Secure virtual environments Multi-layered security protections for virtual environments including next-generation firewall and advanced threat prevention Inspect all traffic—from inter-VM to perimeter—in the virtual network Permit secure access to remote systems and networks Unified management of virtual and physical environments Consistent security policy and uniform security management across both physical and virtual infrastructures Visibility into virtualization configuration and security changes Separation of duties between virtualization and security teams Licensing is based on virtual cores used and supports dynamic allocation ideal for elastic workloads Thanks to Check Point vSEC Virtual Edition (VE), we have a virtual security solution that fully integrates into our dynamic virtualized environment with all the performance, security and functionality we’ve expected from our physical Check Point gateways for years. Features Full protections with Check Point Software Blades Check Point vSEC Virtual Edition provides the full protections of the Check Point Software Blade architecture. Firewall, IPS, Antivirus, Anti-Bot Software Blades protect services in the public cloud from unauthorized access and attacks. Application Control Software Blade helps prevent application layer denial of service attacks and protects your cloud services. IPsec VPN Software Blade allows secure communication into cloud resources. Mobile Access Software Blade allows mobile users to connect to the cloud using an SSL encrypted connection with two factor authentication and device pairing. Data Loss Prevention Software Blade protects sensitive data from theft or unintentional loss. SandBlast Zero-Day Protection Blades provide the most comprehensive protection against malware and zero-day attacks. Consolidated logs and reporting for hybrid cloud environments Get visibility and enforcement across your virtual infrastructures using the Next Generation SmartEvent Software Blade. Simplify compliance and audits with unified logs and reporting. Centralized management for virtual and physical infrastructures Manage vSEC VE using your existing on-premise Check Point Unified Security Management Solution. Enforce a consistent security policy for corporate assets across both virtual and physical infrastructures from a single console.

CryptoniteNXT is a network appliance that supplements existing network infrastructure to improve security. A unique combination of technologies effectively alters network behavior in real time with no human intervention. CryptoniteNXT blocks malicious activities while at the same time preserving performance and usability for legitimate purposes. Key Benefits of CryptoniteNXT

• Eliminate cyber attacker reconnaissance which shuts down the attack at the earliest possible time, reducing the time to breach detection and reducing the risk of loss and damage to critical assets by a cyber attacker or an insider threat.
• Minimizes or stops lateral movement by unauthorized parties similarly reducing the risk of loss and damage to critical assets.
• Enables broad protection for devices with embedded processors (e.g. automated teller machines (ATMs), medical devices, security equipment, internet of things (IoT) devices and manufacturing industrial control systems) reducing the risk of loss and allowing the delay for investment in expensive equipment upgrades.
• Reduce the risk of delays associated with the installation of critical security software patches and updates. Attackers cannot find, identify and leverage vulnerabilities if they cannot find or see the systems, map the network and research available exploits.
• Enables a true “zero trust environment” which substantially reduces the probability of a successful cyber-attack from sophisticated outside attackers or malicious insiders.
• Stops the propagation of specialized attacker tools such as ransomware.

BIG-IP DNS hyperscales up to 100 million responses per second (RPS) to manage rapid increases in DNS queries. With a set of features that includes multicore scalability, DNS Express, and IP Anycast integration, BIG-IP DNS handles millions of DNS queries, protects your business from DDoS attacks, and ensures top application performance for users. BIG-IP DNS delivers a real-time, signed DNSSEC query response and DNS firewall services for attack protection and mitigates complex threats by blocking access to malicious domains. Works with what you already have in place. BIG-IP DNS services integrate with DNS zone management solutions, increase DNS performance at the network edge, and mask the DNS back-end infrastructure. BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intelligent traffic management decisions, selecting the right destination based on server performance, security, and availability.

SecureSphere use two monitoring channels – one for security policies and one for audit policies. The independence enables resource and task optimization that is not possible with a single channel. SecureSphere Database Firewall

• Logs only what activity is necessary while monitoring all activity for security violations
• Monitors and protects high-transaction databases
• Blocks suspicious behavior when it happens – investigate in-context
• Executes multi-action security alerts, eliminating bottlenecks and delays
• Interlocks database protection with the SecureSphere Web Application Firewall, CounterBreach Insider threat protection, and malware protection, providing multifactored data security

SecureSphere helps organizations address compliance regulations including GDPR, PCI DSS, SOX, POPI, and HIPAA.

Device Integrity is the first solution in cybersecurity for threat detection in industry, which was introduced by Indegy in February 2016.
Indegy Device Integrity is part of the Indegy Industrial CyberSecurity Suite.

Ensuring of Industrial Control Systems (ICS) Indegy's proprietary active detection technology provides organizations with a full range of security by examining and analyzing the entire network - Industrial Control Systems (ICS).

• it detects, classifies and requests all the resources of an automated process control system (ICS) for their configuration, even those that do not exchange data in the network using their own communication protocols,

• actively collects information that cannot be found by the network listening, but which is crucial for the protection of the industrial network - this is a key element of the hybrid threat detection model - Indegy Device Integrity,

• eliminates false alarms, providing full information on the accounting and assessment of all the details, as well as an extended alert context,

• own device requests do not affect network operations.

Hybrid detection engine Indegy Device Integrity technology is an integral part of its unique hybrid threat detection engine. This active detection technology works in cooperation with passive network monitoring, providing critical information about your process control system network, which cannot be gathered only by monitoring network traffic. The patented device integrity features let you keep up with all the details of every asset in your industrial network - all in one window. Full awareness of the situation in your industrial environment significantly reduces the load on equipment and maintenance costs. In this way, Indegy Device Integrity monitors and protects your network and devices simultaneously. By integrating the appropriate context gathered from devices while monitoring network activity, Device Integrity improves alert accuracy and network security analytics performance.

BENEFITS In-depth visibility Often, the data of critical assets do not fall into the network of control systems. Information such as the registered user, the latest updates installed on PCs and servers, as well as the firmware revision and the list of open ports of the PLC / DCS components are stored in the devices themselves. Indegy Device Integrity removes this gap by automatically accessing devices and collecting the most accurate information about each component in your industrial environment. Indegy's integrated asset tracking gives you full visibility and control of ICS assets.

Effective Incident Response When Indegy Industrial Cybersecurity Suite detects a suspicious network event, Device Integrity automatically queries the appropriate devices to collect additional context information. By adding relevant information, such as "who logged in to the engineering station and at what time" and "what was done, changes to the PLC relay logic", Device Integrity provides more meaningful warnings. This improves situational awareness, speeds up cyber attack investigations and mitigation, and also reduces the workload on cyber incident teams.

Local change detection Changes made by authorized personnel or intruders to the controller code, firmware, or configuration using a cable programming cable or USB port cannot be detected while monitoring the network. In some cases, an employee or contractor unknowingly exposes controllers to threats using a laptop with infected software or USB drive. By periodically creating instant device images and comparing them with previous baselines, Indegy can detect changes in the application programs of the controllers and ensure the integrity of the device.

Reduction of security costs Unlike network monitoring technologies that only need to be deployed at each level and switched on the network, Indegy Device Integrity technology allows you to control all routed network sections with a single Indegy device. This can save you significant equipment and maintenance costs, especially in large industrial environments with multiple subnets. Using Indegy technology, you get complete control and overview of your ICS network and all relevant devices without the cost of multiple devices.

Backup and restore Indegy Device Integrity maintains a complete history of changes made to controllers over time. By recording and storing a complete device image, including firmware, configuration, full ladder logic, diagnostic buffer, and tag structure, Indegy keeps track of the version history of each controller and can help determine the previously known “good” state for faster recovery. However, Indegy Device Integrity does not store snapshots of images and does not make any changes to restore the device.

Elimination of “white spots” Indegy Device Integrity detects inactive industrial devices that are connected to the network but do not exchange data. Most industrial controllers have a built-in “find me” mechanism to support asset discovery with one broadcast of a unique package. This mechanism is used by engineering stations to automatically search for all controllers in the network. Indegy Device Integrity uses the same built-in mechanism to provide complete and accurate asset accounting, including inactive devices.

FEATURES Identification of devices on their “native” protocol
Indegy Device Integrity polls assets only after full identification and only on the “native” protocol.

Compliance with security policy from the vendor
Industrial controllers are only available in a manner that the vendor has provided for.

Requirements Compliance
Schedules and policy settings are customized to your technology needs.

"Read-only" activity out of range
Indegy Device Integrity uses communications solely for reading, without changing the configuration and configuration of devices.

Zero impact, maximum efficiency
Device Integrity safely addresses to devices in their own protocols and only reads information without configuration changes without affecting the network.

Extended Asset Details
Monitoring device metadata: firmware, OS versions, controller configurations, or logged in users who usually do not appear on the network.

Quick and Smart with Dual Detection Engines

WEBFRONT-K immediately blocks known web vulnerabilities immediately by pattern atching of signatures, and new attacks logically analyze the nature of attacks and intelligently block them. It is fully compatible with the OWASP TOP 10 vulnerability. Ultimate performance Web Application Firewall WEBFRONT-K series support stable web service under mission-critical with 40Gbps performance to various customers; Telecom, Finance, Portal, and online/mobile service providers. WEBFRONT-K series guarantee your seamless service with protecting servers under attacking circumstance like DDoS and covering up to 20 million concurrent sessions for massive traffic. It has specialized design to secure web attacks as well as supports stable performance like CPS, TPS, and SSL acceleration. High Availability with various deployments WEBFRONT-K series support flexible deployments to build as meeting on demands. It enhances more availabilities with exclusive deploying modes to customers who are considering of service level guarantee seriously like finance, portal, and game providers. Fits in the Cloud Supports REST API and ANSIBLE for easy cloud management. WEBFRONT-KS, a software WAF, supports both public and private clouds.

SONICWALL CAPTURE ADVANCED THREAT PROTECTION SonicWall Capture Advanced Threat Protection service is a cloud-based network sandbox that analyzes suspicious code to help discover and stop newly developed malware.

• Multi-engine cloud sandbox that includes virtualization, hypervisor level analysis and full-system emulation
• High security effectiveness at diagnosing new threats
• Automated breach prevention enabled by blocking files until a security verdict is determined
• Near real-time signature deployment protects organizations from follow-on attacks
• Email and app notifications with robust reporting from the sandbox environment

MULTI-ENGINE ADVANCED THREAT ANALYSIS Capture executes suspicious code and analyzes behavior simultaneously in multiple engines. This provides you with comprehensive visibility into malicious activity, while resisting evasion tactics and maximizing zero-day threat detection. BROAD FILE TYPE ANALYSIS Analyze a broad range of operating systems and file types, including executable programs, DLL, PDF, MS Office documents, archives, JAR and APK. BLOCK UNTIL VERDICT To prevent potentially malicious files from entering the network, files sent to the cloud for analysis can be held at the gateway until a verdict is determined. RAPID DEPLOYMENT OF REMEDIATION SIGNATURES When a file is identified as malicious, a hash is immediately created within Capture and later a signature is sent to firewalls to prevent follow-on attacks. REPORTING AND ALERTS Capture Advanced Threat Protection offers an at-a-glance dashboard with reports that detail the analysis results for files sent to the service, including session information, OS information, OS activity and network activity.

Unified Threat Management makes security simple. Sophos UTM provides the ultimate network security package with everything you need in a single modular appliance. It simplifies your IT security without the complexity of multiple-point solutions. The intuitive interface will help you quickly create policies to control security risks. And clear, detailed reports will give you the insight you need to improve your network performance and protection. Highlights

• Every feature available  on every appliance
• Firewall, VPN, ATP, IPS, email, web filtering and app control
• Hardware, virtualized, software or cloudbased appliance
• Intuitive browserbased interface
• Built-in reporting on all models
• Two-factor authentication with one-time password (OTP) in many areas
• Integrated wireless controller

Consolidated network security platform — no compromise Protect your network using multi-layered proven protection technologies including Advanced Threat Protection (ATP), IPS, VPN, email and web filtering combined with the industry’s simplest admin interface. We’ve engineered our software and hardware to give you the throughput speeds you need. And, you can choose the level of protection you need with modular subscriptions as every feature is available on every appliance. All the Next-Gen Firewall features you need We’ll give you complete control to block, allow, shape and prioritize applications. Our Deep Layer-7 inspection (Next-Generation Firewall) ensures true application identification and has regular automatic updates. And you’ll get feedback on unclassified applications too. Intuitive management and detailed reporting You’ll know what’s happening with your users and you’ll have complete control over all the features you need, with none of the complexity. Easily build policies while getting detailed real-time and historical data with our on-box reporting, helping you to fix problems fast. And our Free Sophos UTM Manager lets you centrally administer several appliances through a single login. Connect remote offices with easy VPN and Wi-Fi Sophos RED (Remote Ethernet Device) provides secure remote access to your off-site locations. It’s the first security gateway that requires no technical skills at the remote site. Once installed, it forwards traffic to the UTM for complete security. Sophos UTM also works as a wireless controller; access points are automatically set up and receive complete UTM protection.

WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Residential Estates, Events etc. across the globe.
The product is available in 30+ different models to serve wide range of concurrent users with throughput range from 3.2 Gbps to 240 Gbps.

It offers features like

• Access/Interface Management
• Network Management
• User/Guest Management
• BandWidth Management
• Quality Of Service
• Data Leakage Prevention
• Content Filtering
• Load Balancing
• High Availability
• Gateway Anti-Virus
• Anti-Spam
• Web Server Protection
• Sandbox
• Advance Threat Protection
• Intrusion Prevention System
• Virtual Private Network
• Vulnerability Assessment
• Intuitive & Location Aware Captive Portals
• SMS Gateway Integration
• Social Media Engagement/Advertisement option
• Feedback Management
• User Logging
• Reporting and Analytics
• Prepaid/Postpaid Billing
• Voucher Management
• PMS/HIS Integration
• AP/Device Management
• Alert Management

 

WiJungle seamlessly manages the network, internet and security of different business verticals like Enterprises, Education Institutes, Hospitality, Healthcare, Retail, Transport, Smart City, Defence, Events etc.                
The product is available in 30+ different models to serve wide range of concurrent users.

It offers features like

• Access/Interface Management
• Network Management
• User/Guest Management
• BandWidth Management
• Quality Of Service
• Data Leakage Prevention
• Content Filtering
• Load Balancing
• High Availability
• Gateway Anti-Virus
• Anti-Spam
• Web Server Protection
• Sandbox
• Advance Threat Protection
• Intrusion Prevention System
• Virtual Private Network
• Vulnerability Assessment
• Intuitive & Location Aware Captive Portals
• SMS Gateway Integration
• Social Media Engagement/Advertisement option
• Feedback Management
• User Logging
• Reporting and Analytics
• Prepaid/Postpaid Billing
• Voucher Management
• PMS/HIS Integration
• AP/Device Management
• Alert Management