, and employee or customer details from being sent, either accidentally or intentionally, outside the corporate network.\r\n<span style=\"font-weight: bold;\">Why do organizations need DLP solutions?</span>\r\nThe proliferation of business communications has given many more people access to corporate data. Some of these users can be negligent or malicious. The result: a multitude of insider threats that can expose confidential data with a single click. Many government and industry regulations have made DLP a requirement.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DLP_Appliance.png"},{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":550,"title":"Web filtering - Appliance","alias":"web-filtering-appliance","description":" <span style=\"font-weight: bold; \">A web filter appliance</span> is a device that allows the user to filter all online content for censorship purposes, such that any links, downloads, and email containing offensive materials or pornography is outright blocked or removed. Web filtering appliance can also help you prevent malware infection because, more often than not, malware is usually hidden within links that promise porn or controversial content. Moreover, because the number of online hazards is un stopped increasing every day, it's always prudent to get a web filter appliance that can adapt to the changing times and the ever-evolving hazards posed by the Internet.\r\nAt any rate, content filtering appliance has a distinct advantage over their software counterparts in terms of stable restriction features, unrestricted monitoring, no platform-based limitations, easy upgrades and improvements, and so on. That's because the best web filters are fully integrated software and hardware systems that optimize their hybrid attributes when it comes to content filtering by gaining full, unmitigated control over online usage through well-defined policies as mandated by the owner of the network or the IT security administrator.\r\nGetting a web content filtering appliance that has a list of premium-grade and detailed content analysis with predefined categories (which includes keywords for pornography, game downloads, drugs, violence, adult content, offensive content, racist content, controversial content, and the like) is a must for any major network. All of the items you'll ever need to block should be easily selectable with a click of your mouse as well; after all, sophisticated technology aside, a good web filter appliance should also be intuitive and practical to use as well.<br /> ","materialsDescription":"<h1 class=\"align-center\">How a Web Content Filter Appliance Works</h1>\r\n<p class=\"align-left\">Typically a web content filter appliance protects Internet users and networks by using a combination of blacklists, URIBL and SURBL filters, category filters and keyword filters. Blacklists, URIBL and SURBL filters work together to prevent users visiting websites known to harbor malware, those that have been identified as fake phishing sites, and those who hid their true identity by using the whois privacy feature or a proxy server. Genuine websites have no reason to hide their true identity.</p>\r\n<p class=\"align-left\">In the category filtering process, the content of millions of webpages are analyzed and assigned a category. System administrators can then choose which categories to block access to (i.e. online shopping, alcohol, pornography, gambling, etc.) depending on whether the web content filter appliance is providing a service to a business, a store, a school, a restaurant, or a workplace. Most appliances for filtering web content also offer the facility to create bespoke categories.</p>\r\n<p class=\"align-left\">Keyword filters have multiple uses. They can be used to block access to websites containing specific words (for example the business name of a competitor), specific file extensions (typically those most commonly used for deploying malware and ransomware), and specific web applications; if, for example, a business wanted to allow its marketing department access to Facebook, but not FaceTime. Effectively, the keyword filters fine-tune the category settings, enhance security and increase productivity.</p>\r\n<h1 class=\"align-center\">Are there any home web filter appliance?</h1>\r\nFor children today, the Internet has always existed. To them, it’s second nature to pop online and watch a funny video, find a fact, or chat with a friend. But, of course, the Internet is also filled with a lot of dark corners (It’s a hop, skip, and a click to adult content). Parents, then, are presented with the daunting task of not only monitoring what sites their children visit but also their screen time consumption. There are a number of home content filtering appliance that allow parents to do just this. The best parental control apps and devices, be they hardware or software, not only put parents in command of such things as the content their children can view and the amount of time they can spend online but help restore a parent’s sense of control. With them, parents, from can restrict access to only specific sites and apps, filter dangerous or explicit web-content, manage time, and even track their location.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Web_filtering_Appliance.png"},{"id":552,"title":"Secure Web Gateway - Appliance","alias":"secure-web-gateway-appliance","description":"Secure web gateways are generally appliance-based security solutions that prevent advanced threats, block unauthorized access to systems or websites, stop malware, and monitor real-time activity across websites accessed by users within the institution.\r\nA secure web gateway is primarily used to monitor and prevent malicious traffic and data from entering, or even leaving, an organization’s network. Typically, it is implemented to secure an organization against threats originating from the Internet, websites and other Web 2.0 products/services. It is generally implemented through a hardware gateway device implemented at the outer boundaries of a network. Some of the features a secure Web gateway provides include URL filtering, application-level control, data leakage prevention, and virus/malware code detection.\r\nA Secure web gateway (SWG) protects users against phishing, malware and other Internet-borne threats. Unlike traditional firewalls, SWGs are focused on layer 7 web traffic inspection, both inbound and outbound. As web security solutions, they apply no protection to WAN traffic, which is left to the corporate next generation firewalls. In recent years, SWGs appeared as a cloud service. The cloud instances enable secure web and cloud access from anywhere – including outside the office by mobile users. The traffic coverage and solution form factor remain the key distinctions between SWGs and next generation firewalls, which often provide a very similar level of security capabilities.\r\nA converged, cloud-based network security solution converges the capabilities of a next generation firewall (WAN and Internet traffic inspection) and the extended coverage for mobile users of SWGs.\r\nA converged approach eliminates the need to maintain policies across multiple point solutions and the appliance life cycle.","materialsDescription":"<span style=\"font-weight: bold;\">Why is a secure web gateway important?</span>\r\nSecure web gateways have become increasingly common as cybercriminals have grown more sophisticated in embedding threat vectors into seemingly innocuous or professional-looking websites. These counterfeit websites can compromise the enterprise as users access them, unleashing malicious code and unauthorized access in the background without the user's knowledge. These fake, criminal websites can be quite convincing.\r\nSome of these scam websites appear to be so authentic that they can convince users to enter credit card numbers and personal identification information (PII) such as social security numbers. Other sites require only the connection to the user to bypass web browser controls and inject malicious code such as viruses or malware into the user's network. Examples include fake online shopping sites posing as brand-name sellers, sites that appear to be legitimate government agencies and even business-to-business intranets. Secure web gateways can also prevent data from flowing out of an organization, making certain that restricted data is blocked from leaving the organization.\r\n<span style=\"font-weight: bold;\">How does a secure web gateway work?</span>\r\nSecure web gateways are installed as a software component or a hardware device on the edge of the network or at user endpoints. All traffic to and from users to other networks must pass through the gateway that monitors it. The gateway monitors this traffic for malicious code, web application use, and all user/non-user attempted URL connections.\r\nThe gateway checks or filters website URL addresses against stored lists of known and approved websites—all others not on the approved lists can be explicitly blocked. Known malicious sites can be explicitly blocked as well. URL filters that maintain allowed web addresses are maintained in whitelists, while known, off-limits sites that are explicitly blocked are maintained in blacklists. In enterprises, these lists are maintained in the secure gateway's database, which then applies the list filters to all incoming and outgoing traffic.\r\nSimilarly, data flowing out of the network can be checked, disallowing restricted data sources—data on the network or user devices that are prohibited from distribution. Application-level controls can also be restricted to known and approved functions, such as blocking uploads to software-as-a-service (SaaS) applications (such as Office 365 and Salesforce.com). Although some enterprises deploy secure web gateways in hardware appliances that filter all incoming and outgoing traffic, many organizations use cloud-based, SaaS secure web gateways as a more flexible and less costly solution to deploy and maintain. Organizations with existing hardware investments often combine the two, using hardware at their larger physical sites and cloud-based gateways for remote locations and traveling workers.\r\n<span style=\"font-weight: bold;\">What are some features of secure web gateways?</span>\r\nBeyond basic URL, web application control and data filtering, secure web gateways should provide additional controls and features that enhance network security.\r\n<ul><li>Encrypted traffic analysis. The gateway should compare all traffic to local and global threat lists and reputation sources first, then also analyze the nature of the traffic itself to determine if any content or code poses a threat to the network. This should include SSL-based encrypted traffic.</li><li>Data Loss Prevention. If, for example, a website accepts uploaded documents or data, the documents should first be scanned for sensitive data before being uploaded.</li><li>Social media protection. All information to and from social media should be scanned and filtered.</li><li>Support for all protocols. HTTP, HTTPS, and FTP internet protocols must be supported. While HTTPS is the industry standard now, many sites still support HTTP and FTP connections.</li><li>Integration with zero-day anti-malware solutions. Threats will be discovered, and integration with anti-malware solutions that can detect zero-day (never seen before) threats deliver the best prevention and remediation.</li><li>Integration with security monitoring. Security administrators should be notified of any web gateway security problems via their monitoring solution of choice, typically a security information and event management (SIEM) solution.</li><li>Choice of location. Choose where your secure web gateway best fits in your network—the edge, at endpoints, or in the cloud.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Web_Gateway_Appliance.png"},{"id":556,"title":"Antispam - Appliance","alias":"antispam-appliance","description":"Anti-spam appliances are software or hardware devices integrated with on-board software that implement spam filtering and/or anti-spam for instant messaging (also called "spim") and are deployed at the gateway or in front of the mail server. They are normally driven by an operating system optimized for spam filtering. They are generally used in larger networks such as companies and corporations, ISPs, universities, etc.\r\nThe reasons hardware anti-spam appliances might be selected instead of software could include:\r\n<ul><li>The customer prefers to buy hardware rather than software</li><li>Ease of installation</li><li>Operating system requirements</li><li>Independence of existing hardware</li></ul>","materialsDescription":"<span style=\"font-weight: bold;\">How does an Antispam Appliance Work?</span>\r\nSince an antispam appliance is hardware, it can be placed at the entry point of the email server to inspect and filter every message that enters the email server. An antispam appliance is capable of evaluating IP addresses that are included in the email messages from the sender. The appliance can also examine the message content and then compare it against the criteria and parameters that have been set for receiving email messages.\r\n<span style=\"font-weight: bold;\">Advantages of an Antispam Appliance</span>\r\nAntispam appliances are capable of providing more email security to large networks because it is hardware that is specifically designed to handle email security on larger networks. Also, since an antispam appliance is hardware, it is much easier to install and configure on a network, as opposed to software that may require a specific operating system infrastructure. For example, if the organization is running the Linux operating system, this type of system will not support antispam filtering software.\r\nAnother advantage of using an antispam appliance is its ability to protect a large network from codes that are designed to destroy the individual computers on the network. These are malicious codes that can enter the email server and then transmit to the email client via spam. When the individual computers get infected, it slows the productivity of the organization and interrupts the network processes.\r\nAlthough many large networks deploy a vulnerability assessment program that can protect the network against criminals with malicious intent, sometimes vulnerability assessment is not enough to protect the massive amounts of email that enter an email server on a large network. This is why it is important to deploy an antispam appliance to provide added security for your email server and the email clients on the individual computers that are connected to the network.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Antispam_Appliance.png"},{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4619,"logoURL":"https://old.roi4cio.com/fileadmin/content/WiJungle-U5000X-ROI4CIO_03.jpg","logo":true,"scheme":false,"title":"WiJungle Unified Network Security Gateway (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":0,"alias":"wijungle-nextgen-firewallutm-appliance-web-application-firewall-appliance-hotspot-gateway-appliance-load-balancer-router-vpn-router-with-3-years-license","companyTitle":"WiJungle","companyTypes":["supplier","vendor"],"companyId":7007,"companyAlias":"wijungle","description":"<p>WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education Institutes, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Events etc. <br />The product is available in 30+ different models to serve wide range of concurrent users.<br /><br />It offers features like</p>\r\n<ul>\r\n<li>Access/Interface Management</li>\r\n<li>Network Management</li>\r\n<li>User/Guest Management</li>\r\n<li>BandWidth Management</li>\r\n<li>Quality Of Service</li>\r\n<li>Data Leakage Prevention</li>\r\n<li>Content Filtering</li>\r\n<li>Load Balancing</li>\r\n<li>High Availability</li>\r\n<li>Gateway Anti-Virus</li>\r\n<li>Anti-Spam</li>\r\n<li>Web Server Protection</li>\r\n<li>Sandbox</li>\r\n<li>Advance Threat Protection</li>\r\n<li>Intrusion Prevention System</li>\r\n<li>Virtual Private Network</li>\r\n<li>Vulnerability Assessment</li>\r\n<li>Intuitive & Location Aware Captive Portals</li>\r\n<li>SMS Gateway Integration</li>\r\n<li>Social Media Engagement/Advertisement option</li>\r\n<li>Feedback Management</li>\r\n<li>User Logging</li>\r\n<li>Reporting and Analytics</li>\r\n<li>Prepaid/Postpaid Billing</li>\r\n<li>Voucher Management</li>\r\n<li>PMS/HIS Integration</li>\r\n<li>AP/Device Management</li>\r\n<li>Alert Management</li>\r\n</ul>","shortDescription":"WiJungle is a Unified Network Security Gateway Appliance that combinedly serves as NextGen Firewall/Unified Threat Management, Web Application Firewall, Hotspot Gateway, Vulnerability Assessment etc.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"WiJungle Unified Network Security Gateway (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License","keywords":"","description":"<p>WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education Institutes, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Events etc. &nbs","og:title":"WiJungle Unified Network Security Gateway (NextGen Firewall/UTM + Web Application Firewall + Hotspot Gateway + Load Balancer Router + VPN Router) With 3 Years License","og:description":"<p>WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education Institutes, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Events etc. &nbs","og:image":"https://old.roi4cio.com/fileadmin/content/WiJungle-U5000X-ROI4CIO_03.jpg"},"eventUrl":"","translationId":4619,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":471,"title":"Hardware","alias":"hardware","description":" Computer hardware includes the physical, tangible parts or components of a computer, such as the cabinet, central processing unit, monitor, keyboard, computer data storage, graphics card, sound card, speakers and motherboard. By contrast, software is instructions that can be stored and run by hardware. Hardware is so-termed because it is "hard" or rigid with respect to changes or modifications; whereas software is "soft" because it is easy to update or change. Intermediate between software and hardware is "firmware", which is software that is strongly coupled to the particular hardware of a computer system and thus the most difficult to change but also among the most stable with respect to consistency of interface. The progression from levels of "hardness" to "softness" in computer systems parallels a progression of layers of abstraction in computing.\r\nHardware is typically directed by the software to execute any command or instruction. A combination of hardware and software forms a usable computing system, although other systems exist with only hardware components.\r\nThe template for all modern computers is the Von Neumann architecture, detailed in a 1945 paper by Hungarian mathematician John von Neumann. This describes a design architecture for an electronic digital computer with subdivisions of a processing unit consisting of an arithmetic logic unit and processor registers, a control unit containing an instruction register and program counter, a memory to store both data and instructions, external mass storage, and input and output mechanisms. The meaning of the term has evolved to mean a stored-program computer in which an instruction fetch and a data operation cannot occur at the same time because they share a common bus. This is referred to as the Von Neumann bottleneck and often limits the performance of the system.","materialsDescription":" <span style=\"font-weight: bold; \">What does Hardware (H/W) mean?</span>\r\nHardware (H/W), in the context of technology, refers to the physical elements that make up a computer or electronic system and everything else involved that is physically tangible. This includes the monitor, hard drive, memory and CPU. Hardware works hand-in-hand with firmware and software to make a computer function.\r\n<span style=\"font-weight: bold; \">What are the types of computer systems?</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Personal computer</span></span>\r\nThe personal computer, also known as the PC, is one of the most common types of computer due to its versatility and relatively low price. Laptops are generally very similar, although they may use lower-power or reduced size components, thus lower performance.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Case</span></span>\r\nThe computer case encloses and holds most of the components of the system. It provides mechanical support and protection for internal elements such as the motherboard, disk drives, and power supplies, and controls and directs the flow of cooling air over internal components. The case is also part of the system to control electromagnetic interference radiated by the computer, and protects internal parts from electrostatic discharge. Large tower cases provide extra internal space for multiple disk drives or other peripherals and usually stand on the floor, while desktop cases provide less expansion room. All-in-one style designs include a video display built into the same case. Portable and laptop computers require cases that provide impact protection for the unit. A current development in laptop computers is a detachable keyboard, which allows the system to be configured as a touch-screen tablet. Hobbyists may decorate the cases with colored lights, paint, or other features, in an activity called case modding.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Power supply</span></span>\r\nA power supply unit (PSU) converts alternating current (AC) electric power to low-voltage direct current (DC) power for the internal components of the computer. Laptops are capable of running from a built-in battery, normally for a period of hours. The PSU typically uses a switched-mode power supply (SMPS), with power MOSFETs (power metal–oxide–semiconductor field-effect transistors) used in the converters and regulator circuits of the SMPS.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Motherboard</span></span>\r\nThe motherboard is the main component of a computer. It is a board with integrated circuitry that connects the other parts of the computer including the CPU, the RAM, the disk drives (CD, DVD, hard disk, or any others) as well as any peripherals connected via the ports or the expansion slots. The integrated circuit (IC) chips in a computer typically contain billions of tiny metal–oxide–semiconductor field-effect transistors (MOSFETs).\r\nComponents directly attached to or to part of the motherboard include:\r\n<ul><li><span style=\"font-weight: bold; \">The CPU (central processing unit)</span>, which performs most of the calculations which enable a computer to function, and is referred to as the brain of the computer which get a hold of program instruction from random-access memory (RAM), interprets and processes it and then send it backs to computer result so that the relevant components can carry out the instructions. The CPU is a microprocessor, which is fabricated on a metal–oxide–semiconductor (MOS) integrated circuit (IC) chip. It is usually cooled by a heat sink and fan, or water-cooling system. Most newer CPU include an on-die graphics processing unit (GPU). The clock speed of CPU governs how fast it executes instructions, and is measured in GHz; typical values lie between 1 GHz and 5 GHz. Many modern computers have the option to overclock the CPU which enhances performance at the expense of greater thermal output and thus a need for improved cooling.</li><li><span style=\"font-weight: bold; \">The chipset</span>, which includes the north bridge, mediates communication between the CPU and the other components of the system, including main memory; as well as south bridge, which is connected to the north bridge, and supports auxiliary interfaces and buses; and, finally, a Super I/O chip, connected through the south bridge, which supports the slowest and most legacy components like serial ports, hardware monitoring and fan control.</li><li><span style=\"font-weight: bold; \">Random-access memory (RAM)</span>, which stores the code and data that are being actively accessed by the CPU. For example, when a web browser is opened on the computer it takes up memory; this is stored in the RAM until the web browser is closed. It is typically a type of dynamic RAM (DRAM), such as synchronous DRAM (SDRAM), where MOS memory chips store data on memory cells consisting of MOSFETs and MOS capacitors. RAM usually comes on dual in-line memory modules (DIMMs) in the sizes of 2GB, 4GB, and 8GB, but can be much larger.</li><li><span style=\"font-weight: bold; \">Read-only memory (ROM)</span>, which stores the BIOS that runs when the computer is powered on or otherwise begins execution, a process known as Bootstrapping, or "booting" or "booting up". The ROM is typically a nonvolatile BIOS memory chip, which stores data on floating-gate MOSFET memory cells.</li><li><span style=\"font-weight: bold; \">The BIOS (Basic Input Output System)</span> includes boot firmware and power management firmware. Newer motherboards use Unified Extensible Firmware Interface (UEFI) instead of BIOS.</li><li><span style=\"font-weight: bold; \">Buses</span> that connect the CPU to various internal components and to expand cards for graphics and sound.</li><li><span style=\"font-weight: bold; \">The CMOS</span> (complementary MOS) battery, which powers the CMOS memory for date and time in the BIOS chip. This battery is generally a watch battery.</li><li><span style=\"font-weight: bold; \">The video card</span> (also known as the graphics card), which processes computer graphics. More powerful graphics cards are better suited to handle strenuous tasks, such as playing intensive video games or running computer graphics software. A video card contains a graphics processing unit (GPU) and video memory (typically a type of SDRAM), both fabricated on MOS integrated circuit (MOS IC) chips.</li><li><span style=\"font-weight: bold; \">Power MOSFETs</span> make up the voltage regulator module (VRM), which controls how much voltage other hardware components receive.</li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Expansion cards</span></span>\r\nAn expansion card in computing is a printed circuit board that can be inserted into an expansion slot of a computer motherboard or backplane to add functionality to a computer system via the expansion bus. Expansion cards can be used to obtain or expand on features not offered by the motherboard.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Storage devices</span></span>\r\nA storage device is any computing hardware and digital media that is used for storing, porting and extracting data files and objects. It can hold and store information both temporarily and permanently, and can be internal or external to a computer, server or any similar computing device. Data storage is a core function and fundamental component of computers.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Fixed media</span></span>\r\nData is stored by a computer using a variety of media. Hard disk drives (HDDs) are found in virtually all older computers, due to their high capacity and low cost, but solid-state drives (SSDs) are faster and more power efficient, although currently more expensive than hard drives in terms of dollar per gigabyte, so are often found in personal computers built post-2007. SSDs use flash memory, which stores data on MOS memory chips consisting of floating-gate MOSFET memory cells. Some systems may use a disk array controller for greater performance or reliability.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Removable media</span></span>\r\nTo transfer data between computers, an external flash memory device (such as a memory card or USB flash drive) or optical disc (such as a CD-ROM, DVD-ROM or BD-ROM) may be used. Their usefulness depends on being readable by other systems; the majority of machines have an optical disk drive (ODD), and virtually all have at least one Universal Serial Bus (USB) port.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input and output peripherals</span></span>\r\nInput and output devices are typically housed externally to the main computer chassis. The following are either standard or very common to many computer systems.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input</span></span>\r\nInput devices allow the user to enter information into the system, or control its operation. Most personal computers have a mouse and keyboard, but laptop systems typically use a touchpad instead of a mouse. Other input devices include webcams, microphones, joysticks, and image scanners.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Output device</span></span>\r\nOutput devices display information in a human readable form. Such devices could include printers, speakers, monitors or a Braille embosser.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Mainframe computer</span></span>\r\nA mainframe computer is a much larger computer that typically fills a room and may cost many hundreds or thousands of times as much as a personal computer. They are designed to perform large numbers of calculations for governments and large enterprises.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Departmental computing</span></span>\r\nIn the 1960s and 1970s, more and more departments started to use cheaper and dedicated systems for specific purposes like process control and laboratory automation.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supercomputer</span></span>\r\nA supercomputer is superficially similar to a mainframe, but is instead intended for extremely demanding computational tasks. As of June 2018, the fastest supercomputer on the TOP500supercomputer list is the Summit, in the United States, with a LINPACK benchmarkscore of 122.3 PFLOPS Light, by around 29 PFLOPS.\r\nThe term supercomputer does not refer to a specific technology. Rather it indicates the fastest computations available at any given time. In mid 2011, the fastest supercomputers boasted speeds exceeding one petaflop, or 1 quadrillion (10^15 or 1,000 trillion) floating point operations per second. Supercomputers are fast but extremely costly, so they are generally used by large organizations to execute computationally demanding tasks involving large data sets. Supercomputers typically run military and scientific applications. Although costly, they are also being used for commercial applications where huge amounts of data must be analyzed. For example, large banks employ supercomputers to calculate the risks and returns of various investment strategies, and healthcare organizations use them to analyze giant databases of patient data to determine optimal treatments for various diseases and problems incurring to the country. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Hardware.jpg"},{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":475,"title":"Network Management - Hardware","alias":"network-management-hardware","description":" Your business is much more than just a machine that dispenses products or services in exchange for money. It’s akin to a living and breathing thing. Just as with the human body, in business, all the parts are interconnected and work together to move things forward.\r\nIf a company’s management is the brain, then its employees are the muscles. Muscles don’t work without the oxygen carried to them by the blood. Blood doesn’t pump through the body without the heart and circulatory system.\r\nData moves through your network like blood through veins, delivering vital information to employees who need it to do their jobs. In a business sense, the digital network is the heart and circulatory system. Without a properly functioning network, the entire business collapses. That’s why keeping networks healthy is vitally important. Just as keeping the heart healthy is critical to living a healthy life, a healthy network is a key to a thriving business. It starts with network management.\r\nNetwork management is hardware with a broad range of functions including activities, methods, procedures and the use of tools to administrate, operate, and reliably maintain computer network systems.\r\nStrictly speaking, network Management does not include terminal equipment (PCs, workstations, printers, etc.). Rather, it concerns the reliability, efficiency and capacity/capabilities of data transfer channels.","materialsDescription":" <span style=\"font-weight: bold;\">What Is Network Management?</span>\r\nNetwork management refers to the processes, tools, and applications used to administer, operate and maintain network infrastructure. Performance management and fault analysis also fall into the category of network management. To put it simply, network management is the process of keeping your network healthy, which keeps your business healthy.\r\n<span style=\"font-weight: bold;\">What Are the Components of Network Management?</span>\r\nThe definition of network management is often broad, as network management involves several different components. Here are some of the terms you’ll often hear when network management or network management software is talked about:\r\n<ul><li>Network administration</li><li>Network maintenance</li><li>Network operation</li><li>Network provisioning</li><li>Network security</li></ul>\r\n<span style=\"font-weight: bold;\">Why Is Network Management so Important When It Comes to Network Infrastructure?</span>\r\nThe whole point of network management is to keep the network infrastructure running smoothly and efficiently. Network management helps you:\r\n<ul><li><span style=\"font-style: italic;\">Avoid costly network disruptions.</span> Network downtime can be very costly. In fact, industry research shows the cost can be up to $5,600 per minute or more than $300K per hour. Network disruptions take more than just a financial toll. They also have a negative impact on customer relationships. Slow and unresponsive corporate networks make it harder for employees to serve customers. And customers who feel underserved could be quick to leave.</li><li><span style=\"font-style: italic;\">Improve IT productivity.</span> By monitoring every aspect of the network, an effective network management system does many jobs at once. This frees up IT staff to focus on other things.</li><li><span style=\"font-style: italic;\">Improve network security.</span> With a focus on network management, it’s easy to identify and respond to threats before they propagate and impact end-users. Network management also aims to ensure regulatory and compliance requirements are met.</li><li><span style=\"font-style: italic;\">Gain a holistic view of network performance.</span> Network management gives you a complete view of how your network is performing. It enables you to identify issues and fix them quickly.</li></ul>\r\n<span style=\"font-weight: bold;\">What Are the Challenges of Maintaining Effective Network Management and Network Infrastructure?</span>\r\nNetwork infrastructures can be complex. Because of that complexity, maintaining effective network management is difficult. Advances in technology and the cloud have increased user expectations for faster network speeds and network availability. On top of that, security threats are becoming ever more advanced, varied and numerous. And if you have a large network, it incorporates several devices, systems, and tools that all need to work together seamlessly. As your network scales and your company grows, new potential points of failure are introduced. Increased costs also come into play.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Network_Management_Hardware__1_.png"},{"id":542,"title":"UTM - Unified Threat Management Appliance","alias":"utm-unified-threat-management-appliance","description":"A unified threat management (UTM) system is a type of network hardware appliance that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.<br />UTM devices are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nWhile UTM systems and next-generation firewalls (NGFWs) are sometimes comparable, UTM devices include added security features that NGFWs don't offer.\r\nUTM systems provide increased protection and visibility, as well as control over network security, which reduces complexity. UTM systems typically do this via inspection methods that address different types of threats.\r\nThese methods include:\r\n<ul><li>Flow-based inspection, also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li>Proxy-based inspection acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\nUTM devices provide a single platform for multiple network security functions and offer the benefit of a single interface for those security functions, as well as a single point of interface to monitor or analyze security logs for those different functions.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">How do UTM Appliances block a computer virus — or many viruses?</span>\r\nUnified threat management appliances have gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. Preventing these types of attacks can be difficult when using separate appliances and vendors for each specific security task, as each aspect has to be managed and updated individually in order to remain current in the face of the latest forms of malware and cybercrime. By creating a single point of defense and providing a single console, UTM solutions make dealing with varied threats much easier.\r\nWhile unified threat management solutions do solve some network security issues, they aren't without some drawbacks, with the biggest one being that the single point of defense that an UTM appliance provides also creates a single point of failure. Because of this, many organizations choose to supplement their UTM device with a second software-based perimeter to stop any malware that got through or around the UTM firewall.\r\nWhat kind of companies use a Unified Threat Management system?\r\nUTM was originally for small to medium office businesses to simplify their security systems. But due to its almost universal applicability, it has since become popular with all sectors and larger enterprises. Developments in the technology have allowed it to scale up, opening UTM up to more types of businesses that are looking for a comprehensive gateway security solution.\r\n<span style=\"font-weight: bold;\">What security features does Unified Threat Management have?</span>\r\nAs previously mentioned, most UTM services include a firewall, antivirus and intrusion detection and prevention systems. But they also can include other services that provide additional security.\r\n<ul><li>Data loss prevention software to stop data from exfiltrating the business, which in turn prevents a data leak from occurring.</li><li>Security information and event management software for real-time monitoring of network health, which allows threats and points of weakness to be identified.</li><li>Bandwidth management to regulate and prioritize network traffic, ensuring everything is running smoothly without getting overwhelmed.</li><li>Email filtering to remove spam and dangerous emails before they reach the internal network, lowering the chance of a phishing or similar attack breaching your defenses.</li><li>Web filtering to prevent connections to dangerous or inappropriate sites from a machine on the network. This lowers the chance of infection through malvertising or malicious code on the page. It can also be used to increase productivity within a business, i.e. blocking or restricting social media, gaming sites, etc.</li><li>Application filtering to either a blacklist or whitelist which programs can run, preventing certain applications from communicating in and out of the network, i.e. Facebook messenger.</li></ul>\r\n<span style=\"font-weight: bold;\">What are the benefits of Unified Threat Management?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Simplifies the network</span></li></ul>\r\nBy consolidating multiple security appliances and services into one, you can easily reduce the amount of time spent on maintaining many separate systems that may have become disorganized. This can also improve the performance of the network as there is less bloat. A smaller system also requires less energy and space to run.\r\n<ul><li><span style=\"font-weight: bold;\">Provides greater security and visibility</span></li></ul>\r\nA UTM system can include reporting tools, application filtering and virtual private network (VPN) capabilities, all of which defend your network from more types of threats or improve the existing security. Additionally, monitoring and analysis tools can help locate points of weakness or identify ongoing attacks.\r\n<ul><li><span style=\"font-weight: bold;\">Can defend from more sophisticated attacks</span></li></ul>\r\nBecause UTM defends multiple parts of a network it means that an attack targeting multiple points simultaneously can be repelled more easily. With cyber-attacks getting more sophisticated, having defenses that can match them is of greater importance.\r\nHaving several ways of detecting a threat also means a UTM system is more accurate at identifying potential attacks and preventing them from causing damage.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM_Unified_Threat_Management_Appliance.png"},{"id":544,"title":"DLP - Appliance","alias":"dlp-appliance","description":"DLP (Data Loss Prevention) is a technology for preventing leakage of confidential information from an information system to the outside, as well as technical software and hardware devices for such prevention of leakage. According to most definitions, information leakage is the unauthorized distribution of restricted access data that is not controlled by the owner of this data. This implies that the person who committed the leak has the rights to access information.\r\nThe most effective way to ensure data security on corporate computers today is to use specialized data leakage prevention tools (Data Leak Prevention or DLP). DLP solutions are designed to eliminate the “human factor” and prevent misconduct by preventing (and fixing) data leaks from a computer for as many scripts as possible.\r\nEmail and webmail services, instant messaging services, social networks and forums, cloud file storages, FTP servers - all these benefits of the Internet can at any moment be a channel for leaking corporate information, disclosure of which may be undesirable or even dangerous for business.\r\nYou shouldn’t disregard traditional local channels - data storage devices (flash drives, disks, memory cards), printers and data transfer interfaces and synchronization with smartphones.\r\nAn effective DLP solution should control the widest possible range of network communications channels, local devices, and interfaces. At the same time, the effectiveness of a DLP solution is determined by the flexibility of the settings and the ability to ensure a successful combination of business interests and security.\r\nToday, DLP products are a rapidly growing information security industry, and new products are released very often. Installing a DLP system will allow you to distinguish confidential information from the usual, which in turn will reduce the cost of the entire complex for the protection of information and resources in general. No unimportant moment when choosing a DLP-system is its price, but Data Leak Prevention has a modularity that allows you to protect the channels you need and not pay extra for protecting unnecessary ones.","materialsDescription":"<span style=\"font-weight: bold;\">What Is Data Loss Prevention (DLP)?</span>\r\nData loss prevention, or DLP, is a set of technologies, products, and techniques that are designed to stop sensitive information from leaving an organization.\r\nData can end up in the wrong hands whether it’s sent through email or instant messaging, website forms, file transfers, or other means. DLP strategies must include solutions that monitor for, detect, and block the unauthorized flow of information.\r\n<span style=\"font-weight: bold;\">How does DLP work?</span>\r\nDLP technologies use rules to look for sensitive information that may be included in electronic communications or to detect abnormal data transfers. The goal is to stop information such as intellectual property, financial data, and employee or customer details from being sent, either accidentally or intentionally, outside the corporate network.\r\n<span style=\"font-weight: bold;\">Why do organizations need DLP solutions?</span>\r\nThe proliferation of business communications has given many more people access to corporate data. Some of these users can be negligent or malicious. The result: a multitude of insider threats that can expose confidential data with a single click. Many government and industry regulations have made DLP a requirement.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DLP_Appliance.png"},{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":550,"title":"Web filtering - Appliance","alias":"web-filtering-appliance","description":" <span style=\"font-weight: bold; \">A web filter appliance</span> is a device that allows the user to filter all online content for censorship purposes, such that any links, downloads, and email containing offensive materials or pornography is outright blocked or removed. Web filtering appliance can also help you prevent malware infection because, more often than not, malware is usually hidden within links that promise porn or controversial content. Moreover, because the number of online hazards is un stopped increasing every day, it's always prudent to get a web filter appliance that can adapt to the changing times and the ever-evolving hazards posed by the Internet.\r\nAt any rate, content filtering appliance has a distinct advantage over their software counterparts in terms of stable restriction features, unrestricted monitoring, no platform-based limitations, easy upgrades and improvements, and so on. That's because the best web filters are fully integrated software and hardware systems that optimize their hybrid attributes when it comes to content filtering by gaining full, unmitigated control over online usage through well-defined policies as mandated by the owner of the network or the IT security administrator.\r\nGetting a web content filtering appliance that has a list of premium-grade and detailed content analysis with predefined categories (which includes keywords for pornography, game downloads, drugs, violence, adult content, offensive content, racist content, controversial content, and the like) is a must for any major network. All of the items you'll ever need to block should be easily selectable with a click of your mouse as well; after all, sophisticated technology aside, a good web filter appliance should also be intuitive and practical to use as well.<br /> ","materialsDescription":"<h1 class=\"align-center\">How a Web Content Filter Appliance Works</h1>\r\n<p class=\"align-left\">Typically a web content filter appliance protects Internet users and networks by using a combination of blacklists, URIBL and SURBL filters, category filters and keyword filters. Blacklists, URIBL and SURBL filters work together to prevent users visiting websites known to harbor malware, those that have been identified as fake phishing sites, and those who hid their true identity by using the whois privacy feature or a proxy server. Genuine websites have no reason to hide their true identity.</p>\r\n<p class=\"align-left\">In the category filtering process, the content of millions of webpages are analyzed and assigned a category. System administrators can then choose which categories to block access to (i.e. online shopping, alcohol, pornography, gambling, etc.) depending on whether the web content filter appliance is providing a service to a business, a store, a school, a restaurant, or a workplace. Most appliances for filtering web content also offer the facility to create bespoke categories.</p>\r\n<p class=\"align-left\">Keyword filters have multiple uses. They can be used to block access to websites containing specific words (for example the business name of a competitor), specific file extensions (typically those most commonly used for deploying malware and ransomware), and specific web applications; if, for example, a business wanted to allow its marketing department access to Facebook, but not FaceTime. Effectively, the keyword filters fine-tune the category settings, enhance security and increase productivity.</p>\r\n<h1 class=\"align-center\">Are there any home web filter appliance?</h1>\r\nFor children today, the Internet has always existed. To them, it’s second nature to pop online and watch a funny video, find a fact, or chat with a friend. But, of course, the Internet is also filled with a lot of dark corners (It’s a hop, skip, and a click to adult content). Parents, then, are presented with the daunting task of not only monitoring what sites their children visit but also their screen time consumption. There are a number of home content filtering appliance that allow parents to do just this. The best parental control apps and devices, be they hardware or software, not only put parents in command of such things as the content their children can view and the amount of time they can spend online but help restore a parent’s sense of control. With them, parents, from can restrict access to only specific sites and apps, filter dangerous or explicit web-content, manage time, and even track their location.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Web_filtering_Appliance.png"},{"id":552,"title":"Secure Web Gateway - Appliance","alias":"secure-web-gateway-appliance","description":"Secure web gateways are generally appliance-based security solutions that prevent advanced threats, block unauthorized access to systems or websites, stop malware, and monitor real-time activity across websites accessed by users within the institution.\r\nA secure web gateway is primarily used to monitor and prevent malicious traffic and data from entering, or even leaving, an organization’s network. Typically, it is implemented to secure an organization against threats originating from the Internet, websites and other Web 2.0 products/services. It is generally implemented through a hardware gateway device implemented at the outer boundaries of a network. Some of the features a secure Web gateway provides include URL filtering, application-level control, data leakage prevention, and virus/malware code detection.\r\nA Secure web gateway (SWG) protects users against phishing, malware and other Internet-borne threats. Unlike traditional firewalls, SWGs are focused on layer 7 web traffic inspection, both inbound and outbound. As web security solutions, they apply no protection to WAN traffic, which is left to the corporate next generation firewalls. In recent years, SWGs appeared as a cloud service. The cloud instances enable secure web and cloud access from anywhere – including outside the office by mobile users. The traffic coverage and solution form factor remain the key distinctions between SWGs and next generation firewalls, which often provide a very similar level of security capabilities.\r\nA converged, cloud-based network security solution converges the capabilities of a next generation firewall (WAN and Internet traffic inspection) and the extended coverage for mobile users of SWGs.\r\nA converged approach eliminates the need to maintain policies across multiple point solutions and the appliance life cycle.","materialsDescription":"<span style=\"font-weight: bold;\">Why is a secure web gateway important?</span>\r\nSecure web gateways have become increasingly common as cybercriminals have grown more sophisticated in embedding threat vectors into seemingly innocuous or professional-looking websites. These counterfeit websites can compromise the enterprise as users access them, unleashing malicious code and unauthorized access in the background without the user's knowledge. These fake, criminal websites can be quite convincing.\r\nSome of these scam websites appear to be so authentic that they can convince users to enter credit card numbers and personal identification information (PII) such as social security numbers. Other sites require only the connection to the user to bypass web browser controls and inject malicious code such as viruses or malware into the user's network. Examples include fake online shopping sites posing as brand-name sellers, sites that appear to be legitimate government agencies and even business-to-business intranets. Secure web gateways can also prevent data from flowing out of an organization, making certain that restricted data is blocked from leaving the organization.\r\n<span style=\"font-weight: bold;\">How does a secure web gateway work?</span>\r\nSecure web gateways are installed as a software component or a hardware device on the edge of the network or at user endpoints. All traffic to and from users to other networks must pass through the gateway that monitors it. The gateway monitors this traffic for malicious code, web application use, and all user/non-user attempted URL connections.\r\nThe gateway checks or filters website URL addresses against stored lists of known and approved websites—all others not on the approved lists can be explicitly blocked. Known malicious sites can be explicitly blocked as well. URL filters that maintain allowed web addresses are maintained in whitelists, while known, off-limits sites that are explicitly blocked are maintained in blacklists. In enterprises, these lists are maintained in the secure gateway's database, which then applies the list filters to all incoming and outgoing traffic.\r\nSimilarly, data flowing out of the network can be checked, disallowing restricted data sources—data on the network or user devices that are prohibited from distribution. Application-level controls can also be restricted to known and approved functions, such as blocking uploads to software-as-a-service (SaaS) applications (such as Office 365 and Salesforce.com). Although some enterprises deploy secure web gateways in hardware appliances that filter all incoming and outgoing traffic, many organizations use cloud-based, SaaS secure web gateways as a more flexible and less costly solution to deploy and maintain. Organizations with existing hardware investments often combine the two, using hardware at their larger physical sites and cloud-based gateways for remote locations and traveling workers.\r\n<span style=\"font-weight: bold;\">What are some features of secure web gateways?</span>\r\nBeyond basic URL, web application control and data filtering, secure web gateways should provide additional controls and features that enhance network security.\r\n<ul><li>Encrypted traffic analysis. The gateway should compare all traffic to local and global threat lists and reputation sources first, then also analyze the nature of the traffic itself to determine if any content or code poses a threat to the network. This should include SSL-based encrypted traffic.</li><li>Data Loss Prevention. If, for example, a website accepts uploaded documents or data, the documents should first be scanned for sensitive data before being uploaded.</li><li>Social media protection. All information to and from social media should be scanned and filtered.</li><li>Support for all protocols. HTTP, HTTPS, and FTP internet protocols must be supported. While HTTPS is the industry standard now, many sites still support HTTP and FTP connections.</li><li>Integration with zero-day anti-malware solutions. Threats will be discovered, and integration with anti-malware solutions that can detect zero-day (never seen before) threats deliver the best prevention and remediation.</li><li>Integration with security monitoring. Security administrators should be notified of any web gateway security problems via their monitoring solution of choice, typically a security information and event management (SIEM) solution.</li><li>Choice of location. Choose where your secure web gateway best fits in your network—the edge, at endpoints, or in the cloud.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Web_Gateway_Appliance.png"},{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"partnershipProgramme":null}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}