{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"company":{"role-vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"role-supplier":{"en":"Supplier","ru":"Поставщик","_type":"localeString"},"products-popover":{"de":"die produkte","ru":"Продукты","_type":"localeString","en":"Products"},"introduction-popover":{"en":"introduction","ru":"внедрения","_type":"localeString"},"partners-popover":{"_type":"localeString","en":"partners","ru":"партнеры"},"update-profile-button":{"_type":"localeString","en":"Update profile","ru":"Обновить профиль"},"read-more-button":{"en":"Show more","ru":"Показать ещё","_type":"localeString"},"hide-button":{"_type":"localeString","en":"Hide","ru":"Скрыть"},"user-implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"categories":{"_type":"localeString","en":"Categories","ru":"Компетенции"},"description":{"en":"Description","ru":"Описание","_type":"localeString"},"role-user":{"ru":"Пользователь","_type":"localeString","en":"User"},"partnership-vendors":{"_type":"localeString","en":"Partnership with vendors","ru":"Партнерство с производителями"},"partnership-suppliers":{"en":"Partnership with suppliers","ru":"Партнерство с поставщиками","_type":"localeString"},"reference-bonus":{"_type":"localeString","en":"Bonus 4 reference","ru":"Бонус за референс"},"partner-status":{"en":"Partner status","ru":"Статус партнёра","_type":"localeString"},"country":{"en":"Country","ru":"Страна","_type":"localeString"},"partner-types":{"_type":"localeString","en":"Partner types","ru":"Типы партнеров"},"branch-popover":{"_type":"localeString","en":"branch","ru":"область деятельности"},"employees-popover":{"ru":"количество сотрудников","_type":"localeString","en":"number of employees"},"partnership-programme":{"_type":"localeString","en":"Partnership program","ru":"Партнерская программа"},"partner-discounts":{"en":"Partner discounts","ru":"Партнерские скидки","_type":"localeString"},"registered-discounts":{"_type":"localeString","en":"Additional benefits for registering a deal","ru":"Дополнительные преимущества за регистрацию сделки"},"additional-advantages":{"en":"Additional Benefits","ru":"Дополнительные преимущества","_type":"localeString"},"additional-requirements":{"_type":"localeString","en":"Partner level requirements","ru":"Требования к уровню партнера"},"certifications":{"ru":"Сертификация технических специалистов","_type":"localeString","en":"Certification of technical specialists"},"sales-plan":{"_type":"localeString","en":"Annual Sales Plan","ru":"Годовой план продаж"},"partners-vendors":{"en":"Partners-vendors","ru":"Партнеры-производители","_type":"localeString"},"partners-suppliers":{"ru":"Партнеры-поставщики","_type":"localeString","en":"Partners-suppliers"},"all-countries":{"ru":"Все страны","_type":"localeString","en":"All countries"},"supplied-products":{"en":"Supplied products","ru":"Поставляемые продукты","_type":"localeString"},"vendored-products":{"ru":"Производимые продукты","_type":"localeString","en":"Produced products"},"vendor-implementations":{"en":"Produced deployments","ru":"Производимые внедрения","_type":"localeString"},"supplier-implementations":{"ru":"Поставляемые внедрения","_type":"localeString","en":"Supplied deployments"},"show-all":{"en":"Show all","ru":"Показать все","_type":"localeString"},"not-yet-converted":{"_type":"localeString","en":"Data is moderated and will be published soon. Please, try again later.","ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время."},"schedule-event":{"ru":"Pасписание событий","_type":"localeString","en":"Events schedule"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"register":{"_type":"localeString","en":"Register","ru":"Регистрация "},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"auth-message":{"ru":"Для просмотра ивентов компании авторизируйтесь или зарегистрируйтесь на сайт.","_type":"localeString","en":"To view company events please log in or register on the sit."},"company-presentation":{"ru":"Презентация компании","_type":"localeString","en":"Company presentation"}},"header":{"help":{"_type":"localeString","en":"Help","de":"Hilfe","ru":"Помощь"},"how":{"en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает","_type":"localeString"},"login":{"_type":"localeString","en":"Log in","de":"Einloggen","ru":"Вход"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"de":"FAQ","ru":"FAQ","_type":"localeString","en":"FAQ"},"references":{"de":"References","ru":"Мои запросы","_type":"localeString","en":"Requests"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find-it-product":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"_type":"localeString","en":"ROI calculators","ru":"ROI калькуляторы"},"b4r":{"_type":"localeString","en":"Bonus for reference","ru":"Бонус за референс"},"business-booster":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"catalogs":{"en":"Catalogs","ru":"Каталоги","_type":"localeString"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"ru":"Категории","_type":"localeString","en":"Categories"},"for-suppliers":{"ru":"Поставщикам","_type":"localeString","en":"For suppliers"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"ru":"Сделки","_type":"localeString","en":"Deals"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"_type":"localeString","en":"Register","ru":"Зарегистрироваться"},"comparison-deletion":{"ru":"Удаление","_type":"localeString","en":"Deletion"},"comparison-confirm":{"en":"Are you sure you want to delete","ru":"Подтвердите удаление","_type":"localeString"},"search-placeholder":{"_type":"localeString","en":"Enter your search term","ru":"Введите поисковый запрос"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"en":"Roi4Presenter","_type":"localeString"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"sub_it_catalogs":{"en":"Find IT product","_type":"localeString"},"sub_b4reference":{"en":"Get reference from user","_type":"localeString"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"},"it_our_it_catalogs":{"en":"Our IT Catalogs","_type":"localeString"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"en":"Find vendor and company-supplier","_type":"localeString"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"en":"IT catalogs","_type":"localeString"}},"footer":{"copyright":{"_type":"localeString","en":"All rights reserved","de":"Alle rechte vorbehalten","ru":"Все права защищены"},"company":{"_type":"localeString","en":"My Company","de":"Über die Firma","ru":"О компании"},"about":{"de":"Über uns","ru":"О нас","_type":"localeString","en":"About us"},"infocenter":{"ru":"Инфоцентр","_type":"localeString","en":"Infocenter","de":"Infocenter"},"tariffs":{"ru":"Тарифы","_type":"localeString","en":"Subscriptions","de":"Tarife"},"contact":{"ru":"Связаться с нами","_type":"localeString","en":"Contact us","de":"Kontaktiere uns"},"marketplace":{"de":"Marketplace","ru":"Marketplace","_type":"localeString","en":"Marketplace"},"products":{"ru":"Продукты","_type":"localeString","en":"Products","de":"Produkte"},"compare":{"_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche","ru":"Подобрать и сравнить"},"calculate":{"de":"Kosten berechnen","ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost"},"get_bonus":{"_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс"},"salestools":{"en":"Salestools","de":"Salestools","ru":"Salestools","_type":"localeString"},"automatization":{"_type":"localeString","en":"Settlement Automation","de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов"},"roi_calcs":{"de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"matrix":{"de":"Vergleichsmatrix","ru":"Матрица сравнения","_type":"localeString","en":"Comparison matrix"},"b4r":{"en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString"},"our_social":{"en":"Our social networks","de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString"},"subscribe":{"ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"en":"Privacy Policy","ru":"Политика конфиденциальности","_type":"localeString"},"user_agreement":{"_type":"localeString","en":"Agreement","ru":"Пользовательское соглашение "},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"quote":{"ru":"Калькулятор цены","_type":"localeString","en":"Price calculator"},"boosting":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"en":"blog","ru":"блог","_type":"localeString"},"pay4content":{"ru":"платим за контент","_type":"localeString","en":"we pay for content"},"categories":{"en":"categories","ru":"категории","_type":"localeString"},"showForm":{"_type":"localeString","en":"Show form","ru":"Показать форму"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"_type":"localeString","en":"Email","ru":"Email"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"ru":"Это поле обязательное","_type":"localeString","en":"This field is required"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"ru":"Подписаться","_type":"localeString","en":"Subscribe"},"subscribe__email-message":{"en":"Please, enter the valid email","ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString"},"subscribe__email-placeholder":{"_type":"localeString","en":"username@gmail.com","ru":"username@gmail.com"},"subscribe__name-placeholder":{"en":"Last, first name","ru":"Имя Фамилия","_type":"localeString"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"_type":"localeString","en":"Subscription is unsuccessful. Please, try again later.","ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее."},"roi4presenter":{"en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter","_type":"localeString"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"_type":"localeString","en":"Home","ru":"Главная"},"companies":{"en":"Companies","ru":"Компании","_type":"localeString"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"login":{"en":"Login","ru":"Вход","_type":"localeString"},"registration":{"_type":"localeString","en":"Registration","ru":"Регистрация"},"b2b-platform":{"ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers"}},"comment-form":{"title":{"_type":"localeString","en":"Leave comment","ru":"Оставить комментарий"},"firstname":{"ru":"Имя","_type":"localeString","en":"First name"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"_type":"localeString","en":"Actual cost","ru":"Фактическая стоимость"},"received-roi":{"en":"Received ROI","ru":"Полученный ROI","_type":"localeString"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"ru":"Комментарий","_type":"localeString","en":"Comment"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"_type":"localeString","en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности"},"send":{"_type":"localeString","en":"Send","ru":"Отправить"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"ru":"На сайте проводятся технические работы","_type":"localeString","en":"Site under maintenance"},"message":{"en":"Thank you for your understanding","ru":"Спасибо за ваше понимание","_type":"localeString"}}},"translationsStatus":{"company":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"company":{"meta":[{"name":"og:image","content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg"},{"content":"website","name":"og:type"}],"translatable_meta":[{"name":"title","translations":{"_type":"localeString","en":"Company","ru":"Компания"}},{"name":"description","translations":{"en":"Company description","ru":"Описание компании","_type":"localeString"}},{"name":"keywords","translations":{"en":"Company keywords","ru":"Ключевые слова для компании","_type":"localeString"}}],"title":{"ru":"ROI4CIO: Компания","_type":"localeString","en":"ROI4CIO: Company"}}},"pageMetaDataStatus":{"company":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{"smart-net":{"id":3323,"title":"Smart Net","logoURL":"https://old.roi4cio.com/uploads/roi/company/Smart_Net.png","alias":"smart-net","address":"","roles":[{"id":2,"type":"supplier"}],"description":"Smart Net company was founded in 2010. The company creates and implements customized complete solutions in the field of telecommunications infrastructure for the banking sector, government and commercial organizations, industrial enterprises, research centers, service providers, data centers, social facilities.","companyTypes":["supplier"],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":9,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":1,"supplierPartnersCount":0,"b4r":0,"categories":{"25":{"id":25,"title":"Web filtering","description":" <span style=\"font-weight: bold; \">Web filtering</span> is a technology that stops users from viewing certain URLs or websites by preventing their browsers from loading pages from these sites. Web filters are made in different ways and deliver various solutions for individual, family, institutional or enterprise use.\r\nIn general, Web filters work in two distinct ways. They can <span style=\"font-weight: bold; \">block content</span> as determined by quality of the site, by consulting known lists which document and categorize popular pages across all genres of content. Or, they can <span style=\"font-weight: bold; \">evaluate the content</span> of the page live and block it accordingly. Many Web filter tools work off of a constantly updated URL database that shows which websites and domains are associated with hosting malware, phishing, viruses or other tools for harmful activities.\r\n<span style=\"font-weight: bold;\">Web Filtering Types.</span> <span style=\"font-style: italic;\">Blacklist & Whitelist Filters:</span>when using blacklists, an administrator (which might be a parent) manually enters all websites that are deemed inappropriate into the program, and those sites are subsequently blocked. Whitelists are used in exactly the same way, only in reverse – i.e. URLs are manually entered onto a whitelist, and all other websites are then off-limits.\r\n<span style=\"font-style: italic; \">Keyword And Content Filters: </span>this type of filtering is in many ways similar to black and whitelist filtering, though with a slightly broader scope. Keyword and content filters will filter out websites that contain specific keywords or predefined content (such as pornography, for example).\r\nSome website filtering software also provides reporting so that the installer can see what kind of traffic is being filtered and who has requested it. Some products provide soft blocking (in which a warning page is sent to the user instead of the requested page while still allowing access to the page) and an override capability that allows an administrator to unlock a page. \r\n<span style=\"font-weight: bold; \">Web Filtering Software for Business.</span> Most organizations have moved to cloud based-applications, making browsers a tool that employees use on a daily basis to access work. Browsers have become a conduit to not only the cloud, but also to immeasurable malware and distractions hosted on the web. In order to ensure that browsers do not bring in malicious traffic, web filtering software becomes necessary.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">What is Enterprise Web Filtering Software?</h1>\r\nAntivirus and antimalware software are required to detect malicious programs that has been downloaded, but it is now important for enterprise web filtering software to be installed. Content filtering software is an invaluable protection against a wide range of web-borne threats. Rather than allowing malware and ransomware to be downloaded, it prevents end users from visiting websites that contain these malicious threats.\r\nInternet filtering software is also one of the most effective ways to neutralize the threat from phishing. Phishing is a technique used by cybercriminals to gain access to sensitive user information. Phishers trick end users into revealing login credentials or downloading malicious software onto their computers.\r\nPhishing involves sophisticated social engineering techniques to fool end users into visiting malicious websites. If employees can be convinced to reveal sensitive information or download ransomware or malware, cybercriminals can easily bypass even the most sophisticated of cybersecurity defenses.\r\n<h1 class=\"align-center\">What is URL Filtering?</h1>\r\nURL filtering is a type of network filtering software that helps businesses control their users’ and guests’ ability to access certain content on the web. If you’ve ever gotten a “block” page while surfing the internet at the office, then your company is using web filtering.\r\nSome employers may only be concerned about blocking access to websites that are known to spread malware or steal information. Other businesses may block content they find inappropriate, such as adult websites or sites that promote violence, or content that violates compliance regulations. They may also choose to activate web protection software to block social media or video streaming sites to minimize drains on productivity and network bandwidth.\r\nTypically, URL filtering software is provided by a cybersecurity service, firewall, or router. Each of these may use a variety of threat intelligence sources to determine which websites fit into their chosen acceptable and unacceptable categories. That’s where highly reliable web reputation services are most valuable. Sources that have extensive web histories and real-time active crawling services will provide the most accurate content determinations.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Web_filtering.png","alias":"web-filtering"},"41":{"id":41,"title":"Antispam","description":"In each system, which involves the communication of users, there is always the problem of spam, or the mass mailing of unsolicited emails, which is solved using the antispam system. An antispam system is installed to catch and filter spam at different levels. Spam monitoring and identification are relevant on corporate servers that support corporate email, here the antispam system filters spam on the server before it reaches the mailbox. There are many programs that help to cope with this task, but not all of them are equally useful. The main objective of such programs is to stop sending unsolicited letters, however, the methods of assessing and suppressing such actions can be not only beneficial but also detrimental to your organization. So, depending on the rules and policies of mail servers, your server, or even a domain, may be blacklisted and the transfer of letters will be limited through it, and you may not even be warned about it.\r\nThe main types of installation and use of anti-spam systems:\r\n<ul><li>installation of specialized equipment, a gateway that filters mail before it reaches the server;</li><li>use of external antispam systems for analyzing emails and content;</li><li>setting up an antispam system with the ability to learn on the mail server itself;</li><li>installation of spam filtering software on the client’s computer.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Anti-spam technologies:</span>\r\n<span style=\"font-weight: bold;\">Heuristic analysis</span>\r\nExtremely complex, highly intelligent technology for empirical analysis of all parts of a message: header fields, message bodies, etc. Not only the message itself is analyzed. The heuristic analyzer is constantly being improved, new rules are continuously added to it. It works “ahead of the curve” and makes it possible to recognize still unknown varieties of spam of a new generation before the release of available updates.\r\n<span style=\"font-weight: bold;\">Filtering counteraction</span>\r\nThis is one of the most advanced and effective anti-spam technologies. It is to recognize the tricks resorted to by spammers to bypass anti-spam filters.\r\n<span style=\"font-weight: bold;\">HTML based analysis</span>\r\nHTML code comparable to samples of HTML signatures in antispam. Such a comparison, using the available data on the size of typical spam images, protects users from spam messages using HTML-code, which are often included in the online image.\r\n<span style=\"font-weight: bold;\">Spam detection technology for message envelopes</span>\r\nDetection of fakes in the "stamps" of SMTP-servers and in other elements of the e-mail header is the newest direction in the development of anti-spam methods. Email addresses can not be trusted. Fake emails contain more than just spam. For example, anonymous and even threats. Technologies of various anti-spam systems allow you to send such messages. Thus, it provides not only the economic movement, but also the protection of employees.\r\n<span style=\"font-weight: bold;\">Semantic analysis</span>\r\nMeaning in words and phrases is compared with typical spam vocabulary. Comparison of provisions for a special dictionary, for expression and symbols.\r\n<span style=\"font-weight: bold;\">Anti-camming technology</span>\r\nScamming is probably the most dangerous type of spam. All of them have the so-called "Nigerian letters", reports of winnings in the lottery, casino, fake letters and credit services.\r\n<span style=\"font-weight: bold;\">Technical spam filtering</span>\r\nAutomatic notification of e-mail - bounce-messages - to inform users about the malfunction of the postal system (for example, non-delivery of address letters). Attackers can use similar messages. Under the guise of a technical notification, computer service or ordinary spam can penetrate the computer.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Antispam.png","alias":"antispam"},"42":{"id":42,"title":"UTM - Unified threat management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg","alias":"utm-unified-threat-management"},"50":{"id":50,"title":"IPC - Information Protection and Control","description":"Information Protection and Control (IPC) is a technology for protecting confidential information from internal threats. IPC solutions are designed to protect information from internal threats, prevent various types of information leaks, corporate espionage, and business intelligence. The term IPC combines two main technologies: encryption of storage media at all points of the network and control of technical channels of information leakage using Data Loss Prevention (DLP) technologies. Network, application and data access control is a possible third technology in IPC class systems. IPC includes solutions of the Data Loss Prevention (DLP) class, a system for encrypting corporate information and controlling access to it. The term IPC was one of the first to use IDC analyst Brian Burke in his report, Information Protection and Control Survey: Data Loss Prevention and Encryption Trends.\r\nIPC technology is a logical continuation of DLP technology and allows you to protect data not only from leaks through technical channels, that is, insiders, but also from unauthorized user access to the network, information, applications, and in cases where the direct storage medium falls into the hands of third parties. This allows you to prevent leaks in those cases when an insider or a person who does not have legal access to data gain access to the direct carrier of information. For example, removing a hard drive from a personal computer, an insider will not be able to read the information on it. This allows you to prevent the compromise of confidential data even in the event of loss, theft or seizure (for example, when organizing operational events by special services specialists, unscrupulous competitors or raiders).\r\nThe main objective of IPC systems is to prevent the transfer of confidential information outside the corporate information system. Such a transfer (leak) may be intentional or unintentional. Practice shows that most of the leaks (more than 75%) do not occur due to malicious intent, but because of errors, carelessness, carelessness, and negligence of employees - it is much easier to detect such cases. The rest is connected with the malicious intent of operators and users of enterprise information systems, in particular, industrial espionage and competitive intelligence. Obviously, malicious insiders, as a rule, try to trick IPC analyzers and other control systems.","materialsDescription":"<span style=\"font-weight: bold; \">What is Information Protection and Control (IPC)?</span>\r\nIPC (English Information Protection and Control) is a generic name for technology to protect confidential information from internal threats.\r\nIPC solutions are designed to prevent various types of information leaks, corporate espionage, and business intelligence. IPC combines two main technologies: media encryption and control of technical channels of information leakage (Data Loss Prevention - DLP). Also, the functionality of IPC systems may include systems of protection against unauthorized access (unauthorized access).\r\n<span style=\"font-weight: bold; \">What are the objectives of IPC class systems?</span>\r\n<ul><li>preventing the transfer of confidential information beyond the corporate information system;</li><li>prevention of outside transmission of not only confidential but also other undesirable information (offensive expressions, spam, eroticism, excessive amounts of data, etc.);</li><li>preventing the transmission of unwanted information not only from inside to outside but also from outside to inside the organization’s information system;</li><li>preventing employees from using the Internet and network resources for personal purposes;</li><li>spam protection;</li><li>virus protection;</li><li>optimization of channel loading, reduction of inappropriate traffic;</li><li>accounting of working hours and presence at the workplace;</li><li>tracking the reliability of employees, their political views, beliefs, collecting dirt;</li><li>archiving information in case of accidental deletion or damage to the original;</li><li>protection against accidental or intentional violation of internal standards;</li><li>ensuring compliance with standards in the field of information security and current legislation.</li></ul>\r\n<span style=\"font-weight: bold; \">Why is DLP technology used in IPC?</span>\r\nIPC DLP technology supports monitoring of the following technical channels for confidential information leakage:\r\n<ul><li>corporate email;</li><li>webmail;</li><li>social networks and blogs;</li><li>file-sharing networks;</li><li>forums and other Internet resources, including those made using AJAX technology;</li><li>instant messaging tools (ICQ, Mail.Ru Agent, Skype, AOL AIM, Google Talk, Yahoo Messenger, MSN Messenger, etc.);</li><li>P2P clients;</li><li>peripheral devices (USB, LPT, COM, WiFi, Bluetooth, etc.);</li><li>local and network printers.</li></ul>\r\nDLP technologies in IPC support control, including the following communication protocols:\r\n<ul><li>FTP;</li><li>FTP over HTTP;</li><li>FTPS;</li><li>HTTP;</li><li>HTTPS (SSL);</li><li>NNTP;</li><li>POP3;</li><li>SMTP.</li></ul>\r\n<span style=\"font-weight: bold; \">What information protection facilities does IPC technology include?</span>\r\nIPC technology includes the ability to encrypt information at all key points in the network. The objects of information security are:\r\n<ul><li>Server hard drives;</li><li>SAN;</li><li>NAS;</li><li>Magnetic tapes;</li><li>CD/DVD/Blue-ray discs;</li><li>Personal computers (including laptops);</li><li>External devices.</li></ul>\r\nIPC technologies use various plug-in cryptographic modules, including the most efficient algorithms DES, Triple DES, RC5, RC6, AES, XTS-AES. The most used algorithms in IPC solutions are RC5 and AES, the effectiveness of which can be tested on the project [distributed.net]. They are most effective for solving the problems of encrypting data of large amounts of data on server storages and backups.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/IPC_-_Information_Protection_and_Control.png","alias":"ipc-information-protection-and-control"},"205":{"id":205,"title":"NAC - Network Access Control","description":"<span style=\"font-weight: bold; \">Network Access Control (NAC)</span> is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement. NAC solutions have become an extremely valuable tool in recent years, as mobile devices and the Internet of Things (IoT) have surged to prominence in various industries across the world. These new pieces of emerging technology come with their own set of vulnerabilities, which poses a challenge to IT security experts. \r\nNAC systems are put into place to make sure that anyone who enters the system, both in terms of users and devices, is authorized. After being routed the efforts at connection, the network access control system confirms privileges using an identity and access management (IAM, a program that checks users for appropriate permissions to access data materials, as indicated by internal policies). With the information from the IAM, along with a pre-established list of rules, the NAC software is able to smartly accept or deny access requests.\r\nFortunately, NAC products are designed to handle large enterprise networks that have a range of device types trying to connect at all times. Without a NAC in place, companies take on a huge amount of risk by adopting a bring-your-own-device (BYOD) policy, which allows employees and vendors to use their own smartphones and tablets on the local network. Network access control software and hardware require an upfront investment but prove their worth in the long run.","materialsDescription":"<h1 class=\"align-center\"> How a NAC solution works?</h1>\r\nWhen you adopt a network access control solution, the first thing it will do is find all devices currently accessing the system; identify what kind of device they are; and determine whether to validate them and how to treat them using preestablished protocols designed by the company’s security personnel. A network access control system has rules related to a wide spectrum of devices, along with finely grained settings to help you determine permissions. A unified administrative system houses these rules and applies them as needed.\r\nMany companies will utilize NAC as their staff grows and they have an increasing number of devices to manage. These solutions are also helpful for achieving data protection across a variety of different branch locations. The difficulty of securing an organization and managing access has become especially overwhelming in an era when widespread incorporation of IOT devices is becoming more common throughout business; NAC is the fix. The general issue with bring your own device (BYOD), though, is what drew many businesses to this service.\r\n<h1 class=\"align-center\">How to Choose a Network Access Control Solution</h1>\r\nTo help narrow down your search for NAC products, you should first focus on tools that offer native integration with your enterprise’s existing software. You don’t want to have to change your infrastructure or network design in order to bring the NAC solution online. If you are heavily dependent on a cloud architecture, then look for solutions that are fully supported by your hosting provider.\r\nNext, think about what kind of proactive tools come included with the NAC suite. Some vendors offer all-in-one packages that feature a full virus scanning utility and firewall mechanism alongside everything else in the NAC. If your IT security strategy is not very mature, this kind of suite may be very helpful.\r\nOf course, one key factor when looking at NAC options is the price point. Some vendors will sell their products at a flat rate, while others are quickly going the route of Software as a Service (SaaS) subscription, an increasingly-popular business model that requires a monthly payment and ongoing contract. Think about the state of your IT budget while remembering that the upfront investment could save you lots of money down the road.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/NAC_-_Network_Access_Control__1_.png","alias":"nac-network-access-control"},"832":{"id":832,"title":"CASB - Cloud Access Security Broker","description":"A cloud access security broker (CASB) (sometimes pronounced cas-bee) is on-premises or cloud-based software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies. A CASB can offer a variety of services, including but not limited to monitoring user activity, warning administrators about potentially hazardous actions, enforcing security policy compliance, and automatically preventing malware.\r\nA CASB may deliver security, the management or both. Broadly speaking, "security" is the prevention of high-risk events, whilst "management" is the monitoring and mitigation of high-risk events.\r\nCASBs that deliver security must be in the path of data access, between the user and the cloud. Architecturally, this might be achieved with proxy agents on each end-point device, or in agentless fashion without requiring any configuration on each device. Agentless CASB allows for rapid deployment and delivers security on all devices, company-managed or unmanaged BYOD. Agentless CASB also respects user privacy, inspecting only corporate data. Agent-based CASB is difficult to deploy and effective only on devices that are managed by the corporation. Agent-based CASB typically inspects both corporate and personal data.\r\nCASBs that deliver management may use APIs to inspect data and activity in the cloud to alert of risky events after the fact. Another management capability of a CASB is to inspect firewall or proxy logs for the usage of cloud applications.","materialsDescription":"<span style=\"font-weight: bold;\">What is CASB?</span> A Cloud Access Security Broker (CASB) is a policy enforcement point that secures data & apps in the cloud and on any device, anywhere.\r\n<span style=\"font-weight: bold;\">What is the difference between security and management?</span> Security is preventing risky events from happening, management is cleaning up after high-risk events.\r\n<span style=\"font-weight: bold;\">What is Shadow IT?</span> Cloud applications used by business users without IT oversight, also known as unmanaged apps.\r\n<span style=\"font-weight: bold;\">What are managed apps?</span> Cloud Applications that are managed by IT, e.g.Office 365.\r\n<span style=\"font-weight: bold;\">What are the types of CASB?</span> Three types of Cloud Access Security Broker\r\n<ul><li>a) API-only CASB offer basic management</li><li>b) multi-mode first-gen CASB offer management & security</li><li>c) Next-Gen CASB deliver management, security & Zero-Day protection.</li></ul>\r\n<span style=\"font-weight: bold;\">What is a forward proxy?</span> A proxy where traffic must be forwarded by the end-point Such proxies requires agents and configuration on client devices.\r\n<span style=\"font-weight: bold;\">What is a reverse proxy?</span> A proxy where traffic is automatically routed, requiring no agent or configuration on the end-point.\r\n<span style=\"font-weight: bold;\">What is AJAX-VM?</span> Acronym for "Adaptive Javascript and XML- Virtual Machine." AJAX-VM virtualizes cloud apps on the fly so they can be proxied without agents. Reverse-proxy CASB are brittle without AJAX-VM and break frequently with app changes.\r\n<span style=\"font-weight: bold;\">What are the types of CASB architecture?</span> There are three types of CASB architecture: API-only, forward proxy, and reverse proxy. Some CASB are API-only, others API and forward proxy. Next-Gen CASBs offer all three with AJAX-VM.\r\n<span style=\"font-weight: bold;\">What is CASB encryption?</span> Encryption/decryption of data prior to upload/download to a cloud application.\r\n <span style=\"font-weight: bold;\">What is searchable encryption?</span> An encryption system that combines full encryption with a clear-text index to enable search and sort without compromising encryption strength.\r\n<span style=\"font-weight: bold;\">What is tokenization?</span> Obfuscation by encoding each input string as a unique output string.\r\n<span style=\"font-weight: bold;\">What is agentless MDM?</span> Mobile security for BYOD that does not require agents. Easy to deploy and has no access to personal data or apps, thereby preserving user privacy.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_CASB.png","alias":"casb-cloud-access-security-broker"},"834":{"id":834,"title":"IoT - Internet of Things Security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png","alias":"iot-internet-of-things-security"},"838":{"id":838,"title":"Endpoint Detection and Response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png","alias":"endpoint-detection-and-response"}},"branches":"Information Technology","companyUrl":"http://smartnet.ua/","countryCodes":["UKR"],"certifications":[],"isSeller":true,"isSupplier":true,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Smart Net","keywords":"centers, Smart, company, organizations, commercial, sector, government, industrial","description":"Smart Net company was founded in 2010. The company creates and implements customized complete solutions in the field of telecommunications infrastructure for the banking sector, government and commercial organizations, industrial enterprises, research centers","og:title":"Smart Net","og:description":"Smart Net company was founded in 2010. The company creates and implements customized complete solutions in the field of telecommunications infrastructure for the banking sector, government and commercial organizations, industrial enterprises, research centers","og:image":"https://old.roi4cio.com/uploads/roi/company/Smart_Net.png"},"eventUrl":"","vendorPartners":[{"vendor":"Fortinet","partnershipLevel":"Platinum","countries":"","partnersType":""}],"supplierPartners":[],"vendoredProducts":[],"suppliedProducts":[{"id":3603,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png","logo":true,"scheme":false,"title":"FortiNet FortiClient","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":21,"alias":"fortinet-forticlient","companyTitle":"Fortinet","companyTypes":["vendor"],"companyId":690,"companyAlias":"fortinet","description":"Endpoints are frequently the target of initial compromise or attacks. One recent study found that 30% of breaches involved malware being installed on endpoints. <span style=\"font-weight: bold; \">FortiClient</span> strengthens endpoint security through integrated visibility, control, and proactive defense. With the ability to discover, monitor, and assess endpoint risks, you can ensure endpoint compliance, mitigate risks, and reduce exposure. FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.\r\n<span style=\"font-weight: bold; \">FortiClient is more than advanced endpoint protection.</span> As an integrated agent, FortiClient contains three key modules: Fabric Agent for security Fabric connectivity, the endpoint security modules, and the secure remote access modules. Fabric Agent shares endpoint telemetry with the Security Fabric and delivers broad endpoint visibility, compliance control, and vulnerability management. It provides advanced endpoint protection with pattern-based anti-malware, behavior-based exploit protection, web-filtering, and an application firewall. FortiClient natively integrates with FortiSandbox to detect zero-day threats and custom malware. FortiClient also provides secure remote access with built-in VPN, single-sign-on, and two-factor authentication for added security.\r\n<span style=\"text-decoration: underline; \"><span style=\"font-weight: bold; \">Features and Benefits:</span></span>\r\n<span style=\"font-weight: bold; \">Broad endpoint visibility</span>\r\nFortiClient Fabric Agent integrates endpoints into the Security Fabric and provides endpoint telemetry, including user identity, protection status, risk scores, unpatched vulnerabilities, security events, and more.\r\n<span style=\"font-weight: bold; \">Endpoint compliance and vulnerability management</span>\r\nReduce the endpoint attack surface and manage endpoint-borne risk.\r\nVulnerability scanning with flexible patching options. Detect and enforce endpoint compliance.\r\n<span style=\"font-weight: bold; \">Proactive endpoint defense</span>\r\nAnti-exploit, sandbox integration, and behavior and pattern-based malware detection proactively detect and block malware, malicious scripts, document-based, and other advanced attacks.\r\n<span style=\"font-weight: bold; \">Automated threat containment</span>\r\nIntegration with the Security Fabric enables automated response. Mitigate unpatched vulnerabilities, alert users, and quarantine risky or compromised endpoints to stem an outbreak.\r\n<span style=\"font-weight: bold; \">Secure remote access</span>\r\nReliable, simple, and secure remote access with built-in, always-on VPN, with the added security of two-factor authentication, plus single-sign-on capabilities.\r\n<span style=\"font-weight: bold;\">Easy to deploy and manage</span>\r\nEasy to deploy and manage Modular and light-weight endpoint agents are centrally managed with the Enterprise Manager Server (EMS).\r\nFabric Agent is compatible with Fabric-Ready endpoint security solutions.","shortDescription":"FortiClient is Next-Generation Endpoint Protection.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":11,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"FortiNet FortiClient","keywords":"","description":"Endpoints are frequently the target of initial compromise or attacks. One recent study found that 30% of breaches involved malware being installed on endpoints. <span style=\"font-weight: bold; \">FortiClient</span> strengthens endpoint security through integrat","og:title":"FortiNet FortiClient","og:description":"Endpoints are frequently the target of initial compromise or attacks. One recent study found that 30% of breaches involved malware being installed on endpoints. <span style=\"font-weight: bold; \">FortiClient</span> strengthens endpoint security through integrat","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png"},"eventUrl":"","translationId":3604,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3480,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/FortiNAC.png","logo":true,"scheme":false,"title":"FortiNet FortiNAC","vendorVerified":0,"rating":"0.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":21,"alias":"fortinet-fortinac","companyTitle":"Fortinet","companyTypes":["vendor"],"companyId":690,"companyAlias":"fortinet","description":"The proliferation of Internet of Things (IoT) devices, has made it necessary for organizations to improve their visibility into what is attached to their networks. They need to know every device and every user accessing their networks. IoT devices enable digital transformation initiatives and improve efficiency, flexibility, and optimization. However, they are inherently untrustworthy, with designs that prioritize low-cost over security. FortiNAC provides the network visibility to see everything connected to the network, as well as the ability to control those devices and users, including dynamic, automated responses.\r\n<span style=\"font-weight: bold; \">FortiNAC Product Details:</span>\r\nThe IoT revolution has raised a new challenge for network owners. How can you see and protect against a myriad of devices showing up on the network? Network Access Control has come back to the forefront of security solutions to address that challenge. This technology was deployed to assist with bring-your-own-device (BYOD) policies and is now getting renewed focus as a means to safely accommodate headless IoT devices in the network. FortiNAC enables three key capabilities to secure IoT devices:\r\n<ul><li>Network visibility to see every device and user as they join the network</li><li>Network control to limit where devices can go on the network</li><li>Automated response to speed the reaction time to events from days to seconds</li></ul>\r\nCollectively, these three capabilities provide the tools that network owners need to secure a world that is embracing IoT. The FortNAC solution protects both wireless and wired networks with a centralized architecture that enables distributed deployments with automated responsiveness.\r\n<span style=\"font-weight: bold;\">FortiNAC Models and Specifications</span>\r\nThe FortiNAC product line includes hardware appliances, virtual machines and licenses. The licenses can run on either the hardware appliance or the virtual machine. Each FortiNAC deployment requires both a Control and Application server. Note that if your deployment is larger than what a single server can support, you can stack servers for more capacity. The FortiNAC solution has no upper limit on the number of concurrent ports it can support. You can find more details here.","shortDescription":"FortiNAC provides the network visibility to see everything connected to the network, as well as the ability to control those devices and users, including dynamic, automated responses.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":9,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"FortiNet FortiNAC","keywords":"","description":"The proliferation of Internet of Things (IoT) devices, has made it necessary for organizations to improve their visibility into what is attached to their networks. They need to know every device and every user accessing their networks. IoT devices enable digit","og:title":"FortiNet FortiNAC","og:description":"The proliferation of Internet of Things (IoT) devices, has made it necessary for organizations to improve their visibility into what is attached to their networks. They need to know every device and every user accessing their networks. IoT devices enable digit","og:image":"https://old.roi4cio.com/fileadmin/user_upload/FortiNAC.png"},"eventUrl":"","translationId":3481,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"},{"id":205,"title":"NAC - Network Access Control","alias":"nac-network-access-control","description":"<span style=\"font-weight: bold; \">Network Access Control (NAC)</span> is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement. NAC solutions have become an extremely valuable tool in recent years, as mobile devices and the Internet of Things (IoT) have surged to prominence in various industries across the world. These new pieces of emerging technology come with their own set of vulnerabilities, which poses a challenge to IT security experts. \r\nNAC systems are put into place to make sure that anyone who enters the system, both in terms of users and devices, is authorized. After being routed the efforts at connection, the network access control system confirms privileges using an identity and access management (IAM, a program that checks users for appropriate permissions to access data materials, as indicated by internal policies). With the information from the IAM, along with a pre-established list of rules, the NAC software is able to smartly accept or deny access requests.\r\nFortunately, NAC products are designed to handle large enterprise networks that have a range of device types trying to connect at all times. Without a NAC in place, companies take on a huge amount of risk by adopting a bring-your-own-device (BYOD) policy, which allows employees and vendors to use their own smartphones and tablets on the local network. Network access control software and hardware require an upfront investment but prove their worth in the long run.","materialsDescription":"<h1 class=\"align-center\"> How a NAC solution works?</h1>\r\nWhen you adopt a network access control solution, the first thing it will do is find all devices currently accessing the system; identify what kind of device they are; and determine whether to validate them and how to treat them using preestablished protocols designed by the company’s security personnel. A network access control system has rules related to a wide spectrum of devices, along with finely grained settings to help you determine permissions. A unified administrative system houses these rules and applies them as needed.\r\nMany companies will utilize NAC as their staff grows and they have an increasing number of devices to manage. These solutions are also helpful for achieving data protection across a variety of different branch locations. The difficulty of securing an organization and managing access has become especially overwhelming in an era when widespread incorporation of IOT devices is becoming more common throughout business; NAC is the fix. The general issue with bring your own device (BYOD), though, is what drew many businesses to this service.\r\n<h1 class=\"align-center\">How to Choose a Network Access Control Solution</h1>\r\nTo help narrow down your search for NAC products, you should first focus on tools that offer native integration with your enterprise’s existing software. You don’t want to have to change your infrastructure or network design in order to bring the NAC solution online. If you are heavily dependent on a cloud architecture, then look for solutions that are fully supported by your hosting provider.\r\nNext, think about what kind of proactive tools come included with the NAC suite. Some vendors offer all-in-one packages that feature a full virus scanning utility and firewall mechanism alongside everything else in the NAC. If your IT security strategy is not very mature, this kind of suite may be very helpful.\r\nOf course, one key factor when looking at NAC options is the price point. Some vendors will sell their products at a flat rate, while others are quickly going the route of Software as a Service (SaaS) subscription, an increasingly-popular business model that requires a monthly payment and ongoing contract. Think about the state of your IT budget while remembering that the upfront investment could save you lots of money down the road.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/NAC_-_Network_Access_Control__1_.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3339,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png","logo":true,"scheme":false,"title":"Fortinet FortiGate SD-WAN","vendorVerified":0,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":21,"alias":"fortinet-fortigate-sd-wan","companyTitle":"Fortinet","companyTypes":["vendor"],"companyId":690,"companyAlias":"fortinet","description":"As the use of business-critical, cloud-based applications and tools continue to increase, distributed organizations with multiple remote offices are switching from performance-inhibited wide-area networks (WANs) to software-defined WAN (SD-WAN) architectures. SD-WAN offers business application steering, cost savings, and performance for Software-as-a-Service (SaaS) applications, as well as unified communication services. However, SD-WAN has its own shortcomings—especially when it comes to security with direct internet access.\r\nFortinet FortiGate Secure SD-WAN includes best-of-breed next-generation firewall (NGFW) security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering. Fortinet has received a “Recommended” rating in the first ever test conducted by NSS Labs for Software-Defined Wide Area Networking. Fortinet was ranked highly for delivering excellent quality of experience for voice and video, high overlay VPN throughput, and best price/performance.\r\n<span style=\"font-weight: bold;\">FortiGate Secure SD-WAN Product Details:</span>\r\n<ul> <li>Best WAN Edge Price/Performance</li> <li>WAN Path Controller with Remediation</li> <li>Fastest Application Identification and Steering</li> <li>Advance Routing Capabilities and WAN Optimization</li> </ul>","shortDescription":"FortiGate Secure SD-WAN includes NGFW security, SD-WAN, advanced routing, and WAN optimization capabilities, delivering a security-driven networking WAN edge transformation in a unified offering.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":20,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiGate SD-WAN","keywords":"","description":"As the use of business-critical, cloud-based applications and tools continue to increase, distributed organizations with multiple remote offices are switching from performance-inhibited wide-area networks (WANs) to software-defined WAN (SD-WAN) architectures. ","og:title":"Fortinet FortiGate SD-WAN","og:description":"As the use of business-critical, cloud-based applications and tools continue to increase, distributed organizations with multiple remote offices are switching from performance-inhibited wide-area networks (WANs) to software-defined WAN (SD-WAN) architectures. ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png"},"eventUrl":"","translationId":3340,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":93,"title":"Software-Defined WAN (SD-WAN)"}],"testingArea":"","categories":[{"id":499,"title":"SDN Software-Defined Network","alias":"sdn-software-defined-network","description":" <span style=\"font-weight: bold; \">Software-defined networking (SDN)</span> technology is an approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring, making it more like cloud computing than traditional network management.\r\nSDN encompasses several types of technologies, including functional separation, network virtualization and automation through programmability. SDN solution is meant to address the fact that the static architecture of traditional networks is decentralized and complex while current networks require more flexibility and easy troubleshooting. \r\nSDN technology attempts to centralize network intelligence in one network component by disassociating the forwarding process of network packets (<span style=\"font-weight: bold; \">data plane</span>) from the routing process (<span style=\"font-weight: bold; \">control plane</span>). The control plane consists of one or more controllers which are considered as the brain of SDN network where the whole intelligence is incorporated. Originally, software defined technology focused solely on separation of the network control plane from the data plane. While the control plane makes decisions about how packets should flow through the network, the data plane actually moves packets from place to place. \r\nIn a classic SDN scenario, a packet arrives at a network switch, and rules built into the switch's proprietary firmware tell the switch where to forward the packet. These packet-handling rules are sent to the switch from the centralized controller. The switch - also known as a <span style=\"font-weight: bold; \">data plane device</span> - queries the controller for guidance as needed, and it provides the controller with information about traffic it handles. The switch sends every packet going to the same destination along the same path and treats all the packets the exact same way.\r\nSoftware defined networking solutions use an operation mode that is sometimes called adaptive or dynamic, in which a switch issues a route request to a controller for a packet that does not have a specific route. This process is separate from adaptive routing, which issues route requests through routers and algorithms based on the network topology, not through a controller.\r\nThe <span style=\"font-weight: bold;\">virtualization</span> aspect of SDN comes into play through a virtual overlay, which is a logically separate network on top of the physical network. Users can implement end-to-end overlays to abstract the underlying network and segment network traffic. This microsegmentation is especially useful for service providers and operators with multi-tenant cloud environments and cloud services, as they can provision a separate virtual network with specific policies for each tenant.","materialsDescription":"<h1 class=\"align-center\">Benefits of Software Defined Networking</h1>\r\nWith SDN software, an <span style=\"font-weight: bold; \">administrator can change any network switch's rules when necessary</span> - prioritizing, deprioritizing or even blocking specific types of packets with a granular level of control and security. This is especially helpful in a cloud computing multi-tenant architecture, because it enables the administrator to manage traffic loads in a flexible and more efficient manner. Essentially, this enables the administrator to use less expensive commodity switches and have more control over network traffic flow than ever before.\r\nOther benefits of SDN are <span style=\"font-weight: bold; \">network management</span> and <span style=\"font-weight: bold; \">end-to-end visibility.</span>A network administrator need only deal with one centralized controller to distribute policies to the connected switches, instead of configuring multiple individual devices. This capability is also a security advantage because the controller can monitor traffic and deploy security policies. If the controller deems traffic suspicious, for example, it can reroute or drop the packets.\r\nSoftware defined networking software also <span style=\"font-weight: bold; \">virtualizes hardware</span> and <span style=\"font-weight: bold; \">services </span>that were previously carried out by dedicated hardware, resulting in the touted benefits of a reduced hardware footprint and lower operational costs.\r\nAdditionally, SDN contributed to the emergence of <span style=\"font-weight: bold; \">software-defined wide area network (SD-WAN)</span> technology. SD-WAN employs the virtual overlay aspect of SDN technology, abstracting an organization's connectivity links throughout its WAN and creating a virtual network that can use whichever connection the controller deems fit to send traffic.\r\n<h1 class=\"align-center\">Are there any SDN security benefits?</h1>\r\nAs security issues become more complex at the edge of the network, it’s no wonder that network and security professionals are looking for new ways to approach network protection. Nowadays, it seems like SDN is going to be the answer. \r\n<ul><li><span style=\"font-weight: bold; \">Centralized Network Control </span></li></ul>\r\nIn a traditional network, devices (router/switches) make their own decisions locally about where and how best to send traffic. In terms of network security, SDN can be used to route data packets through a single firewall and make IDS and IPS data capture more efficient.\r\n<ul><li><span style=\"font-weight: bold; \">Simplify Configuration</span></li></ul>\r\nThe SDN makes it easier to automate configuration and improves the traceability of those configurations. The introduction of SDN network management allows dynamic programming and restructuring of network settings, which reduces the risk of DDoS attacks. It is also worth adding that SDN has automatic quarantine capabilities. \r\n<ul><li><span style=\"font-weight: bold; \">Creation of High-level Network Policies</span></li></ul>\r\n<span style=\"color: rgb(97, 97, 97); \">Rather than physically configuring security solutions, SDN facilitates the central management of security policies to make network operator roles more efficient and flexible. Moreover, SDN helps to move away from current management approaches such as SNMP/CLI and build more effective policy management. </span>\r\n<ul><li><span style=\"font-weight: bold; \"><span style=\"color: rgb(97, 97, 97); \">Easy to use Application Programming Interfaces (APIs)</span></span></li></ul>\r\n<span style=\"color: rgb(97, 97, 97); \">Cloud APIs are interfaces presented by software and play a vital role in SDN controllers and applications. Easy to use APIs help to manage network resources, improve the efficiency of IT resources, and aid integration with IT tools. Additionally, a number of good cloud security practices have been introduced recently. </span>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SDN_Software_Defined_Network.png"},{"id":52,"title":"SaaS - software as a service","alias":"saas-software-as-a-service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png"},{"id":34,"title":"ITSM - IT Service Management","alias":"itsm-it-service-management","description":"<span style=\"font-weight: bold; \">IT service management (ITSM)</span> is the process of designing, delivering, managing, and improving the IT services an organization provides to its end users. ITSM is focused on aligning IT processes and services with business objectives to help an organization grow.\r\nITSM positions IT services as the key means of delivering and obtaining value, where an internal or external IT service provider works with business customers, at the same time taking responsibility for the associated costs and risks. ITSM works across the whole lifecycle of a service, from the original strategy, through design, transition and into live operation.\r\nTo ensure sustainable quality of IT services, ITSM establishes a set of practices, or processes, constituting a service management system. There are industrial, national and international standards for IT service management solutions, setting up requirements and good practices for the management system. \r\nITSM system is based on a set of principles, such as focusing on value and continual improvement. It is not just a set of processes – it is a cultural mindset to ensure that the desired outcome for the business is achieved. \r\n<span style=\"font-weight: bold; \">ITIL (IT Infrastructure Library)</span> is a framework of best practices and recommendations for managing an organization's IT operations and services. IT service management processes, when built based on the ITIL framework, pave the way for better IT service operations management and improved business. To summarize, ITIL is a set of guidelines for effective IT service management best practices. ITIL has evolved beyond the delivery of services to providing end-to-end value delivery. The focus is now on the co-creation of value through service relationships. \r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">ITSM processes typically include five stages, all based on the ITIL framework:</span></p>\r\n<span style=\"font-weight: bold; \">ITSM strategy.</span> This stage forms the foundation or the framework of an organization's ITSM process building. It involves defining the services that the organization will offer, strategically planning processes, and recognizing and developing the required assets to keep processes moving. \r\n<span style=\"font-weight: bold; \">Service design.</span> This stage's main aim is planning and designing the IT services the organization offers to meet business demands. It involves creating and designing new services as well as assessing current services and making relevant improvements.\r\n<span style=\"font-weight: bold; \">Service transition.</span> Once the designs for IT services and their processes have been finalized, it's important to build them and test them out to ensure that processes flow. IT teams need to ensure that the designs don't disrupt services in any way, especially when existing IT service processes are upgraded or redesigned. This calls for change management, evaluation, and risk management. \r\n<span style=\"font-weight: bold; \">Service operation. </span>This phase involves implementing the tried and tested new or modified designs in a live environment. While in this stage, the processes have already been tested and the issues fixed, but new processes are bound to have hiccups—especially when customers start using the services. \r\n<span style=\"font-weight: bold;\">Continual service improvement (CSI).</span> Implementing IT processes successfully shouldn't be the final stage in any organization. There's always room for improvement and new development based on issues that pop up, customer needs and demands, and user feedback.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">Benefits of efficient ITSM processes</h1>\r\nIrrespective of the size of business, every organization is involved in IT service management in some way. ITSM ensures that incidents, service requests, problems, changes, and IT assets—in addition to other aspects of IT services—are managed in a streamlined way.\r\nIT teams in your organization can employ various workflows and best practices in ITSM, as outlined in ITIL. Effective IT service management can have positive effects on an IT organization's overall function.\r\nHere are the 10 key benefits of ITSM:\r\n<ul><li> Lower costs for IT operations</li><li> Higher returns on IT investments</li><li> Minimal service outages</li><li> Ability to establish well-defined, repeatable, and manageable IT processes</li><li> Efficient analysis of IT problems to reduce repeat incidents</li><li> Improved efficiency of IT help desk teams</li><li> Well-defined roles and responsibilities</li><li> Clear expectations on service levels and service availability</li><li> Risk-free implementation of IT changes</li><li> Better transparency into IT processes and services</li></ul>\r\n<h1 class=\"align-center\">How to choose an ITSM tool?</h1>\r\nWith a competent IT service management goal in mind, it's important to invest in a service desk solution that caters to your business needs. It goes without saying, with more than 150 service desk tools to choose from, selecting the right one is easier said than done. Here are a few things to keep in mind when choosing an ITSM products:\r\n<span style=\"font-weight: bold; \">Identify key processes and their dependencies. </span>Based on business goals, decide which key ITSM processes need to be implemented and chart out the integrations that need to be established to achieve those goals. \r\n<span style=\"font-weight: bold; \">Consult with ITSM experts.</span> Participate in business expos, webinars, demos, etc., and educate yourself about the various options that are available in the market. Reports from expert analysts such as Gartner and Forrester are particularly useful as they include reviews of almost every solution, ranked based on multiple criteria.\r\n<span style=\"font-weight: bold; \">Choose a deployment option.</span> Every business has a different IT infrastructure model. Selecting an on-premises or software as a service (SaaS IT service management) tool depends on whether your business prefers to host its applications and data on its own servers or use a public or private cloud.\r\n<span style=\"font-weight: bold; \">Plan ahead for the future.</span> Although it's important to consider the "needs" primarily, you shouldn't rule out the secondary or luxury capabilities. If the ITSM tool doesn't have the potential to adapt to your needs as your organization grows, it can pull you back from progressing. Draw a clear picture of where your business is headed and choose an service ITSM that is flexible and technology-driven.\r\n<span style=\"font-weight: bold;\">Don't stop with the capabilities of the ITSM tool.</span> It might be tempting to assess an ITSM tool based on its capabilities and features but it's important to evaluate the vendor of the tool. A good IT support team, and a vendor that is endorsed for their customer-vendor relationship can take your IT services far. Check Gartner's magic quadrant and other analyst reports, along with product and support reviews to ensure that the said tool provides good customer support.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_ITSM.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3342,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/FortiCASB.png","logo":true,"scheme":false,"title":"Fortinet FortiCASB","vendorVerified":0,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":21,"alias":"fortinet-forticasb","companyTitle":"Fortinet","companyTypes":["vendor"],"companyId":690,"companyAlias":"fortinet","description":"Organizations are increasingly adopting Infrastructure-as-a-Service (IaaS) and Security-as-a-Service (SaaS) services and applications for the agility and savings they offer, but find that they don't have the visibility and control they require. FortiCASB-SaaS is a cloud-native Cloud Access Security Broker (CASB) subscription service that is designed to provide visibility, compliance, data security, and threat protection for cloud-based services being used by an organization.\r\nWith support for all major IaaS providers and most major SaaS service providers, FortiCASB provides insights into resources, users, behaviors, and data stored in the cloud with comprehensive reporting tools. It also includes advanced controls to extend security policies from within the network perimeter to IaaS resources and SaaS applications.\r\n<span style=\"font-weight: bold;\">Features and Benefits:</span>\r\n<span style=\"font-weight: bold;\">API-Based.</span> Direct access to data stored in the cloud for on-network and remote protection.\r\n<span style=\"font-weight: bold;\">Compliance and DLP.</span> Customizable data loss prevention tools and predefined compliance reporting options.\r\n<span style=\"font-weight: bold;\">User Insights and Policies.</span> Usage, entitlement, and configuration assessments provide visibility and control for cloud applications.\r\n<span style=\"font-weight: bold;\">Security Fabric Integration.</span> AV and Sandbox integration scans stored data and protects from the latest threats.\r\n<span style=\"font-weight: bold;\">Shadow IT Discovery.</span> Consolidated reporting for FortiGate and FortiAnalyzer to detect on-network SaaS usage.\r\n<span style=\"font-weight: bold;\">Advanced Analytics.</span> Comprehensive and easy-to-use visual tools quickly identify risks and policy violations.","shortDescription":"FortiCASB is designed to provide visibility, compliance, data security, and threat protection for cloud-based services employed by an organization.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":9,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiCASB","keywords":"","description":"Organizations are increasingly adopting Infrastructure-as-a-Service (IaaS) and Security-as-a-Service (SaaS) services and applications for the agility and savings they offer, but find that they don't have the visibility and control they require. FortiCASB-SaaS ","og:title":"Fortinet FortiCASB","og:description":"Organizations are increasingly adopting Infrastructure-as-a-Service (IaaS) and Security-as-a-Service (SaaS) services and applications for the agility and savings they offer, but find that they don't have the visibility and control they require. FortiCASB-SaaS ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/FortiCASB.png"},"eventUrl":"","translationId":3343,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":95,"title":"Cloud Access Security Broker (CASB)"}],"testingArea":"","categories":[{"id":832,"title":"CASB - Cloud Access Security Broker","alias":"casb-cloud-access-security-broker","description":"A cloud access security broker (CASB) (sometimes pronounced cas-bee) is on-premises or cloud-based software that sits between cloud service users and cloud applications, and monitors all activity and enforces security policies. A CASB can offer a variety of services, including but not limited to monitoring user activity, warning administrators about potentially hazardous actions, enforcing security policy compliance, and automatically preventing malware.\r\nA CASB may deliver security, the management or both. Broadly speaking, "security" is the prevention of high-risk events, whilst "management" is the monitoring and mitigation of high-risk events.\r\nCASBs that deliver security must be in the path of data access, between the user and the cloud. Architecturally, this might be achieved with proxy agents on each end-point device, or in agentless fashion without requiring any configuration on each device. Agentless CASB allows for rapid deployment and delivers security on all devices, company-managed or unmanaged BYOD. Agentless CASB also respects user privacy, inspecting only corporate data. Agent-based CASB is difficult to deploy and effective only on devices that are managed by the corporation. Agent-based CASB typically inspects both corporate and personal data.\r\nCASBs that deliver management may use APIs to inspect data and activity in the cloud to alert of risky events after the fact. Another management capability of a CASB is to inspect firewall or proxy logs for the usage of cloud applications.","materialsDescription":"<span style=\"font-weight: bold;\">What is CASB?</span> A Cloud Access Security Broker (CASB) is a policy enforcement point that secures data & apps in the cloud and on any device, anywhere.\r\n<span style=\"font-weight: bold;\">What is the difference between security and management?</span> Security is preventing risky events from happening, management is cleaning up after high-risk events.\r\n<span style=\"font-weight: bold;\">What is Shadow IT?</span> Cloud applications used by business users without IT oversight, also known as unmanaged apps.\r\n<span style=\"font-weight: bold;\">What are managed apps?</span> Cloud Applications that are managed by IT, e.g.Office 365.\r\n<span style=\"font-weight: bold;\">What are the types of CASB?</span> Three types of Cloud Access Security Broker\r\n<ul><li>a) API-only CASB offer basic management</li><li>b) multi-mode first-gen CASB offer management & security</li><li>c) Next-Gen CASB deliver management, security & Zero-Day protection.</li></ul>\r\n<span style=\"font-weight: bold;\">What is a forward proxy?</span> A proxy where traffic must be forwarded by the end-point Such proxies requires agents and configuration on client devices.\r\n<span style=\"font-weight: bold;\">What is a reverse proxy?</span> A proxy where traffic is automatically routed, requiring no agent or configuration on the end-point.\r\n<span style=\"font-weight: bold;\">What is AJAX-VM?</span> Acronym for "Adaptive Javascript and XML- Virtual Machine." AJAX-VM virtualizes cloud apps on the fly so they can be proxied without agents. Reverse-proxy CASB are brittle without AJAX-VM and break frequently with app changes.\r\n<span style=\"font-weight: bold;\">What are the types of CASB architecture?</span> There are three types of CASB architecture: API-only, forward proxy, and reverse proxy. Some CASB are API-only, others API and forward proxy. Next-Gen CASBs offer all three with AJAX-VM.\r\n<span style=\"font-weight: bold;\">What is CASB encryption?</span> Encryption/decryption of data prior to upload/download to a cloud application.\r\n <span style=\"font-weight: bold;\">What is searchable encryption?</span> An encryption system that combines full encryption with a clear-text index to enable search and sort without compromising encryption strength.\r\n<span style=\"font-weight: bold;\">What is tokenization?</span> Obfuscation by encoding each input string as a unique output string.\r\n<span style=\"font-weight: bold;\">What is agentless MDM?</span> Mobile security for BYOD that does not require agents. Easy to deploy and has no access to personal data or apps, thereby preserving user privacy.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_CASB.png"},{"id":52,"title":"SaaS - software as a service","alias":"saas-software-as-a-service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1606,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png","logo":true,"scheme":false,"title":"Fortinet FortiWeb: Web Application Firewall (WAF)","vendorVerified":0,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"supplierPartnersCount":21,"alias":"fortiweb-web-application-firewall-waf","companyTitle":"Fortinet","companyTypes":["vendor"],"companyId":690,"companyAlias":"fortinet","description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advanced multi-layered and correlated approach, FortiWeb provides complete security for your external and internal web-based applications from the OWASP Top 10 and many other threats. At the heart of FortiWeb are its dual-layer AI-based detection engines that intelligently detect threats with nearly no false positive detections.\r\n<span style=\"font-weight: bold;\">Features and Benefits</span>\r\n<ul> <li>Proven Web Application Protection. FortiWeb protects against all the OWASP Top-10 threats, DDoS attacks and many others to defend your mission critical web-based applications</li> <li>AI-based Threat Detection. In addition to regular signature updates and many other layers of defenses, FortiWeb’s AI-based, dual-layer machine learning engines protect against zero-day attacks</li> <li>Security Fabric Integration. Integration with FortiGate firewalls and FortiSandbox deliver protection from advanced persistent threats</li> <li>Advanced Visual Analytics. FortiWeb’s visual reporting tools provide detailed analyses of attack sources, types and other elements that provide insights not available with other WAF solutions </li> <li>False Positive Mitigation Tools. Advanced tools that minimize the day-to-day management of policies and exception lists to ensure only unwanted traffic is blocked</li> <li>Hardware-based Acceleration. FortiWeb delivers industry-leading protected WAF throughputs and blazing fast secure traffic encryption/decryption</li> </ul>","shortDescription":"FortiWeb is a web application firewall (WAF) that protects hosted applications from attacks that target known and unknown exploits using multi-layered and correlated detection methods.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiWeb: Web Application Firewall (WAF)","keywords":"","description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advan","og:title":"Fortinet FortiWeb: Web Application Firewall (WAF)","og:description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advan","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png"},"eventUrl":"","translationId":1607,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":19,"title":"WAF - Web Application Firewall"}],"testingArea":"","categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":2150,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png","logo":true,"scheme":false,"title":"Fortinet FortiSandbox","vendorVerified":0,"rating":"2.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":21,"alias":"fortinet-fortisandbox","companyTitle":"Fortinet","companyTypes":["vendor"],"companyId":690,"companyAlias":"fortinet","description":"With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown threats.\r\nWhile attack surfaces are becoming more dynamic due to the rise of IoT and cloud-based services, a continuing shortage of cyber security talent is driving organizations to integrate sandboxing with greater controls and a high degree of automation.\r\nToday’s threats are increasingly sophisticated and often bypass traditional malware security by masking their malicious activity. A sandbox augments your security architecture by validating threats in a separate, secure environment. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. It's also a key component of our Advanced Threat Protection solution.\r\n<span style=\"font-weight: bold;\">Features and Benefits:</span>\r\n<span style=\"font-weight: bold;\">Independently top-rated.</span> NSS Labs "Recommended" for breach detection and breach prevention, and ICSA labs certified for advanced threat defense.\r\n<span style=\"font-weight: bold;\">Broad integration.</span> Extends advanced threat protection to your next-generation firewall, web application firewall, secure email gateway, and endpoint protection platform.\r\n<span style=\"font-weight: bold;\">Intelligent automation.</span> Speeds mitigation by sharing real-time updates to disrupt threats at the origin and subsequent immunization across the entire organization and the global community.\r\n<span style=\"font-weight: bold;\">All-in-one.</span> Simplifies deployment and reduces complexity by covering all protocols in a single common sandbox platform.\r\n<span style=\"font-weight: bold;\">Flexible deployment.</span> Available as a physical or virtual appliance on premises, as well as a cloud-based or managed service.\r\n<span style=\"font-weight: bold;\">Open extensibility.</span> Flexible APIs for easy third-party integration and available day-zero integration with Fabric-Ready partners.","shortDescription":"FortiSandbox delivers real-time actionable intelligence through the automation of zero-day, advanced malware detection and mitigation.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":14,"sellingCount":4,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiSandbox","keywords":"","description":"With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown","og:title":"Fortinet FortiSandbox","og:description":"With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png"},"eventUrl":"","translationId":2151,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":73,"title":"Network Sandboxing"}],"testingArea":"","categories":[{"id":826,"title":"Sandbox","alias":"sandbox","description":" In computer security, a "sandbox" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.\r\nIn the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code, without allowing the software to harm the host device.","materialsDescription":" <span style=\"font-weight: bold;\">What is the sandbox?</span>\r\nThe sandbox is like a ''virtual machine'', which runs on the device. It is a section of the device, for which a user account has been set in the system. In this section, programs can be started, data can be collected and services can be provided, which are not available within the system of the router. Inside the sandbox, the environment is like it is inside a Linux PC. The sandbox is an area separate from the router part of the system, which ensures that the router can fulfill its task without interference from the sandbox.\r\n<span style=\"font-weight: bold;\">What is the use of the sandbox?</span>\r\nBesides its actual tasks, the device can fulfill additional tasks via sandbox. Without the sandbox, these tasks would have to be carried out by an additional industrial computer.\r\nNot having to install and run the computer saves space inside the switching cabinet, money, as additional hardware is not required, and energy, which also reduces industrial waste heat. The device establishes the connection into the internet or to the control center. The programs in the sandbox use this connection. The configuration of the connection to the internet or to the control center can be set comfortably via the web interface.\r\n<span style=\"font-weight: bold;\">Which things can you NOT do with the sandbox?</span>\r\nAll the things that do require root permissions on the device.\r\nIt is not possible to execute commands or programs, which require root rights. Examples for such commands or programs are the raw connections (like ICMP - "ping"). This ensures that the device doesn't interfere with its tasks.\r\n<span style=\"font-weight: bold;\">Which hardware interfaces are available in the sandbox?</span>\r\nSerial interface, Ethernet of the LAN connection (4-port-switch), WAN connection depending on the make of the device (LAN, GPRS, EDGE, UMTS, PSTN and ISDN).\r\nVia the web interface, you can assign the serial interface to be used by applications in the sandbox. If assigned to the sandbox, the serial interface is not available for the device. In this case, neither serial-Ethernet-gateway nor the connection of a further, redundant communication device will be possible. The LAN, as well as the WAN connection, can be used in the way they are configured for the device. Network settings can be configured via the web interface and not via the sandbox. Depending on the configuration and the type of the device also the sandbox can communicate in various ways via LAN, GPRS, EDGE, UMTS, PSTN or ISDN.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon-sandbox.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":174,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/FortiGate.jpg","logo":true,"scheme":false,"title":"Fortinet FortiGate NGFW","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"supplierPartnersCount":21,"alias":"fortigate","companyTitle":"Fortinet","companyTypes":["vendor"],"companyId":690,"companyAlias":"fortinet","description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\nFortinet NGFWs reduce cost and complexity by eliminating points products and consolidating industry-leading security capabilities such as secure sockets layer (SSL) inspection including the latest TLS1.3, web filtering, intrusion prevention system (IPS) to provide fully visibility and protect any edge. Fortinet NGFWs uniquely meet the performance needs of hyperscale and hybrid IT architectures, enabling organizations to deliver optimal user experience, and manage security risks for better business continuity.\r\nFortiGate next-generation firewalls inspect traffic at hyperscale as it enters and leaves the network. These inspections happen at unparalleled speed, scale, and performance to ensure that only legitimate traffic is allowed, all without degrading user experience or creating costly downtime.\r\nAs an integral part of the Fortinet Security Fabric, FortiGate NGFWs can communicate within the comprehensive Fortinet security portfolio as well as third-party security solutions in a multivendor environment. FortiGate NGFWs seamlessly integrate with artificial intelligence (AI)-driven FortiGuard and FortiSandbox services to protect against known and zero-day threats and improve operational efficiency through integration with Fabric Management Center.","shortDescription":"FortiGate is a Top-rated security—NSS Labs “Recommended”. Comprehensive security in one, simplified solution. Flexible deployment options fit your unique requirements","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiGate NGFW","keywords":"security, network, your, FortiGate, deployments, small, platform, across","description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\n","og:title":"Fortinet FortiGate NGFW","og:description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\n","og:image":"https://old.roi4cio.com/fileadmin/user_upload/FortiGate.jpg"},"eventUrl":"","translationId":175,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":49,"title":"VPN - Virtual Private Network","alias":"vpn-virtual-private-network","description":"A <span style=\"font-weight: bold; \">virtual private network (VPN)</span> extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g. a laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common though not an inherent part of a VPN connection.\r\nAt its most basic level, VPN tunneling creates a point-to-point connection that cannot be accessed by unauthorized users. To actually create the VPN tunnel, the endpoint device needs to be running a VPN client (software application) locally or in the cloud. The VPN client runs in the background and is not noticeable to the end user unless there are performance issues.\r\nThe performance of a VPN can be affected by a variety of factors, among them the speed of users' internet connections, the types of protocols an internet service provider may use and the type of encryption the VPN uses. In the enterprise, performance can also be affected by poor quality of service (QoS) outside the control of an organization's information technology (IT) department.\r\nConsumers use a virtual private network software to protect their online activity and identity. By using an anonymous VPN service, a user's Internet traffic and data remain encrypted, which prevents eavesdroppers from sniffing Internet activity. Personal VPN services are especially useful when accessing public Wi-Fi hotspots because the public wireless services might not be secure. In addition to public Wi-Fi security, it also provides consumers with uncensored Internet access and can help prevent data theft and unblock websites.\r\nCompanies and organizations will typically use a VPN security to communicate confidentially over a public network and to send voice, video or data. It is also an excellent option for remote workers and organizations with global offices and partners to share data in a private manner.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Types of VPNs</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Remote access VPN</span>. Remote access VPN clients connect to a VPN gateway server on the organization's network. The gateway requires the device to authenticate its identity before granting access to internal network resources such as file servers, printers and intranets. This type of VPN usually relies on either IP Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Site-to-site VPN.</span> In contrast, a site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another location. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier MPLS clouds rather than the public internet as the transport for site-to-site VPNs. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Mobile VPN.</span> In a mobile VPN, a VPN server still sits at the edge of the company network, enabling secure tunneled access by authenticated, authorized VPN clients. Mobile VPN tunnels are not tied to physical IP addresses, however. Instead, each tunnel is bound to a logical IP address. That logical IP address sticks to the mobile device no matter where it may roam.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Hardware</span>. It offer a number of advantages over the software-based VPN. In addition to enhanced security, hardware VPNs can provide load balancing to handle large client loads. Administration is managed through a Web browser interface. A hardware VPN is more expensive than a software VPN. Because of the cost, hardware VPNs are a more realistic option for large businesses than for small businesses or branch offices. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN appliance.</span> A VPN appliance, also known as a VPN gateway appliance, is a network device equipped with enhanced security features. Also known as an SSL (Secure Sockets Layer) VPN appliance, it is in effect a router that provides protection, authorization, authentication and encryption for VPNs.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Dynamic multipoint virtual private network (DMVPN</span>). A dynamic multipoint virtual private network (DMVPN) is a secure network that exchanges data between sites without needing to pass traffic through an organization's headquarter virtual private network (VPN) server or router. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Reconnect.</span> VPN Reconnect is a feature of Windows 7 and Windows Server 2008 R2 that allows a virtual private network connection to remain open during a brief interruption of Internet service. Usually, when a computing device using a VPN connection drops its Internet connection, the end user has to manually reconnect to the VPN. VPN Reconnect keeps the VPN tunnel open for a configurable amount of time so when Internet service is restored, the VPN connection is automatically restored as well. </li></ul>\r\n<p class=\"align-left\"> </p>","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is VPN software?</span></h1>\r\n<span style=\"font-weight: normal;\"></span>VPN software is a tool that allows users to create a secure, encrypted connection over a computer network such as the Internet. The platform was developed to allow for secure access to business applications and other resources.\r\n<header><h1 class=\"align-center\"><span style=\"font-weight: normal;\">How does VPN software work?</span></h1></header>\r\n<p class=\"align-left\">So what does VPN do? Basically, a VPN is a group of computers or networks, which are connected over the Internet. For businesses, VPN services serve as avenues for getting access to networks when they are not physically on the same network. Such a service can also be used to encrypt communications over public networks.</p>\r\n<p class=\"align-left\">VPNs are usually deployed through local installation or by logging on to a service’s website. To give you an idea as to how VPN works, the software allows your computer to basically exchange keys with a remote server, through which all data traffic is encrypted and kept secure, safe from prying eyes. It lets you browse the Internet without the worry of being tracked, monitored and identified without permission. A VPN also helps in accessing blocked sites and in circumventing censorship.</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What are the features of VPN software?</span></h1>\r\n<p class=\"align-left\">There are a variety of ways by which you can determine what VPN suits you. Here are some features of software VPN solutions and buying factors that you should consider:<br /><br /></p>\r\n<ul><li><span style=\"font-weight: bold;\">Privacy</span>: You should know what kind of privacy you really need. Is it for surfing, downloading or simply accessing blocked sites? Best of VPN programs offer one or more of these capabilities.</li><li><span style=\"font-weight: bold;\">Software/features</span>: Platforms should not be limited to ease of use, they should include features such as kill switches and DNS leak prevention tools which provide a further layer of protection.</li><li><span style=\"font-weight: bold;\">Security</span>: One should consider the level of security that a service offers. This can prevent hackers and agencies from accessing your data.</li><li><span style=\"font-weight: bold;\">Cross-platform support</span>: A VPN solution should be able to run on any device. To do this, setup guides for different platforms should be provided by the vendor.</li><li><span style=\"font-weight: bold;\">The number of servers/countries</span>: For these services, the more servers VPN there are, the better the service. This allows users to connect from virtually all over the world. It will also enable them to change their locations at will.</li><li><span style=\"font-weight: bold;\">Speed</span>: It’s common knowledge that using VPN comes with reduction in Internet speed. This is due to the fact that signals need to travel long distances and the demands of the encryption and decryption processes. Choose a service that has minimal impact on Internet speed.</li><li><span style=\"font-weight: bold;\">Simultaneous connections</span>: Many services allow users to use only one device at a time. However, many VPN service providers allow customers to connect multiple devices all at the same time.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VPN_-_Virtual_Private_Network.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1745,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png","logo":true,"scheme":false,"title":"Fortinet FortiMail Secure Email Gateway","vendorVerified":0,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"supplierPartnersCount":21,"alias":"fortinet-fortimail-secure-email-gateway","companyTitle":"Fortinet","companyTypes":["vendor"],"companyId":690,"companyAlias":"fortinet","description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. Gartner asserts that "Advanced threats (such as ransomware and business email compromise) are easily the signature-based and reputation-based prevention mechanisms that a secure email gateway (SEG) has traditionally used." FortiMail Email security utilizes the latest technologies and security services from FortiGuard Labs to deliver consistently top-rated protection from common and advanced threats while integrating robust data protection capabilities to avoid data loss.\r\n<span style=\"font-weight: bold;\">FortiMail Product Details</span>\r\nOrganizations typically select FortiMail email security to shield users, and ultimately data, from a wide range of cyber threats. These include: ever growing volumes of unwanted spam, socially-engineered phishing and business email compromise, accelerating variants of ransomware and other malware, increasingly targeted attacks from adversaries of all kinds, and more. At the same time, FortiMail can be used to protect sensitive data of all types, reducing the risk of inadvertent loss and/or non-compliance with regulations like HIPAA, PCI, GDPR, and more.\r\n<span style=\"font-weight: bold;\">Features and Benefits</span>\r\n<ul> <li>Top-rated Antispam and Antiphishing: Maintain productivity by shielding end users from unwanted spam and malicious phishing attacks</li> <li>Independently certified advanced threat defense: Thwart cyber criminals intent on stealing data, holding systems for ransomware, conducting fraud, and other malicious purposes</li> <li>Integrated data protection: Maintain the privacy of personal information and confidentiality of sensitive data in compliance with regulatory and corporate guidelines</li> <li>Enterprise-class management: Free staff and end users to drive the business by reducing the time spent on email administration </li> <li>High-performance mail handling: Speed the delivery of legitimate email at an affordable cost</li> </ul>","shortDescription":"FortiMail: Secure Email Gateway\r\nStop advanced email threats and prevent data loss","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":14,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiMail Secure Email Gateway","keywords":"","description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. ","og:title":"Fortinet FortiMail Secure Email Gateway","og:description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Fortinet.png"},"eventUrl":"","translationId":1746,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":38,"title":"Secure E-mail Gateway"}],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":6655,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/fortinet.png","logo":true,"scheme":false,"title":"FortiSIEM","vendorVerified":0,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":21,"alias":"fortisiem","companyTitle":"Fortinet","companyTypes":["vendor"],"companyId":690,"companyAlias":"fortinet","description":"<h1 class=\"align-center\">FortiSIEM Delivers Next-Generation SIEM Capabilities</h1>\r\nFortiSIEM brings together visibility, correlation, automated response, and remediation in a single, scalable solution. It reduces the complexity of managing network and security operations to effectively free resources, improve breach detection, and even prevent breaches.\r\nProduct's architecture enables unified data collection and analytics from diverse information sources including logs, performance metrics, security alerts, and configuration changes. FortiSIEM combines the analytics traditionally monitored in separate silos of the security operations center (SOC) and network operations center (NOC) for a more holistic view of the security and availability of the business.\r\nIn addition, FortiSIEM UEBA leverages machine learning and statistical methodologies to baseline normal behavior and incorporate real-time, actionable insights into anomalous user behavior regarding business-critical data. By combining telemetry that is pulled from endpoint sensors, network device flows, server and applications logs, and cloud APIs, FortiSIEM is able to build comprehensive profiles of users, peer groups, endpoints, applications, files, and networks. FortiSIEM UEBA behavioral anomaly detection is a low-overhead but high-fidelity way to gain visibility of end-to-end activity, from endpoints, to on-premises servers and network activity, to cloud applications.","shortDescription":"FortiSIEM - Powerful Security Information and Event Management (SIEM) with User and Entity Behavior Analytics (UEBA)","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"FortiSIEM","keywords":"","description":"<h1 class=\"align-center\">FortiSIEM Delivers Next-Generation SIEM Capabilities</h1>\r\nFortiSIEM brings together visibility, correlation, automated response, and remediation in a single, scalable solution. It reduces the complexity of managing network and securit","og:title":"FortiSIEM","og:description":"<h1 class=\"align-center\">FortiSIEM Delivers Next-Generation SIEM Capabilities</h1>\r\nFortiSIEM brings together visibility, correlation, automated response, and remediation in a single, scalable solution. It reduces the complexity of managing network and securit","og:image":"https://old.roi4cio.com/fileadmin/user_upload/fortinet.png"},"eventUrl":"","translationId":6655,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":144,"title":"SIEM - Security information and event management"}],"testingArea":"","categories":[{"id":45,"title":"SIEM - Security Information and Event Management","alias":"siem-security-information-and-event-management","description":"<span style=\"font-weight: bold; \">Security information and event management (SIEM)</span> is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system. \r\n The underlying principles of every SIEM system is to aggregate relevant data from multiple sources, identify deviations from the norm and take appropriate action. At the most basic level, a SIEM system can be rules-based or employ a statistical correlation engine to establish relationships between event log entries. Advanced SIEM products have evolved to include user and entity behavior analytics (UEBA) and security orchestration and automated response (SOAR). \r\nThe acronyms SEM, SIM and SIEM have sometimes been used interchangeably, but generally refer to the different primary focus of products:\r\n<ul><li><span style=\"font-weight: bold;\">Log management:</span> Focus on simple collection and storage of log messages and audit trails.</li><li><span style=\"font-weight: bold;\">Security information management (SIM):</span> Long-term storage as well as analysis and reporting of log data.</li><li><span style=\"font-weight: bold;\">Security event manager (SEM):</span> Real-time monitoring, correlation of events, notifications and console views.</li><li><span style=\"font-weight: bold;\">Security information event management (SIEM):</span> Combines SIM and SEM and provides real-time analysis of security alerts generated by network hardware and applications.</li><li><span style=\"font-weight: bold;\">Managed Security Service (MSS) or Managed Security Service Provider (MSSP):</span> The most common managed services appear to evolve around connectivity and bandwidth, network monitoring, security, virtualization, and disaster recovery.</li><li><span style=\"font-weight: bold;\">Security as a service (SECaaS):</span> These security services often include authentication, anti-virus, anti-malware/spyware, intrusion detection, Penetration testing and security event management, among others.</li></ul>\r\nToday, most of SIEM technology works by deploying multiple collection agents in a hierarchical manner to gather security-related events from end-user devices, servers, network equipment, as well as specialized security equipment like firewalls, antivirus or intrusion prevention systems. The collectors forward events to a centralized management console where security analysts sift through the noise, connecting the dots and prioritizing security incidents.\r\nSome of the most important features to review when evaluating Security Information and Event Management software are:\r\n<ol><li><span style=\"font-weight: bold; \">Integration with other controls:</span> Can the system give commands to other enterprise security controls to prevent or stop attacks in progress?</li><li><span style=\"font-weight: bold; \">Artificial intelligence:</span> Can the system improve its own accuracy by through machine and deep learning?</li><li><span style=\"font-weight: bold; \">Threat intelligence feeds:</span> Can the system support threat intelligence feeds of the organization's choosing or is it mandated to use a particular feed?</li><li><span style=\"font-weight: bold; \">Robust compliance reporting:</span> Does the system include built-in reports for common compliance needs and the provide the organization with the ability to customize or create new compliance reports?</li><li><span style=\"font-weight: bold; \">Forensics capabilities:</span> Can the system capture additional information about security events by recording the headers and contents of packets of interest? </li></ol>\r\n\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> Why is SIEM Important?</h1>\r\nSIEM has become a core security component of modern organizations. The main reason is that every user or tracker leaves behind a virtual trail in a network’s log data. SIEM software is designed to use this log data in order to generate insight into past attacks and events. A SIEM solution not only identifies that an attack has happened, but allows you to see how and why it happened as well.\r\nAs organizations update and upscale to increasingly complex IT infrastructures, SIEM has become even more important in recent years. Contrary to popular belief, firewalls and antivirus packages are not enough to protect a network in its entirety. Zero-day attacks can still penetrate a system’s defenses even with these security measures in place.\r\nSIEM addresses this problem by detecting attack activity and assessing it against past behavior on the network. A security event monitoring has the ability to distinguish between legitimate use and a malicious attack. This helps to increase a system’s incident protection and avoid damage to systems and virtual property.\r\nThe use of SIEM also helps companies to comply with a variety of industry cyber management regulations. Log management is the industry standard method of auditing activity on an IT network. SIEM management provides the best way to meet this regulatory requirement and provide transparency over logs in order to generate clear insights and improvements.\r\n<h1 class=\"align-center\">Evaluation criteria for security information and event management software:</h1>\r\n<ul><li>Threat identification: Raw log form vs. descriptive.</li><li>Threat tracking: Ability to track through the various events, from source to destination.</li><li>Policy enforcement: Ability to enforce defined polices.</li><li>Application analysis: Ability to analyze application at Layer 7 if necessary.</li><li>Business relevance of events: Ability to assign business risk to events and have weighted threat levels.</li><li>Measuring changes and improvements: Ability to track configuration changes to devices.</li><li>Asset-based information: Ability to gather information on devices on the network.</li><li>Anomalous behavior (server): Ability to trend and see changes in how it communicates to others.</li><li>Anomalous behavior (network): Ability to trend and see how communications pass throughout the network.</li><li>Anomalous behavior (application): Ability to trend and see changes in how it communicates to others.</li><li>User monitoring: User activity, logging in, applications usage, etc.</li></ul>\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SIEM.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"partnershipProgramme":null}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}