{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"},{"id":"ru","name":"Русский"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"company":{"role-vendor":{"_type":"localeString","en":"Vendor","ru":"Производитель"},"role-supplier":{"_type":"localeString","en":"Supplier","ru":"Поставщик"},"products-popover":{"_type":"localeString","de":"die produkte","en":"Products","ru":"Продукты"},"introduction-popover":{"_type":"localeString","en":"introduction","ru":"внедрения"},"partners-popover":{"_type":"localeString","en":"partners","ru":"партнеры"},"update-profile-button":{"_type":"localeString","en":"Update profile","ru":"Обновить профиль"},"read-more-button":{"_type":"localeString","en":"Show more","ru":"Показать ещё"},"hide-button":{"_type":"localeString","en":"Hide","ru":"Скрыть"},"user-implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"categories":{"_type":"localeString","en":"Categories","ru":"Компетенции"},"description":{"_type":"localeString","en":"Description","ru":"Описание"},"role-user":{"_type":"localeString","en":"User","ru":"Пользователь"},"partnership-vendors":{"_type":"localeString","en":"Partnership with vendors","ru":"Партнерство с производителями"},"partnership-suppliers":{"_type":"localeString","en":"Partnership with suppliers","ru":"Партнерство с поставщиками"},"reference-bonus":{"_type":"localeString","en":"Bonus 4 reference","ru":"Бонус за референс"},"partner-status":{"_type":"localeString","en":"Partner status","ru":"Статус партнёра"},"country":{"_type":"localeString","en":"Country","ru":"Страна"},"partner-types":{"_type":"localeString","en":"Partner types","ru":"Типы партнеров"},"branch-popover":{"_type":"localeString","en":"branch","ru":"область деятельности"},"employees-popover":{"_type":"localeString","en":"number of employees","ru":"количество сотрудников"},"partnership-programme":{"_type":"localeString","en":"Partnership program","ru":"Партнерская программа"},"partner-discounts":{"_type":"localeString","en":"Partner discounts","ru":"Партнерские скидки"},"registered-discounts":{"_type":"localeString","en":"Additional benefits for registering a deal","ru":"Дополнительные преимущества за регистрацию сделки"},"additional-advantages":{"_type":"localeString","en":"Additional Benefits","ru":"Дополнительные преимущества"},"additional-requirements":{"_type":"localeString","en":"Partner level requirements","ru":"Требования к уровню партнера"},"certifications":{"_type":"localeString","en":"Certification of technical specialists","ru":"Сертификация технических специалистов"},"sales-plan":{"_type":"localeString","en":"Annual Sales Plan","ru":"Годовой план продаж"},"partners-vendors":{"_type":"localeString","en":"Partners-vendors","ru":"Партнеры-производители"},"partners-suppliers":{"_type":"localeString","en":"Partners-suppliers","ru":"Партнеры-поставщики"},"all-countries":{"_type":"localeString","en":"All countries","ru":"Все страны"},"supplied-products":{"_type":"localeString","en":"Supplied products","ru":"Поставляемые продукты"},"vendored-products":{"_type":"localeString","en":"Produced products","ru":"Производимые продукты"},"vendor-implementations":{"_type":"localeString","en":"Produced deployments","ru":"Производимые внедрения"},"supplier-implementations":{"_type":"localeString","en":"Supplied deployments","ru":"Поставляемые внедрения"},"show-all":{"_type":"localeString","en":"Show all","ru":"Показать все"},"not-yet-converted":{"_type":"localeString","en":"Data is moderated and will be published soon. Please, try again later.","ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время."},"schedule-event":{"_type":"localeString","en":"Events schedule","ru":"Pасписание событий"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"register":{"_type":"localeString","en":"Register","ru":"Регистрация "},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"auth-message":{"_type":"localeString","en":"To view company events please log in or register on the sit.","ru":"Для просмотра ивентов компании авторизируйтесь или зарегистрируйтесь на сайт."}},"header":{"help":{"_type":"localeString","de":"Hilfe","en":"Help","ru":"Помощь"},"how":{"_type":"localeString","de":"Wie funktioniert es","en":"How does it works","ru":"Как это работает"},"login":{"_type":"localeString","de":"Einloggen","en":"Log in","ru":"Вход"},"logout":{"_type":"localeString","en":"logout","ru":"Выйти"},"faq":{"_type":"localeString","de":"FAQ","en":"FAQ","ru":"FAQ"},"references":{"_type":"localeString","de":"References","en":"Requests","ru":"Мои запросы"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find-it-product":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"autoconfigurator":{"_type":"localeString","en":" Price calculator","ru":"Калькулятор цены"},"comparison-matrix":{"_type":"localeString","en":"Comparison Matrix","ru":"Матрица сравнения"},"roi-calculators":{"_type":"localeString","en":"ROI calculators","ru":"ROI калькуляторы"},"b4r":{"_type":"localeString","en":"Bonus for reference","ru":"Бонус за референс"},"business-booster":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"catalogs":{"_type":"localeString","en":"Catalogs","ru":"Каталоги"},"products":{"_type":"localeString","en":"Products","ru":"Продукты"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"companies":{"_type":"localeString","en":"Companies","ru":"Компании"},"categories":{"_type":"localeString","en":"Categories","ru":"Категории"},"for-suppliers":{"_type":"localeString","en":"For suppliers","ru":"Поставщикам"},"blog":{"_type":"localeString","en":"Blog","ru":"Блог"},"agreements":{"_type":"localeString","en":"Deals","ru":"Сделки"},"my-account":{"_type":"localeString","en":"My account","ru":"Мой кабинет"},"register":{"_type":"localeString","en":"Register","ru":"Зарегистрироваться"},"comparison-deletion":{"_type":"localeString","en":"Deletion","ru":"Удаление"},"comparison-confirm":{"_type":"localeString","en":"Are you sure you want to delete","ru":"Подтвердите удаление"},"search-placeholder":{"_type":"localeString","en":"Enter your search term","ru":"Введите поисковый запрос"},"my-profile":{"_type":"localeString","en":"My Profile","ru":"Мои Данные"}},"footer":{"copyright":{"_type":"localeString","de":"Alle rechte vorbehalten","en":"All rights reserved","ru":"Все права защищены"},"company":{"_type":"localeString","de":"Über die Firma","en":"My Company","ru":"О компании"},"about":{"_type":"localeString","de":"Über uns","en":"About us","ru":"О нас"},"infocenter":{"_type":"localeString","de":"Infocenter","en":"Infocenter","ru":"Инфоцентр"},"tariffs":{"_type":"localeString","de":"Tarife","en":"Subscriptions","ru":"Тарифы"},"contact":{"_type":"localeString","de":"Kontaktiere uns","en":"Contact us","ru":"Связаться с нами"},"marketplace":{"_type":"localeString","de":"Marketplace","en":"Marketplace","ru":"Marketplace"},"products":{"_type":"localeString","de":"Produkte","en":"Products","ru":"Продукты"},"compare":{"_type":"localeString","de":"Wähle und vergleiche","en":"Pick and compare","ru":"Подобрать и сравнить"},"calculate":{"_type":"localeString","de":"Kosten berechnen","en":"Calculate the cost","ru":"Расчитать стоимость"},"get_bonus":{"_type":"localeString","de":"Holen Sie sich einen Rabatt","en":"Bonus for reference","ru":"Бонус за референс"},"salestools":{"_type":"localeString","de":"Salestools","en":"Salestools","ru":"Salestools"},"automatization":{"_type":"localeString","de":"Abwicklungsautomatisierung","en":"Settlement Automation","ru":"Автоматизация расчетов"},"roi_calcs":{"_type":"localeString","de":"ROI-Rechner","en":"ROI calculators","ru":"ROI калькуляторы"},"matrix":{"_type":"localeString","de":"Vergleichsmatrix","en":"Comparison matrix","ru":"Матрица сравнения"},"b4r":{"_type":"localeString","de":"Rebate 4 Reference","en":"Rebate 4 Reference","ru":"Rebate 4 Reference"},"our_social":{"_type":"localeString","de":"Unsere sozialen Netzwerke","en":"Our social networks","ru":"Наши социальные сети"},"subscribe":{"_type":"localeString","de":"Melden Sie sich für den Newsletter an","en":"Subscribe to newsletter","ru":"Подпишитесь на рассылку"},"subscribe_info":{"_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews","ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта"},"policy":{"_type":"localeString","en":"Privacy Policy","ru":"Политика конфиденциальности"},"user_agreement":{"_type":"localeString","en":"Agreement","ru":"Пользовательское соглашение "},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"quote":{"_type":"localeString","en":"Price calculator","ru":"Калькулятор цены"},"boosting":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"4vendors":{"_type":"localeString","en":"4 vendors","ru":"поставщикам"},"blog":{"_type":"localeString","en":"blog","ru":"блог"},"pay4content":{"_type":"localeString","en":"we pay for content","ru":"платим за контент"},"categories":{"_type":"localeString","en":"categories","ru":"категории"},"showForm":{"_type":"localeString","en":"Show form","ru":"Показать форму"},"subscribe__title":{"_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!","ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!"},"subscribe__email-label":{"_type":"localeString","en":"Email","ru":"Email"},"subscribe__name-label":{"_type":"localeString","en":"Name","ru":"Имя"},"subscribe__required-message":{"_type":"localeString","en":"This field is required","ru":"Это поле обязательное"},"subscribe__notify-label":{"_type":"localeString","en":"Yes, please, notify me about news, events and propositions","ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях"},"subscribe__agree-label":{"_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data","ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*"},"subscribe__submit-label":{"_type":"localeString","en":"Subscribe","ru":"Подписаться"},"subscribe__email-message":{"_type":"localeString","en":"Please, enter the valid email","ru":"Пожалуйста, введите корректный адрес электронной почты"},"subscribe__email-placeholder":{"_type":"localeString","en":"username@gmail.com","ru":"username@gmail.com"},"subscribe__name-placeholder":{"_type":"localeString","en":"Last, first name","ru":"Имя Фамилия"},"subscribe__success":{"_type":"localeString","en":"You are successfully subscribed! Check you mailbox.","ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик."},"subscribe__error":{"_type":"localeString","en":"Subscription is unsuccessful. Please, try again later.","ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее."}},"breadcrumbs":{"home":{"_type":"localeString","en":"Home","ru":"Главная"},"companies":{"_type":"localeString","en":"Companies","ru":"Компании"},"products":{"_type":"localeString","en":"Products","ru":"Продукты"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"registration":{"_type":"localeString","en":"Registration","ru":"Регистрация"},"b2b-platform":{"_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ"}},"comment-form":{"title":{"_type":"localeString","en":"Leave comment","ru":"Оставить комментарий"},"firstname":{"_type":"localeString","en":"First name","ru":"Имя"},"lastname":{"_type":"localeString","en":"Last name","ru":"Фамилия"},"company":{"_type":"localeString","en":"Company name","ru":"Компания"},"position":{"_type":"localeString","en":"Position","ru":"Должность"},"actual-cost":{"_type":"localeString","en":"Actual cost","ru":"Фактическая стоимость"},"received-roi":{"_type":"localeString","en":"Received ROI","ru":"Полученный ROI"},"saving-type":{"_type":"localeString","en":"Saving type","ru":"Тип экономии"},"comment":{"_type":"localeString","en":"Comment","ru":"Комментарий"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"_type":"localeString","en":"I agree","ru":"Я согласен"},"terms-of-use":{"_type":"localeString","en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности"},"send":{"_type":"localeString","en":"Send","ru":"Отправить"},"required-message":{"_type":"localeString","en":"{NAME} is required filed","ru":"{NAME} - это обязательное поле"}},"maintenance":{"title":{"_type":"localeString","en":"Site under maintenance","ru":"На сайте проводятся технические работы"},"message":{"_type":"localeString","en":"Thank you for your understanding","ru":"Спасибо за ваше понимание"}}},"translationsStatus":{"company":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"company":{"meta":[{"content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg","name":"og:image"},{"content":"website","name":"og:type"}],"title":{"_type":"localeString","en":"ROI4CIO: Company","ru":"ROI4CIO: Компания"},"translatable_meta":[{"name":"title","translations":{"_type":"localeString","en":"Company","ru":"Компания"}},{"name":"description","translations":{"_type":"localeString","en":"Company description","ru":"Описание компании"}},{"name":"keywords","translations":{"_type":"localeString","en":"Company keywords","ru":"Ключевые слова для компании"}}]}},"pageMetaDataStatus":{"company":"success"}},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{"skrytyi-polzovatel":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[{"id":1,"type":"user"}],"description":"User Information is confidential ","companyTypes":["user"],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[{"id":321,"title":"VMware vSphere® METRO STORAGE CLUSTER (vMSC) для виртуализации вычислительных ресурсов","description":"Специалисты АМТ- ГРУП провели комплексную модернизацию и создали двенадцать новых автоматизированных систем, что позволило повысить эффективность и безопасность функционирования информационной инфраструктуры банка. Выполнена модернизация существующей территориально-распределённой (межфилиальной) сети передачи данных банка, объединяющей головной офис с шестью областными управлениями (филиалами). Выведено из эксплуатации устаревшее и неподдерживаемое оборудование.\r\n\r\nОдной из вновь созданных систем стала система виртуализации вычислительных ресурсов. Система представляет из себя катастрофоустойчивый кластер "vSphere Metro Storage Cluster (vMSC)" на основе ПО от VMware и DataCore, организованный между двумя географически-разнесёнными площадками ЦОД банка. Внедрение системы позволило значительно повысить эффективность использования серверных ресурсов организации, т.к. теперь можно параллельно запускать несколько экземпляров операционных систем с приложениями на каждом сервере с процессорной архитектурой x86/x64. Кроме того, виртуализация вычислительных ресурсов помогла ИТ-подразделению банка ускорить процесс развёртывания бизнес-приложений, повысить их доступность, а также дала возможность автоматизировать многие процессы, в результате чего ИТ-инфраструктура предприятия стала более управляемой и экономичной. Значимым также является и тот факт, что теперь все важные виртуализированные бизнес-приложения банка и относящиеся к ним данные синхронно реплицируются между площадками и могут быть с минимальным простоем (порядка нескольких минут) перезапущены на работоспособной стороне даже в случае полной потери любой из площадок ЦОД банка.\r\n\r\nВажной составной частью модернизированной ИТ-инфраструктуры банка является система резервного копирования и архивирования данных, дающая возможность централизовать все процессы, связанные с хранением и архивацией данных в организации. Внедрённое решение построено на базе ПО от VERITAS - унифицированной платформе, позволяющей организовать многоуровневую непрерывную защиту данных путём создания резервных копий как физических, так и виртуальных систем со значительным ускорением процессов резервирования данных. Для обеспечения максимальной надёжности хранения резервных копий важных данных система выполняет их автоматическое копирование на резервную площадку.\r\n\r\nСпециалистам АМТ-ГРУП также предстояло решить задачу по повышению доступности ИТ-сервисов, снижения затрат на обслуживание, в том числе и за счет автоматизации управления элементами ИТ-инфраструктуры. Для достижения этих целей в проект были включены несколько систем, предназначенных для управления элементами ИТ-инфраструктуры и автоматизации ИТ-процессов. Решение по управлению ИТ-инфраструктурой включает продукты, обеспечивающие управление IP-адресным пространством, сетевым оборудованием, производительностью сетевого оборудования и каналов связи, мониторингом состояния ИТ-сервисов.\r\n\r\nВ качестве платформы по управлению ИТ-процессами был выбран продукт Symantec Service Desk. Запуск системы и автоматизация ключевых ИТ-процессов в системе ServiceDesk в роли автоматизированного средства реагирования на инциденты и устранения неполадок уже сейчас позволяет контролировать работы по облуживанию ИТ-инфраструктуры банка, сократить время закрытия проблем и оптимизировать затраты на поддержание ключевых бизнес-сервисов. Наибольший эффект сокращения расходов по обслуживанию бизнес-систем, а также контроль за их доступностью дает использование комплекса систем управления и мониторинга на базе продукта CA Spectrum. В качестве решения по управлению IP-адресным пространством был выбран продукт Infoblox DDI, позволяющий обеспечить надежную работу базовых сетевых сервисов и содержащим аппаратную систему защиты от всевозможных DNS атак на сервис DNS из сети Интернет.\r\n\r\nПри решении ИТ-задач одним из ключевых для банка является вопрос обеспечения информационной безопасности – защиты обрабатываемой информации и служебной инфраструктуры. В рамках проекта был применен подход Defense-in-depth, внедрены современные средства защиты и практики их использования. Кроме того, существенную роль в проекте имела работа по усовершенствованию процессов и техник эксплуатации ИТ-систем с учетом потребности по обеспечению интеграции с ними решений по защите информации. В результате работ по проекту в банке были существенно улучшены возможности инфраструктуры по контролю и мониторингу, а также активному противодействию вредоносной активности.\r\n\r\nВсе работы, производимые специалистами АМТ-ГРУП, осуществлялись в строгом соответствии с заранее подготовленными планами работ, что позволило выполнить все поставленные задачи без прерывания деятельности подразделений банка. На текущий момент все модернизированные/созданные в рамках проекта системы переданы в опытную эксплуатацию.\r\n\r\nПроведенная комплексная модернизация ИТ-инфраструктуры позволила банку решить задачу повышения уровня зрелости процессов ИТ, привести этот уровень в соответствие с принятыми в финансовой отрасли нормами и требованиями стандарта CoBIT 4.1. В результате выполненных работ банк получил современную ИТ-инфраструктуру, построенную на принципах совместимости, масштабируемости, отказоустойчивости и управляемости.","alias":"vmware-vspherer-metro-storage-cluster-vmsc-dlja-virtualizacii-vychislitelnykh-resursov","roi":0,"seo":{"title":"VMware vSphere® METRO STORAGE CLUSTER (vMSC) для виртуализации вычислительных ресурсов","keywords":"банка, систем, данных, ИТ-инфраструктуры, также, ресурсов, система, управлению","description":"Специалисты АМТ- ГРУП провели комплексную модернизацию и создали двенадцать новых автоматизированных систем, что позволило повысить эффективность и безопасность функционирования информационной инфраструктуры банка. Выполнена модернизация существующей территориально-распределённой (межфилиальной) сети передачи данных банка, объединяющей головной офис с шестью областными управлениями (филиалами). Выведено из эксплуатации устаревшее и неподдерживаемое оборудование.\r\n\r\nОдной из вновь созданных систем стала система виртуализации вычислительных ресурсов. Система представляет из себя катастрофоустойчивый кластер "vSphere Metro Storage Cluster (vMSC)" на основе ПО от VMware и DataCore, организованный между двумя географически-разнесёнными площадками ЦОД банка. Внедрение системы позволило значительно повысить эффективность использования серверных ресурсов организации, т.к. теперь можно параллельно запускать несколько экземпляров операционных систем с приложениями на каждом сервере с процессорной архитектурой x86/x64. Кроме того, виртуализация вычислительных ресурсов помогла ИТ-подразделению банка ускорить процесс развёртывания бизнес-приложений, повысить их доступность, а также дала возможность автоматизировать многие процессы, в результате чего ИТ-инфраструктура предприятия стала более управляемой и экономичной. Значимым также является и тот факт, что теперь все важные виртуализированные бизнес-приложения банка и относящиеся к ним данные синхронно реплицируются между площадками и могут быть с минимальным простоем (порядка нескольких минут) перезапущены на работоспособной стороне даже в случае полной потери любой из площадок ЦОД банка.\r\n\r\nВажной составной частью модернизированной ИТ-инфраструктуры банка является система резервного копирования и архивирования данных, дающая возможность централизовать все процессы, связанные с хранением и архивацией данных в организации. Внедрённое решение построено на базе ПО от VERITAS - унифицированной платформе, позволяющей организовать многоуровневую непрерывную защиту данных путём создания резервных копий как физических, так и виртуальных систем со значительным ускорением процессов резервирования данных. Для обеспечения максимальной надёжности хранения резервных копий важных данных система выполняет их автоматическое копирование на резервную площадку.\r\n\r\nСпециалистам АМТ-ГРУП также предстояло решить задачу по повышению доступности ИТ-сервисов, снижения затрат на обслуживание, в том числе и за счет автоматизации управления элементами ИТ-инфраструктуры. Для достижения этих целей в проект были включены несколько систем, предназначенных для управления элементами ИТ-инфраструктуры и автоматизации ИТ-процессов. Решение по управлению ИТ-инфраструктурой включает продукты, обеспечивающие управление IP-адресным пространством, сетевым оборудованием, производительностью сетевого оборудования и каналов связи, мониторингом состояния ИТ-сервисов.\r\n\r\nВ качестве платформы по управлению ИТ-процессами был выбран продукт Symantec Service Desk. Запуск системы и автоматизация ключевых ИТ-процессов в системе ServiceDesk в роли автоматизированного средства реагирования на инциденты и устранения неполадок уже сейчас позволяет контролировать работы по облуживанию ИТ-инфраструктуры банка, сократить время закрытия проблем и оптимизировать затраты на поддержание ключевых бизнес-сервисов. Наибольший эффект сокращения расходов по обслуживанию бизнес-систем, а также контроль за их доступностью дает использование комплекса систем управления и мониторинга на базе продукта CA Spectrum. В качестве решения по управлению IP-адресным пространством был выбран продукт Infoblox DDI, позволяющий обеспечить надежную работу базовых сетевых сервисов и содержащим аппаратную систему защиты от всевозможных DNS атак на сервис DNS из сети Интернет.\r\n\r\nПри решении ИТ-задач одним из ключевых для банка является вопрос обеспечения информационной безопасности – защиты обрабатываемой информации и служебной инфраструктуры. В рамках проекта был применен подход Defense-in-depth, внедрены современные средства защиты и практики их использования. Кроме того, существенную роль в проекте имела работа по усовершенствованию процессов и техник эксплуатации ИТ-систем с учетом потребности по обеспечению интеграции с ними решений по защите информации. В результате работ по проекту в банке были существенно улучшены возможности инфраструктуры по контролю и мониторингу, а также активному противодействию вредоносной активности.\r\n\r\nВсе работы, производимые специалистами АМТ-ГРУП, осуществлялись в строгом соответствии с заранее подготовленными планами работ, что позволило выполнить все поставленные задачи без прерывания деятельности подразделений банка. На текущий момент все модернизированные/созданные в рамках проекта системы переданы в опытную эксплуатацию.\r\n\r\nПроведенная комплексная модернизация ИТ-инфраструктуры позволила банку решить задачу повышения уровня зрелости процессов ИТ, привести этот уровень в соответствие с принятыми в финансовой отрасли нормами и требованиями стандарта CoBIT 4.1. В результате выполненных работ банк получил современную ИТ-инфраструктуру, построенную на принципах совместимости, масштабируемости, отказоустойчивости и управляемости.","og:title":"VMware vSphere® METRO STORAGE CLUSTER (vMSC) для виртуализации вычислительных ресурсов","og:description":"Специалисты АМТ- ГРУП провели комплексную модернизацию и создали двенадцать новых автоматизированных систем, что позволило повысить эффективность и безопасность функционирования информационной инфраструктуры банка. Выполнена модернизация существующей территориально-распределённой (межфилиальной) сети передачи данных банка, объединяющей головной офис с шестью областными управлениями (филиалами). Выведено из эксплуатации устаревшее и неподдерживаемое оборудование.\r\n\r\nОдной из вновь созданных систем стала система виртуализации вычислительных ресурсов. Система представляет из себя катастрофоустойчивый кластер "vSphere Metro Storage Cluster (vMSC)" на основе ПО от VMware и DataCore, организованный между двумя географически-разнесёнными площадками ЦОД банка. Внедрение системы позволило значительно повысить эффективность использования серверных ресурсов организации, т.к. теперь можно параллельно запускать несколько экземпляров операционных систем с приложениями на каждом сервере с процессорной архитектурой x86/x64. Кроме того, виртуализация вычислительных ресурсов помогла ИТ-подразделению банка ускорить процесс развёртывания бизнес-приложений, повысить их доступность, а также дала возможность автоматизировать многие процессы, в результате чего ИТ-инфраструктура предприятия стала более управляемой и экономичной. Значимым также является и тот факт, что теперь все важные виртуализированные бизнес-приложения банка и относящиеся к ним данные синхронно реплицируются между площадками и могут быть с минимальным простоем (порядка нескольких минут) перезапущены на работоспособной стороне даже в случае полной потери любой из площадок ЦОД банка.\r\n\r\nВажной составной частью модернизированной ИТ-инфраструктуры банка является система резервного копирования и архивирования данных, дающая возможность централизовать все процессы, связанные с хранением и архивацией данных в организации. Внедрённое решение построено на базе ПО от VERITAS - унифицированной платформе, позволяющей организовать многоуровневую непрерывную защиту данных путём создания резервных копий как физических, так и виртуальных систем со значительным ускорением процессов резервирования данных. Для обеспечения максимальной надёжности хранения резервных копий важных данных система выполняет их автоматическое копирование на резервную площадку.\r\n\r\nСпециалистам АМТ-ГРУП также предстояло решить задачу по повышению доступности ИТ-сервисов, снижения затрат на обслуживание, в том числе и за счет автоматизации управления элементами ИТ-инфраструктуры. Для достижения этих целей в проект были включены несколько систем, предназначенных для управления элементами ИТ-инфраструктуры и автоматизации ИТ-процессов. Решение по управлению ИТ-инфраструктурой включает продукты, обеспечивающие управление IP-адресным пространством, сетевым оборудованием, производительностью сетевого оборудования и каналов связи, мониторингом состояния ИТ-сервисов.\r\n\r\nВ качестве платформы по управлению ИТ-процессами был выбран продукт Symantec Service Desk. Запуск системы и автоматизация ключевых ИТ-процессов в системе ServiceDesk в роли автоматизированного средства реагирования на инциденты и устранения неполадок уже сейчас позволяет контролировать работы по облуживанию ИТ-инфраструктуры банка, сократить время закрытия проблем и оптимизировать затраты на поддержание ключевых бизнес-сервисов. Наибольший эффект сокращения расходов по обслуживанию бизнес-систем, а также контроль за их доступностью дает использование комплекса систем управления и мониторинга на базе продукта CA Spectrum. В качестве решения по управлению IP-адресным пространством был выбран продукт Infoblox DDI, позволяющий обеспечить надежную работу базовых сетевых сервисов и содержащим аппаратную систему защиты от всевозможных DNS атак на сервис DNS из сети Интернет.\r\n\r\nПри решении ИТ-задач одним из ключевых для банка является вопрос обеспечения информационной безопасности – защиты обрабатываемой информации и служебной инфраструктуры. В рамках проекта был применен подход Defense-in-depth, внедрены современные средства защиты и практики их использования. Кроме того, существенную роль в проекте имела работа по усовершенствованию процессов и техник эксплуатации ИТ-систем с учетом потребности по обеспечению интеграции с ними решений по защите информации. В результате работ по проекту в банке были существенно улучшены возможности инфраструктуры по контролю и мониторингу, а также активному противодействию вредоносной активности.\r\n\r\nВсе работы, производимые специалистами АМТ-ГРУП, осуществлялись в строгом соответствии с заранее подготовленными планами работ, что позволило выполнить все поставленные задачи без прерывания деятельности подразделений банка. На текущий момент все модернизированные/созданные в рамках проекта системы переданы в опытную эксплуатацию.\r\n\r\nПроведенная комплексная модернизация ИТ-инфраструктуры позволила банку решить задачу повышения уровня зрелости процессов ИТ, привести этот уровень в соответствие с принятыми в финансовой отрасли нормами и требованиями стандарта CoBIT 4.1. В результате выполненных работ банк получил современную ИТ-инфраструктуру, построенную на принципах совместимости, масштабируемости, отказоустойчивости и управляемости."},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":630,"title":"AMT Group Russia","logoURL":"https://roi4cio.com/uploads/roi/company/AMT_Group.gif","alias":"amt-grup-rossija","address":"","roles":[],"description":"Company AMT Group has worked for 21 years at the Russian system integration market. AMT Group as a leading Russian systems integrator holds Technical appraisal, best worldwide practices and effective high-class solutions.\r\nAMT Group specializes in design, implementation and technical support of complex telecommunication, information and information security systems, consulting projects and trainings for customers’ personnel.\r\nAMT Group is partnering with 50 prominent worldwide equipment and software manufactures - Avaya, Cisco, Ericsson, Genesys, HP, IBM, Microsoft, Polycom and many others.\r\nAMT Group has four branch offices in Moscow, Saint-Petersburg, Krasnodar and Minsk(Belorussia).\r\nAMT Group has more than 60 service regional partners with partner network in more than hundred Russian and CIS cities. Company provides multivendor Prototyping Center to launch and test solutions to be implemented in complicated large projects.\r\nNow there are about 400 employees in the company, including 150 design and technical support engineers of different specializations. 13 employees have been qualified as Cisco Certified Internetwork Experts, carrying the top level expertise of networking technologies.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":159,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":1,"vendorImplementationsCount":0,"vendorPartnersCount":8,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://amt.ru/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"AMT Group Russia","keywords":"Group, Russian, employees, design, solutions, more, than, support","description":"Company AMT Group has worked for 21 years at the Russian system integration market. AMT Group as a leading Russian systems integrator holds Technical appraisal, best worldwide practices and effective high-class solutions.\r\nAMT Group specializes in design, implementation and technical support of complex telecommunication, information and information security systems, consulting projects and trainings for customers’ personnel.\r\nAMT Group is partnering with 50 prominent worldwide equipment and software manufactures - Avaya, Cisco, Ericsson, Genesys, HP, IBM, Microsoft, Polycom and many others.\r\nAMT Group has four branch offices in Moscow, Saint-Petersburg, Krasnodar and Minsk(Belorussia).\r\nAMT Group has more than 60 service regional partners with partner network in more than hundred Russian and CIS cities. Company provides multivendor Prototyping Center to launch and test solutions to be implemented in complicated large projects.\r\nNow there are about 400 employees in the company, including 150 design and technical support engineers of different specializations. 13 employees have been qualified as Cisco Certified Internetwork Experts, carrying the top level expertise of networking technologies.","og:title":"AMT Group Russia","og:description":"Company AMT Group has worked for 21 years at the Russian system integration market. AMT Group as a leading Russian systems integrator holds Technical appraisal, best worldwide practices and effective high-class solutions.\r\nAMT Group specializes in design, implementation and technical support of complex telecommunication, information and information security systems, consulting projects and trainings for customers’ personnel.\r\nAMT Group is partnering with 50 prominent worldwide equipment and software manufactures - Avaya, Cisco, Ericsson, Genesys, HP, IBM, Microsoft, Polycom and many others.\r\nAMT Group has four branch offices in Moscow, Saint-Petersburg, Krasnodar and Minsk(Belorussia).\r\nAMT Group has more than 60 service regional partners with partner network in more than hundred Russian and CIS cities. Company provides multivendor Prototyping Center to launch and test solutions to be implemented in complicated large projects.\r\nNow there are about 400 employees in the company, including 150 design and technical support engineers of different specializations. 13 employees have been qualified as Cisco Certified Internetwork Experts, carrying the top level expertise of networking technologies.","og:image":"https://roi4cio.com/uploads/roi/company/AMT_Group.gif"},"eventUrl":""},"vendors":[{"id":2781,"title":"Broadcom (CA Technologies)","logoURL":"https://roi4cio.com/uploads/roi/company/broadcom.jpg","alias":"broadcom-ca-technologies","address":"","roles":[],"description":"Broadcom, formerly known as CA Technologies and Computer Associates International, Inc. and CA, Inc., is an American publicly held corporation headquartered in New York City. It ranks as one of the largest independent software corporations in the world. The company creates systems software (and previously applications software) that runs in mainframe, distributed computing, virtual machine and cloud computing environments.\r\n\r\nThe company had been a provider of anti-virus and Internet security commercial software programs for personal computers during its venture into the business-to-consumer ("B2C") market, today it is primarily known for its business-to-business ("B2B") mainframe and distributed (client/server, etc.) information technology ("IT") infrastructure applications since the spin off of their security products into Total Defense. CA Technologies states that its computer software products are used by "a majority of the Fortune Global 500 companies, government organizations, educational institutions, and thousands of other companies in diverse industries worldwide." CA Technologies is also part of the Clinton Global Initiative.\r\n\r\nSource: https://en.wikipedia.org/wiki/CA_Technologies","companyTypes":[],"products":{},"vendoredProductsCount":5,"suppliedProductsCount":5,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":3,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.broadcom.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Broadcom (CA Technologies)","keywords":"software, Technologies, Global, company, into, applications, that, security","description":"Broadcom, formerly known as CA Technologies and Computer Associates International, Inc. and CA, Inc., is an American publicly held corporation headquartered in New York City. It ranks as one of the largest independent software corporations in the world. The company creates systems software (and previously applications software) that runs in mainframe, distributed computing, virtual machine and cloud computing environments.\r\n\r\nThe company had been a provider of anti-virus and Internet security commercial software programs for personal computers during its venture into the business-to-consumer ("B2C") market, today it is primarily known for its business-to-business ("B2B") mainframe and distributed (client/server, etc.) information technology ("IT") infrastructure applications since the spin off of their security products into Total Defense. CA Technologies states that its computer software products are used by "a majority of the Fortune Global 500 companies, government organizations, educational institutions, and thousands of other companies in diverse industries worldwide." CA Technologies is also part of the Clinton Global Initiative.\r\n\r\nSource: https://en.wikipedia.org/wiki/CA_Technologies","og:title":"Broadcom (CA Technologies)","og:description":"Broadcom, formerly known as CA Technologies and Computer Associates International, Inc. and CA, Inc., is an American publicly held corporation headquartered in New York City. It ranks as one of the largest independent software corporations in the world. The company creates systems software (and previously applications software) that runs in mainframe, distributed computing, virtual machine and cloud computing environments.\r\n\r\nThe company had been a provider of anti-virus and Internet security commercial software programs for personal computers during its venture into the business-to-consumer ("B2C") market, today it is primarily known for its business-to-business ("B2B") mainframe and distributed (client/server, etc.) information technology ("IT") infrastructure applications since the spin off of their security products into Total Defense. CA Technologies states that its computer software products are used by "a majority of the Fortune Global 500 companies, government organizations, educational institutions, and thousands of other companies in diverse industries worldwide." CA Technologies is also part of the Clinton Global Initiative.\r\n\r\nSource: https://en.wikipedia.org/wiki/CA_Technologies","og:image":"https://roi4cio.com/uploads/roi/company/broadcom.jpg"},"eventUrl":""},{"id":168,"title":"VMware","logoURL":"https://roi4cio.com/uploads/roi/company/vmware_logo.png","alias":"vmware","address":"","roles":[],"description":"VMware, Inc. is an American company that provides cloud and virtualization software and services.\r\nVMware, a global leader in cloud infrastructure and business mobility, accelerates our customers’ digital transformation journey by enabling enterprises to master a software-defined approach to business and IT. With VMware solutions, organizations are creating exceptional experiences by mobilizing everything, responding faster to opportunities with modern data and apps hosted across hybrid clouds, and safeguarding customer trust with a defense-in-depth approach to cybersecurity. VMware is a member of the Dell Technologies family of businesses.","companyTypes":[],"products":{},"vendoredProductsCount":24,"suppliedProductsCount":32,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":17,"vendorPartnersCount":3,"supplierPartnersCount":144,"b4r":0,"categories":{},"companyUrl":"www.vmware.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"VMware","keywords":"VMware, business, with, approach, cloud, modern, data, apps","description":"VMware, Inc. is an American company that provides cloud and virtualization software and services.\r\nVMware, a global leader in cloud infrastructure and business mobility, accelerates our customers’ digital transformation journey by enabling enterprises to master a software-defined approach to business and IT. With VMware solutions, organizations are creating exceptional experiences by mobilizing everything, responding faster to opportunities with modern data and apps hosted across hybrid clouds, and safeguarding customer trust with a defense-in-depth approach to cybersecurity. VMware is a member of the Dell Technologies family of businesses.","og:title":"VMware","og:description":"VMware, Inc. is an American company that provides cloud and virtualization software and services.\r\nVMware, a global leader in cloud infrastructure and business mobility, accelerates our customers’ digital transformation journey by enabling enterprises to master a software-defined approach to business and IT. With VMware solutions, organizations are creating exceptional experiences by mobilizing everything, responding faster to opportunities with modern data and apps hosted across hybrid clouds, and safeguarding customer trust with a defense-in-depth approach to cybersecurity. VMware is a member of the Dell Technologies family of businesses.","og:image":"https://roi4cio.com/uploads/roi/company/vmware_logo.png"},"eventUrl":""},{"id":4484,"title":"Veritas","logoURL":"https://roi4cio.com/uploads/roi/company/Veritas.png","alias":"veritas","address":"","roles":[],"description":"Veritas Technologies LLC is an American international data management company headquartered in Mountain View, California. The company has its origins in Tolerant Systems, founded in 1983 and later renamed Veritas Software. It specializes in storage management software including the first commercial journaling file system, VxFS, VxVM, VCS, the personal/small office backup software Backup Exec and the enterprise backup software, NetBackup. Veritas Record Now was an early CD recording software.\r\nPrior to merging with Symantec in 2004, Veritas was listed on the S&P 500 and the NASDAQ-100 under the VRTS ticker symbol. Following its merger, the Veritas brand was replaced by that of Symantec.\r\nIn 2014, Symantec announced that it would demerge its information management business as Veritas Technologies LLC, in order to focus on security. It was purchased as part of the demerger by the private equity firm The Carlyle Group for $8 billion in cash.\r\nSource: https://en.wikipedia.org/wiki/Veritas_Technologies","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":2,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://www.veritas.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Veritas","keywords":"","description":"Veritas Technologies LLC is an American international data management company headquartered in Mountain View, California. The company has its origins in Tolerant Systems, founded in 1983 and later renamed Veritas Software. It specializes in storage management software including the first commercial journaling file system, VxFS, VxVM, VCS, the personal/small office backup software Backup Exec and the enterprise backup software, NetBackup. Veritas Record Now was an early CD recording software.\r\nPrior to merging with Symantec in 2004, Veritas was listed on the S&P 500 and the NASDAQ-100 under the VRTS ticker symbol. Following its merger, the Veritas brand was replaced by that of Symantec.\r\nIn 2014, Symantec announced that it would demerge its information management business as Veritas Technologies LLC, in order to focus on security. It was purchased as part of the demerger by the private equity firm The Carlyle Group for $8 billion in cash.\r\nSource: https://en.wikipedia.org/wiki/Veritas_Technologies","og:title":"Veritas","og:description":"Veritas Technologies LLC is an American international data management company headquartered in Mountain View, California. The company has its origins in Tolerant Systems, founded in 1983 and later renamed Veritas Software. It specializes in storage management software including the first commercial journaling file system, VxFS, VxVM, VCS, the personal/small office backup software Backup Exec and the enterprise backup software, NetBackup. Veritas Record Now was an early CD recording software.\r\nPrior to merging with Symantec in 2004, Veritas was listed on the S&P 500 and the NASDAQ-100 under the VRTS ticker symbol. Following its merger, the Veritas brand was replaced by that of Symantec.\r\nIn 2014, Symantec announced that it would demerge its information management business as Veritas Technologies LLC, in order to focus on security. It was purchased as part of the demerger by the private equity firm The Carlyle Group for $8 billion in cash.\r\nSource: https://en.wikipedia.org/wiki/Veritas_Technologies","og:image":"https://roi4cio.com/uploads/roi/company/Veritas.png"},"eventUrl":""}],"products":[{"id":399,"logo":false,"scheme":false,"title":"CA Spectrum","vendorVerified":0,"rating":"1.00","implementationsCount":2,"suppliersCount":0,"alias":"ca-spectrum","companyTypes":[],"description":"CA Spectrum can enable your organization to discover, optimize and improve its infrastructure and the business services running on top of it.\r\n\r\nBy delivering large-enterprise scalability, robust features and superior root cause analysis, this solution can help your organization effectively manage its dynamic, complex IT infrastructure—including physical, virtual and cloud environments as well as network virtualization. The improved architecture of CA Spectrum reduces time and cost associated with the administration of multiple management consoles by supporting tens of thousands of devices and millions of models—increasing scalability while simplifying staff management.\r\n\r\nCA Spectrum can help your organization improve network service levels. And by integrating automated fault management, fault isolation, proactive change management and root cause analysis into a single platform, this solution can help reduce fault monitoring costs as well. This solution automates fault management across multi-vendor and multi-technology infrastructures, tailoring information views and management capabilities to meet the needs of a broad range of technical and non-technical users.\r\n\r\nCA Spectrum. Real results, right now.\r\n\r\nAccelerate issue resolution.\r\nLeverage automated discovery, event correlation and root cause analysis capabilities that improve MTTR.\r\nBoost service levels.\r\nImprove system availability and performance by minimizing erroneous changes.\r\nSpeed innovation.\r\nCapitalize on innovative technologies and approaches, such as cloud and virtualization, while using a single management platform.","shortDescription":"CA Spectrum - Ensure high performance and continuous availability with superior root cause analysis.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":5,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"CA Spectrum","keywords":"management, Spectrum, fault, solution, your, help, organization, cause","description":"CA Spectrum can enable your organization to discover, optimize and improve its infrastructure and the business services running on top of it.\r\n\r\nBy delivering large-enterprise scalability, robust features and superior root cause analysis, this solution can help your organization effectively manage its dynamic, complex IT infrastructure—including physical, virtual and cloud environments as well as network virtualization. The improved architecture of CA Spectrum reduces time and cost associated with the administration of multiple management consoles by supporting tens of thousands of devices and millions of models—increasing scalability while simplifying staff management.\r\n\r\nCA Spectrum can help your organization improve network service levels. And by integrating automated fault management, fault isolation, proactive change management and root cause analysis into a single platform, this solution can help reduce fault monitoring costs as well. This solution automates fault management across multi-vendor and multi-technology infrastructures, tailoring information views and management capabilities to meet the needs of a broad range of technical and non-technical users.\r\n\r\nCA Spectrum. Real results, right now.\r\n\r\nAccelerate issue resolution.\r\nLeverage automated discovery, event correlation and root cause analysis capabilities that improve MTTR.\r\nBoost service levels.\r\nImprove system availability and performance by minimizing erroneous changes.\r\nSpeed innovation.\r\nCapitalize on innovative technologies and approaches, such as cloud and virtualization, while using a single management platform.","og:title":"CA Spectrum","og:description":"CA Spectrum can enable your organization to discover, optimize and improve its infrastructure and the business services running on top of it.\r\n\r\nBy delivering large-enterprise scalability, robust features and superior root cause analysis, this solution can help your organization effectively manage its dynamic, complex IT infrastructure—including physical, virtual and cloud environments as well as network virtualization. The improved architecture of CA Spectrum reduces time and cost associated with the administration of multiple management consoles by supporting tens of thousands of devices and millions of models—increasing scalability while simplifying staff management.\r\n\r\nCA Spectrum can help your organization improve network service levels. And by integrating automated fault management, fault isolation, proactive change management and root cause analysis into a single platform, this solution can help reduce fault monitoring costs as well. This solution automates fault management across multi-vendor and multi-technology infrastructures, tailoring information views and management capabilities to meet the needs of a broad range of technical and non-technical users.\r\n\r\nCA Spectrum. Real results, right now.\r\n\r\nAccelerate issue resolution.\r\nLeverage automated discovery, event correlation and root cause analysis capabilities that improve MTTR.\r\nBoost service levels.\r\nImprove system availability and performance by minimizing erroneous changes.\r\nSpeed innovation.\r\nCapitalize on innovative technologies and approaches, such as cloud and virtualization, while using a single management platform."},"eventUrl":"","translationId":400,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":331,"title":"Network Management Software","alias":"network-management-software","description":" <span style=\"font-weight: bold; \">Network management software</span> is software that is used to provision, discover, monitor and maintain computer networks. \r\nWith the expansion of the world wide web and the Internet, computer networks have become very large and complex, making them impossible to manage manually. In response, a suite of network management software was developed to help reduce the burden of managing the growing complexity of computer networks. \r\nNetwork management software usually collects information about network devices (which are called Nodes) using protocols like SNMP, ICMP, CDP etc. This information is then presented to network administrators in an easy to understand and accessible manner to help them quickly identify and remediate problems. \r\nSome advanced network control software may rectify network problems automatically. Network management program may also help with tasks involved in provisioning new networks, such as installing and configuring new network nodes etc. Network management tools may also help with maintenance of existing networks like upgrading software on existing network devices, creating new virtual networks etc. \r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Functions</span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Provisioning:</span> Enables network managers to provision new network devices in an environment. Automating this step reduces cost and eliminates chances of human error.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Mapping or Discovery:</span> Enables the software to discover the features of a target network. Some features that are usually discovered are: the nodes in a network, the connectivity between these nodes, the vendor types, the performance characteristics etc.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Monitoring:</span> Enables the network management system to monitor the network for problems and to suggest improvements. The software may poll the devices periodically or register itself to receive alerts from network devices. One mechanism for network devices to volunteer information about itself is by sending an SNMP Trap. Monitoring can reveal faults in the network such as failed or misconfigured nodes, performance bottlenecks, intrusions etc.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Configuration management:</span> Enables the software to ensure that the network configuration is as desired and there is no configuration drift.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Regulatory compliance:</span> Enables the network management system software to ensure that the network meets the regulatory standards and complies with applicable laws.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Change control:</span> Enables the software to ensure that the network changes are enacted in a controlled and coordinated manner. Change control can enable audit trails which has applications during a forensic investigation after a network intrusion.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Software Asset Management:</span>Provides software deployment and patch management.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cybersecurity: </span>Enabled the software to use all the data gathered from the nodes to identify security risks in an IT environment.</p>","materialsDescription":"<h1 class=\"align-center\">What does Network Inventory Management system mean?</h1>\r\nNetwork inventory management is the process of keeping records of all the IT or network assets that make up the network.\r\nIt enables network administrators/businesses to have a physical record of all IT and network equipment within the organization.\r\nNetwork inventory management is generally performed to through IT asset tracking software that scans, compiles and records data about each device/node over a network.\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Network inventory management software may include:</span></p>\r\n<ul><li>Number of routers, their make, type and place of installation, serial number</li><li>IP addresses of all devices/nodes, IP addressing scheme used</li><li>Number and type of software along with license keys and expiry dates</li></ul>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">This data helps businesses with:</span></p>\r\n<ul><li>Network size estimation</li><li>Network capacity planning</li><li>Network cost/ROI estimation</li><li>Physical network administration (to deal with device/equipment loss and theft)</li></ul>\r\n<h1 class=\"align-center\">What is SNMP Management Software?</h1>\r\n<span style=\"font-weight: bold; \">SNMP (Simple Network Management Protocol) management software</span> is an application or program used to manage and monitor many network devices – such as servers, printers, hubs, switches, and routers – that are SNMP-aware and which an SNMP agent software can poll and receive alert traps when needed.\r\nSNMP network management software is currently considered the best choice by professionals for IP (Internet Protocol) network management, and as a result, SNMP is widely supported and featured in many hardware devices and network management software packages. \r\nSNMP software is designed to be able to be deployed on a large number of network devices, to have minimal impact and transport requirements on the managed nodes and to continue working when most other network applications fail.\r\n\r\n","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Network_Management_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1102,"logo":false,"scheme":false,"title":"VMware vSphere® Metro Storage Cluster (vMSC)","vendorVerified":0,"rating":"2.40","implementationsCount":1,"suppliersCount":0,"alias":"vmware-vspherer-metro-storage-cluster-vmsc","companyTypes":[],"description":"VMware vSphere® Metro Storage Cluster (vMSC) is a specific configuration within the VMware Hardware\r\nCompatibility List (HCL). These configurations are commonly referred to as stretched storage clusters or metro storage clusters and are implemented in environments where disaster and downtime avoidance is a key requirement. This best practices document was developed to provide additional insight and information for operation of a vMSC infrastructure in conjunction with VMware vSphere. This paper explains how vSphere handles specific failure scenarios, and it discusses various design considerations and operational procedures.\r\nvMSC infrastructures are implemented with a goal of reaping the same benefits that high-availability clusters provide to a local site, in a geographically dispersed model with two data centers in different locations.\r\nA vMSC infrastructure is essentially a stretched cluster. The architecture is built on the premise of extending what is defined as “local” in terms of network and storage to enable these subsystems to span geographies, presenting a single and common base infrastructure set of resources to the vSphere cluster at both sites.\r\nIt in essence stretches storage and the network between sites.\r\nThe primary benefit of a stretched cluster model is that it enables fully active and workload-balanced data centers to be used to their full potential while gaining the capability to migrate virtual machines (VMs) with VMware vSphere vMotion®, and VMware vSphere Storage vMotion®, between sites to enable on-demand and nonintrusive mobility of workloads. The capability of a stretched cluster to provide this active balancing of resources should always be the primary design and implementation goal. Although often associated with disaster recovery, vMSC infrastructures are not recommended as primary solutions for pure disaster recovery.\r\n<span style=\"font-weight: bold;\">Stretched cluster solutions offer the following benefits:</span>\r\n•<span style=\"white-space:pre\">\t</span>Workload mobility\r\n•<span style=\"white-space:pre\">\t</span>Cross-site automated load balancing\r\n•<span style=\"white-space:pre\">\t</span>Enhanced downtime avoidance\r\n•<span style=\"white-space:pre\">\t</span>Disaster avoidance\r\n<span style=\"font-weight: bold;\">Technical Requirements and Constraints</span>\r\n•<span style=\"white-space:pre\">\t</span>Storage connectivity using Fibre Channel, iSCSI, NFS, and FCoE is supported.\r\n•<span style=\"white-space:pre\">\t</span>The maximum supported network latency between sites for the VMware ESXi™ management networks is 10ms round-trip time (RTT).\r\n•<span style=\"white-space:pre\">\t</span>vSphere vMotion, and vSphere Storage vMotion, supports a maximum of 150ms latency as of vSphere 6.0, but this is not intended for stretched clustering usage.\r\n•<span style=\"white-space:pre\">\t</span>The maximum supported latency for synchronous storage replication links is 10ms RTT. Refer to documentation from the storage vendor because the maximum tolerated latency is lower in most cases.\r\nThe most commonly supported maximum RTT is 5ms.\r\n•<span style=\"white-space:pre\">\t</span>The ESXi vSphere vMotion network has a redundant network link minimum of 250Mbps.\r\nThe storage requirements are slightly more complex. A vSphere Metro Storage Cluster requires what is in effect a single storage subsystem that spans both sites. In this design, a given datastore must be accessible—that is, be able to be read and be written to—simultaneously from both sites. Further, when problems occur, the ESXi hosts must be able to continue to access datastores from either array transparently and with no impact to ongoing storage operations.\r\nThis precludes traditional synchronous replication solutions because they create a primary–secondary\r\nrelationship between the active (primary) LUN where data is being accessed and the secondary LUN that is receiving replication. To access the secondary LUN, replication is stopped, or reversed, and the LUN is made visible to hosts. This “promoted” secondary LUN has a completely different LUN ID and is essentially a newly available copy of a former primary LUN. This type of solution works for traditional disaster recovery–type configurations because it is expected that VMs must be started up on the secondary site. The vMSC configuration requires simultaneous, uninterrupted access to enable live migration of running VMs between sites.\r\nThe storage subsystem for a vMSC must be able to be read from and write to both locations simultaneously.\r\nAll disk writes are committed synchronously at both locations to ensure that data is always consistent regardless of the location from which it is being read. This storage architecture requires significant bandwidth and very low latency between the sites in the cluster. Increased distances or latencies cause delays in writing to disk and a dramatic decline in performance. They also preclude successful vMotion migration between cluster nodes that reside in different locations. \r\n","shortDescription":"A VMware vSphere Metro Storage Cluster configuration is a vSphere certified solution that combines replication with array-based clustering. These solutions are typically deployed in environments where the distance between data centers is limited, often metropolitan or campus environments.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":3,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware vSphere® Metro Storage Cluster (vMSC)","keywords":"storage, vSphere, vMSC, sites, cluster, that, between, VMware","description":"VMware vSphere® Metro Storage Cluster (vMSC) is a specific configuration within the VMware Hardware\r\nCompatibility List (HCL). These configurations are commonly referred to as stretched storage clusters or metro storage clusters and are implemented in environments where disaster and downtime avoidance is a key requirement. This best practices document was developed to provide additional insight and information for operation of a vMSC infrastructure in conjunction with VMware vSphere. This paper explains how vSphere handles specific failure scenarios, and it discusses various design considerations and operational procedures.\r\nvMSC infrastructures are implemented with a goal of reaping the same benefits that high-availability clusters provide to a local site, in a geographically dispersed model with two data centers in different locations.\r\nA vMSC infrastructure is essentially a stretched cluster. The architecture is built on the premise of extending what is defined as “local” in terms of network and storage to enable these subsystems to span geographies, presenting a single and common base infrastructure set of resources to the vSphere cluster at both sites.\r\nIt in essence stretches storage and the network between sites.\r\nThe primary benefit of a stretched cluster model is that it enables fully active and workload-balanced data centers to be used to their full potential while gaining the capability to migrate virtual machines (VMs) with VMware vSphere vMotion®, and VMware vSphere Storage vMotion®, between sites to enable on-demand and nonintrusive mobility of workloads. The capability of a stretched cluster to provide this active balancing of resources should always be the primary design and implementation goal. Although often associated with disaster recovery, vMSC infrastructures are not recommended as primary solutions for pure disaster recovery.\r\n<span style=\"font-weight: bold;\">Stretched cluster solutions offer the following benefits:</span>\r\n•<span style=\"white-space:pre\">\t</span>Workload mobility\r\n•<span style=\"white-space:pre\">\t</span>Cross-site automated load balancing\r\n•<span style=\"white-space:pre\">\t</span>Enhanced downtime avoidance\r\n•<span style=\"white-space:pre\">\t</span>Disaster avoidance\r\n<span style=\"font-weight: bold;\">Technical Requirements and Constraints</span>\r\n•<span style=\"white-space:pre\">\t</span>Storage connectivity using Fibre Channel, iSCSI, NFS, and FCoE is supported.\r\n•<span style=\"white-space:pre\">\t</span>The maximum supported network latency between sites for the VMware ESXi™ management networks is 10ms round-trip time (RTT).\r\n•<span style=\"white-space:pre\">\t</span>vSphere vMotion, and vSphere Storage vMotion, supports a maximum of 150ms latency as of vSphere 6.0, but this is not intended for stretched clustering usage.\r\n•<span style=\"white-space:pre\">\t</span>The maximum supported latency for synchronous storage replication links is 10ms RTT. Refer to documentation from the storage vendor because the maximum tolerated latency is lower in most cases.\r\nThe most commonly supported maximum RTT is 5ms.\r\n•<span style=\"white-space:pre\">\t</span>The ESXi vSphere vMotion network has a redundant network link minimum of 250Mbps.\r\nThe storage requirements are slightly more complex. A vSphere Metro Storage Cluster requires what is in effect a single storage subsystem that spans both sites. In this design, a given datastore must be accessible—that is, be able to be read and be written to—simultaneously from both sites. Further, when problems occur, the ESXi hosts must be able to continue to access datastores from either array transparently and with no impact to ongoing storage operations.\r\nThis precludes traditional synchronous replication solutions because they create a primary–secondary\r\nrelationship between the active (primary) LUN where data is being accessed and the secondary LUN that is receiving replication. To access the secondary LUN, replication is stopped, or reversed, and the LUN is made visible to hosts. This “promoted” secondary LUN has a completely different LUN ID and is essentially a newly available copy of a former primary LUN. This type of solution works for traditional disaster recovery–type configurations because it is expected that VMs must be started up on the secondary site. The vMSC configuration requires simultaneous, uninterrupted access to enable live migration of running VMs between sites.\r\nThe storage subsystem for a vMSC must be able to be read from and write to both locations simultaneously.\r\nAll disk writes are committed synchronously at both locations to ensure that data is always consistent regardless of the location from which it is being read. This storage architecture requires significant bandwidth and very low latency between the sites in the cluster. Increased distances or latencies cause delays in writing to disk and a dramatic decline in performance. They also preclude successful vMotion migration between cluster nodes that reside in different locations. \r\n","og:title":"VMware vSphere® Metro Storage Cluster (vMSC)","og:description":"VMware vSphere® Metro Storage Cluster (vMSC) is a specific configuration within the VMware Hardware\r\nCompatibility List (HCL). These configurations are commonly referred to as stretched storage clusters or metro storage clusters and are implemented in environments where disaster and downtime avoidance is a key requirement. This best practices document was developed to provide additional insight and information for operation of a vMSC infrastructure in conjunction with VMware vSphere. This paper explains how vSphere handles specific failure scenarios, and it discusses various design considerations and operational procedures.\r\nvMSC infrastructures are implemented with a goal of reaping the same benefits that high-availability clusters provide to a local site, in a geographically dispersed model with two data centers in different locations.\r\nA vMSC infrastructure is essentially a stretched cluster. The architecture is built on the premise of extending what is defined as “local” in terms of network and storage to enable these subsystems to span geographies, presenting a single and common base infrastructure set of resources to the vSphere cluster at both sites.\r\nIt in essence stretches storage and the network between sites.\r\nThe primary benefit of a stretched cluster model is that it enables fully active and workload-balanced data centers to be used to their full potential while gaining the capability to migrate virtual machines (VMs) with VMware vSphere vMotion®, and VMware vSphere Storage vMotion®, between sites to enable on-demand and nonintrusive mobility of workloads. The capability of a stretched cluster to provide this active balancing of resources should always be the primary design and implementation goal. Although often associated with disaster recovery, vMSC infrastructures are not recommended as primary solutions for pure disaster recovery.\r\n<span style=\"font-weight: bold;\">Stretched cluster solutions offer the following benefits:</span>\r\n•<span style=\"white-space:pre\">\t</span>Workload mobility\r\n•<span style=\"white-space:pre\">\t</span>Cross-site automated load balancing\r\n•<span style=\"white-space:pre\">\t</span>Enhanced downtime avoidance\r\n•<span style=\"white-space:pre\">\t</span>Disaster avoidance\r\n<span style=\"font-weight: bold;\">Technical Requirements and Constraints</span>\r\n•<span style=\"white-space:pre\">\t</span>Storage connectivity using Fibre Channel, iSCSI, NFS, and FCoE is supported.\r\n•<span style=\"white-space:pre\">\t</span>The maximum supported network latency between sites for the VMware ESXi™ management networks is 10ms round-trip time (RTT).\r\n•<span style=\"white-space:pre\">\t</span>vSphere vMotion, and vSphere Storage vMotion, supports a maximum of 150ms latency as of vSphere 6.0, but this is not intended for stretched clustering usage.\r\n•<span style=\"white-space:pre\">\t</span>The maximum supported latency for synchronous storage replication links is 10ms RTT. Refer to documentation from the storage vendor because the maximum tolerated latency is lower in most cases.\r\nThe most commonly supported maximum RTT is 5ms.\r\n•<span style=\"white-space:pre\">\t</span>The ESXi vSphere vMotion network has a redundant network link minimum of 250Mbps.\r\nThe storage requirements are slightly more complex. A vSphere Metro Storage Cluster requires what is in effect a single storage subsystem that spans both sites. In this design, a given datastore must be accessible—that is, be able to be read and be written to—simultaneously from both sites. Further, when problems occur, the ESXi hosts must be able to continue to access datastores from either array transparently and with no impact to ongoing storage operations.\r\nThis precludes traditional synchronous replication solutions because they create a primary–secondary\r\nrelationship between the active (primary) LUN where data is being accessed and the secondary LUN that is receiving replication. To access the secondary LUN, replication is stopped, or reversed, and the LUN is made visible to hosts. This “promoted” secondary LUN has a completely different LUN ID and is essentially a newly available copy of a former primary LUN. This type of solution works for traditional disaster recovery–type configurations because it is expected that VMs must be started up on the secondary site. The vMSC configuration requires simultaneous, uninterrupted access to enable live migration of running VMs between sites.\r\nThe storage subsystem for a vMSC must be able to be read from and write to both locations simultaneously.\r\nAll disk writes are committed synchronously at both locations to ensure that data is always consistent regardless of the location from which it is being read. This storage architecture requires significant bandwidth and very low latency between the sites in the cluster. Increased distances or latencies cause delays in writing to disk and a dramatic decline in performance. They also preclude successful vMotion migration between cluster nodes that reside in different locations. \r\n"},"eventUrl":"","translationId":1103,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":299,"title":"Application and User Session Virtualization","alias":"application-and-user-session-virtualization","description":"Application virtualization is a technology that allows you to separate the software from the operating system on which it operates. Fully virtualized software is not installed in the traditional sense, although the end-user at first glance can not see it, because the virtualized software works just as normal. The software in the execution process works just as if it interacted with the operating system directly and with all its resources, but can be isolated or executed in a sandbox with different levels of restriction.\r\nModern operating systems, such as Microsoft Windows and Linux, can include limited software virtualization. For example, Windows 7 has Windows XP mode that allows you to run Windows XP software on Windows 7 without any changes.\r\nUser session virtualization is a newer version of desktop virtualization that works at the operating system level. While normal virtualization of the desktop allows an operating system to be run by virtualizing the hardware of the desktop, RDS and App-V allow for the virtualization of the applications. User session virtualization lies between the two.\r\nA desktop has an operating system loaded on the base hardware. This can be either physical or virtual. The user session virtualization keeps track of all changes to the operating system that a user might make by encapsulating the configuration changes and associating them to the user account. This allows the specific changes to be applied to the underlying operating system without actually changing it. This allows several users to have completely different operating system configurations applied to base operating system installation.\r\nIf you are in a distributed desktop environment and there are local file servers available at each location, you can deploy virtualized user sessions in the form of redirected folders and roaming profiles.","materialsDescription":" <span style=\"font-weight: bold;\">Understanding application virtualization</span>\r\nApplication virtualization technology isolates applications from the underlying operating system and from other applications to increase compatibility and manageability. This application virtualization technology enables applications to be streamed from a centralized location into an isolation environment on the target device where they will execute. The application files, configuration, and settings are copied to the target device and the application execution at run time is controlled by the application virtualization layer. When executed, the application run time believes that it is interfacing directly with the operating system when, in fact, it is interfacing with a virtualization environment that proxies all requests to the operating system.\r\n<span style=\"font-weight: bold;\">Understanding session virtualization</span>\r\nSession virtualization uses application streaming to deliver applications to hosting servers in the datacenter. The Application then connects the user to the server. The application then executes entirely on the server. The user interacts with the application remotely by sending mouse-clicks and keystrokes to the server. The server then responds by sending screen updates back to the user’s device. Whereas application virtualization is limited to Windows-based operating systems, session virtualization allows any user on any operating system to access any application delivered by IT. As a result, the application enables Windows, Mac, Linux, iOS and Android devices to run any applications using session virtualization. Furthermore, session virtualization leverages server-side processing power which liberates IT from the endless cycle of PC hardware refreshes which are typically needed to support application upgrades when using traditional application deployment methods.","iconURL":"https://roi4cio.com/fileadmin/user_upload/Application_and_User_Session_Virtualization__1_.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":2078,"logo":false,"scheme":false,"title":"Veritas Backup Exec","vendorVerified":0,"rating":"1.00","implementationsCount":2,"suppliersCount":0,"alias":"veritas-backup-exec","companyTypes":[],"description":"<p>Veritas Backup Exec is a data protection software product that supports virtual, physical and cloud platforms. Sold by Veritas Technologies LLC, Backup Exec is compatible with most storage devices, including disk, tape and cloud.</p>\r\n<p>The product was previously known as Symantec Backup Exec when Veritas was part of security giant Symantec Corp. Veritas was sold by Symantec in January 2016 to The Carlyle Group private equity firm for $7.4 billion.</p>\r\n<p><span style=\"font-weight: bold;\">Veritas Backup Exec features:</span></p>\r\n<p>Veritas claims more than 2 million Backup Exec customers, mainly in the SMB and midmarket arena.</p>\r\n<p>Key Veritas Backup Exec features include:</p>\r\n<ul>\r\n<li>fast virtual machine (VM) snapshots through integration with Microsoft Volume Shadow Copy Service (Microsoft VSS);</li>\r\n<li>instant recovery of VMware and Hyper-V VMs;</li>\r\n<li>integrated global deduplication and changed block tracking;</li>\r\n<li>integrated bare-metal, physical-to-virtual and virtual-to-physical recovery;</li>\r\n<li>the ability to protect thousands of VMs from a single user console.</li>\r\n</ul>\r\n<p>Backup Exec 15 features support for VMware ESXi 6 and vCenter 6, VMware Virtual SAN 6 and Virtual Volumes. Backup Exec 15 also offered enhanced VM capabilities with support for SAN restores and VMs with volumes of more than 2 terabytes.</p>\r\n<p>Veritas Backup Exec 16, which became generally available in November 2016, expanded its support to include the Microsoft Azure cloud, Windows Server 2016 and Hyper-V Server 2016. Previous product versions already supported Amazon Web Services (AWS) and the Google Cloud Platform, as well as third-party clouds that support the Amazon Simple Storage Service protocol.</p>\r\n<p>Other new features of Backup Exec 16 include:</p>\r\n<ul>\r\n<li>Veritas branding;</li>\r\n<li>a simplified licensing and purchasing model built for midsize companies that do not have complicated infrastructures or dedicated backup administrators;</li>\r\n<li>expanded cloud support that streamlines migration to the cloud by offering a single platform to protect critical data across cloud, virtual and physical infrastructures;</li>\r\n<li>a new default database instance that installs SQL Server 2014 Express Service Pack 2.</li>\r\n</ul>","shortDescription":"Veritas Backup Exec is a data protection software product that supports virtual, physical and cloud platforms.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":14,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Veritas Backup Exec","keywords":"","description":"<p>Veritas Backup Exec is a data protection software product that supports virtual, physical and cloud platforms. Sold by Veritas Technologies LLC, Backup Exec is compatible with most storage devices, including disk, tape and cloud.</p>\r\n<p>The product was previously known as Symantec Backup Exec when Veritas was part of security giant Symantec Corp. Veritas was sold by Symantec in January 2016 to The Carlyle Group private equity firm for $7.4 billion.</p>\r\n<p><span style=\"font-weight: bold;\">Veritas Backup Exec features:</span></p>\r\n<p>Veritas claims more than 2 million Backup Exec customers, mainly in the SMB and midmarket arena.</p>\r\n<p>Key Veritas Backup Exec features include:</p>\r\n<ul>\r\n<li>fast virtual machine (VM) snapshots through integration with Microsoft Volume Shadow Copy Service (Microsoft VSS);</li>\r\n<li>instant recovery of VMware and Hyper-V VMs;</li>\r\n<li>integrated global deduplication and changed block tracking;</li>\r\n<li>integrated bare-metal, physical-to-virtual and virtual-to-physical recovery;</li>\r\n<li>the ability to protect thousands of VMs from a single user console.</li>\r\n</ul>\r\n<p>Backup Exec 15 features support for VMware ESXi 6 and vCenter 6, VMware Virtual SAN 6 and Virtual Volumes. Backup Exec 15 also offered enhanced VM capabilities with support for SAN restores and VMs with volumes of more than 2 terabytes.</p>\r\n<p>Veritas Backup Exec 16, which became generally available in November 2016, expanded its support to include the Microsoft Azure cloud, Windows Server 2016 and Hyper-V Server 2016. Previous product versions already supported Amazon Web Services (AWS) and the Google Cloud Platform, as well as third-party clouds that support the Amazon Simple Storage Service protocol.</p>\r\n<p>Other new features of Backup Exec 16 include:</p>\r\n<ul>\r\n<li>Veritas branding;</li>\r\n<li>a simplified licensing and purchasing model built for midsize companies that do not have complicated infrastructures or dedicated backup administrators;</li>\r\n<li>expanded cloud support that streamlines migration to the cloud by offering a single platform to protect critical data across cloud, virtual and physical infrastructures;</li>\r\n<li>a new default database instance that installs SQL Server 2014 Express Service Pack 2.</li>\r\n</ul>","og:title":"Veritas Backup Exec","og:description":"<p>Veritas Backup Exec is a data protection software product that supports virtual, physical and cloud platforms. Sold by Veritas Technologies LLC, Backup Exec is compatible with most storage devices, including disk, tape and cloud.</p>\r\n<p>The product was previously known as Symantec Backup Exec when Veritas was part of security giant Symantec Corp. Veritas was sold by Symantec in January 2016 to The Carlyle Group private equity firm for $7.4 billion.</p>\r\n<p><span style=\"font-weight: bold;\">Veritas Backup Exec features:</span></p>\r\n<p>Veritas claims more than 2 million Backup Exec customers, mainly in the SMB and midmarket arena.</p>\r\n<p>Key Veritas Backup Exec features include:</p>\r\n<ul>\r\n<li>fast virtual machine (VM) snapshots through integration with Microsoft Volume Shadow Copy Service (Microsoft VSS);</li>\r\n<li>instant recovery of VMware and Hyper-V VMs;</li>\r\n<li>integrated global deduplication and changed block tracking;</li>\r\n<li>integrated bare-metal, physical-to-virtual and virtual-to-physical recovery;</li>\r\n<li>the ability to protect thousands of VMs from a single user console.</li>\r\n</ul>\r\n<p>Backup Exec 15 features support for VMware ESXi 6 and vCenter 6, VMware Virtual SAN 6 and Virtual Volumes. Backup Exec 15 also offered enhanced VM capabilities with support for SAN restores and VMs with volumes of more than 2 terabytes.</p>\r\n<p>Veritas Backup Exec 16, which became generally available in November 2016, expanded its support to include the Microsoft Azure cloud, Windows Server 2016 and Hyper-V Server 2016. Previous product versions already supported Amazon Web Services (AWS) and the Google Cloud Platform, as well as third-party clouds that support the Amazon Simple Storage Service protocol.</p>\r\n<p>Other new features of Backup Exec 16 include:</p>\r\n<ul>\r\n<li>Veritas branding;</li>\r\n<li>a simplified licensing and purchasing model built for midsize companies that do not have complicated infrastructures or dedicated backup administrators;</li>\r\n<li>expanded cloud support that streamlines migration to the cloud by offering a single platform to protect critical data across cloud, virtual and physical infrastructures;</li>\r\n<li>a new default database instance that installs SQL Server 2014 Express Service Pack 2.</li>\r\n</ul>"},"eventUrl":"","translationId":2079,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":46,"title":"Data Protection and Recovery Software","alias":"data-protection-and-recovery-software","description":"Data protection and recovery software provide data backup, integrity and security for data backups and it enables timely, reliable and secure backup of data from a host device to destination device. Recently, Data Protection and Recovery Software market are disrupted by innovative technologies such as server virtualization, disk-based backup, and cloud services where emerging players are playing an important role. Tier one players such as IBM, Hewlett Packard Enterprise, EMC Corporation, Symantec Corporation and Microsoft Corporation are also moving towards these technologies through partnerships and acquisitions.\r\nThe major factor driving data protection and recovery software market is the high adoption of cloud-based services and technologies. Many organizations are moving towards the cloud to reduce their operational expenses and to provide real-time access to their employees. However, increased usage of the cloud has increased the risk of data loss and data theft and unauthorized access to confidential information, which increases the demand for data protection and recovery solution suites.","materialsDescription":" \r\n<span style=\"font-weight: bold; \">What is Data recovery?</span>\r\nData recovery is a process of salvaging (retrieving) inaccessible, lost, corrupted, damaged or formatted data from secondary storage, removable media or files, when the data stored in them cannot be accessed in a normal way. The data is most often salvaged from storage media such as internal or external hard disk drives (HDDs), solid-state drives (SSDs), USB flash drives, magnetic tapes, CDs, DVDs, RAID subsystems, and other electronic devices. Recovery may be required due to physical damage to the storage devices or logical damage to the file system that prevents it from being mounted by the host operating system (OS).\r\nThe most common data recovery scenario involves an operating system failure, malfunction of a storage device, logical failure of storage devices, accidental damage or deletion, etc. (typically, on a single-drive, single-partition, single-OS system), in which case the ultimate goal is simply to copy all important files from the damaged media to another new drive. This can be easily accomplished using a Live CD or DVD by booting directly from a ROM instead of the corrupted drive in question. Many Live CDs or DVDs provide a means to mount the system drive and backup drives or removable media, and to move the files from the system drive to the backup media with a file manager or optical disc authoring software. Such cases can often be mitigated by disk partitioning and consistently storing valuable data files (or copies of them) on a different partition from the replaceable OS system files.\r\nAnother scenario involves a drive-level failure, such as a compromised file system or drive partition, or a hard disk drive failure. In any of these cases, the data is not easily read from the media devices. Depending on the situation, solutions involve repairing the logical file system, partition table or master boot record, or updating the firmware or drive recovery techniques ranging from software-based recovery of corrupted data, hardware- and software-based recovery of damaged service areas (also known as the hard disk drive's "firmware"), to hardware replacement on a physically damaged drive which allows for extraction of data to a new drive. If a drive recovery is necessary, the drive itself has typically failed permanently, and the focus is rather on a one-time recovery, salvaging whatever data can be read.\r\nIn a third scenario, files have been accidentally "deleted" from a storage medium by the users. Typically, the contents of deleted files are not removed immediately from the physical drive; instead, references to them in the directory structure are removed, and thereafter space the deleted data occupy is made available for later data overwriting. In the mind of end users, deleted files cannot be discoverable through a standard file manager, but the deleted data still technically exists on the physical drive. In the meantime, the original file contents remain, often in a number of disconnected fragments, and may be recoverable if not overwritten by other data files.\r\nThe term "data recovery" is also used in the context of forensic applications or espionage, where data which have been encrypted or hidden, rather than damaged, are recovered. Sometimes data present in the computer gets encrypted or hidden due to reasons like virus attack which can only be recovered by some computer forensic experts.\r\n<span style=\"font-weight: bold;\">What is a backup?</span>\r\nA backup, or data backup, or the process of backing up, refers to the copying into an archive file of computer data that is already in secondary storage—so that it may be used to restore the original after a data loss event. The verb form is "back up" (a phrasal verb), whereas the noun and adjective form is "backup".\r\nBackups have two distinct purposes. The primary purpose is to recover data after its loss, be it by data deletion or corruption. Data loss can be a common experience of computer users; a 2008 survey found that 66% of respondents had lost files on their home PC. The secondary purpose of backups is to recover data from an earlier time, according to a user-defined data retention policy, typically configured within a backup application for how long copies of data are required. Though backups represent a simple form of disaster recovery and should be part of any disaster recovery plan, backups by themselves should not be considered a complete disaster recovery plan. One reason for this is that not all backup systems are able to reconstitute a computer system or other complex configuration such as a computer cluster, active directory server, or database server by simply restoring data from a backup.\r\nSince a backup system contains at least one copy of all data considered worth saving, the data storage requirements can be significant. Organizing this storage space and managing the backup process can be a complicated undertaking. A data repository model may be used to provide structure to the storage. Nowadays, there are many different types of data storage devices that are useful for making backups. There are also many different ways in which these devices can be arranged to provide geographic redundancy, data security, and portability.\r\nBefore data are sent to their storage locations, they are selected, extracted, and manipulated. Many different techniques have been developed to optimize the backup procedure. These include optimizations for dealing with open files and live data sources as well as compression, encryption, and de-duplication, among others. Every backup scheme should include dry runs that validate the reliability of the data being backed up. It is important to recognize the limitations and human factors involved in any backup scheme.","iconURL":"https://roi4cio.com/fileadmin/user_upload/Data_Protection_and_Recovery_Software__1_.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":109,"title":"Kyrgyzstan","name":"KGZ"},{"id":180,"title":"Russia","name":"RUS"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":10,"title":"Ensure Compliance"},{"id":307,"title":"Enhance Competitive Ability"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":175,"title":"Aging IT infrastructure"}]}},"categories":[{"id":331,"title":"Network Management Software","alias":"network-management-software","description":" <span style=\"font-weight: bold; \">Network management software</span> is software that is used to provision, discover, monitor and maintain computer networks. \r\nWith the expansion of the world wide web and the Internet, computer networks have become very large and complex, making them impossible to manage manually. In response, a suite of network management software was developed to help reduce the burden of managing the growing complexity of computer networks. \r\nNetwork management software usually collects information about network devices (which are called Nodes) using protocols like SNMP, ICMP, CDP etc. This information is then presented to network administrators in an easy to understand and accessible manner to help them quickly identify and remediate problems. \r\nSome advanced network control software may rectify network problems automatically. Network management program may also help with tasks involved in provisioning new networks, such as installing and configuring new network nodes etc. Network management tools may also help with maintenance of existing networks like upgrading software on existing network devices, creating new virtual networks etc. \r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">Functions</span></p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Provisioning:</span> Enables network managers to provision new network devices in an environment. Automating this step reduces cost and eliminates chances of human error.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Mapping or Discovery:</span> Enables the software to discover the features of a target network. Some features that are usually discovered are: the nodes in a network, the connectivity between these nodes, the vendor types, the performance characteristics etc.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Monitoring:</span> Enables the network management system to monitor the network for problems and to suggest improvements. The software may poll the devices periodically or register itself to receive alerts from network devices. One mechanism for network devices to volunteer information about itself is by sending an SNMP Trap. Monitoring can reveal faults in the network such as failed or misconfigured nodes, performance bottlenecks, intrusions etc.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Configuration management:</span> Enables the software to ensure that the network configuration is as desired and there is no configuration drift.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Regulatory compliance:</span> Enables the network management system software to ensure that the network meets the regulatory standards and complies with applicable laws.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Change control:</span> Enables the software to ensure that the network changes are enacted in a controlled and coordinated manner. Change control can enable audit trails which has applications during a forensic investigation after a network intrusion.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Software Asset Management:</span>Provides software deployment and patch management.</p>\r\n<p class=\"align-left\"><span style=\"font-weight: bold;\">Cybersecurity: </span>Enabled the software to use all the data gathered from the nodes to identify security risks in an IT environment.</p>","materialsDescription":"<h1 class=\"align-center\">What does Network Inventory Management system mean?</h1>\r\nNetwork inventory management is the process of keeping records of all the IT or network assets that make up the network.\r\nIt enables network administrators/businesses to have a physical record of all IT and network equipment within the organization.\r\nNetwork inventory management is generally performed to through IT asset tracking software that scans, compiles and records data about each device/node over a network.\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">Network inventory management software may include:</span></p>\r\n<ul><li>Number of routers, their make, type and place of installation, serial number</li><li>IP addresses of all devices/nodes, IP addressing scheme used</li><li>Number and type of software along with license keys and expiry dates</li></ul>\r\n<p class=\"align-left\"><span style=\"font-weight: bold; \">This data helps businesses with:</span></p>\r\n<ul><li>Network size estimation</li><li>Network capacity planning</li><li>Network cost/ROI estimation</li><li>Physical network administration (to deal with device/equipment loss and theft)</li></ul>\r\n<h1 class=\"align-center\">What is SNMP Management Software?</h1>\r\n<span style=\"font-weight: bold; \">SNMP (Simple Network Management Protocol) management software</span> is an application or program used to manage and monitor many network devices – such as servers, printers, hubs, switches, and routers – that are SNMP-aware and which an SNMP agent software can poll and receive alert traps when needed.\r\nSNMP network management software is currently considered the best choice by professionals for IP (Internet Protocol) network management, and as a result, SNMP is widely supported and featured in many hardware devices and network management software packages. \r\nSNMP software is designed to be able to be deployed on a large number of network devices, to have minimal impact and transport requirements on the managed nodes and to continue working when most other network applications fail.\r\n\r\n","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Network_Management_Software.png"},{"id":299,"title":"Application and User Session Virtualization","alias":"application-and-user-session-virtualization","description":"Application virtualization is a technology that allows you to separate the software from the operating system on which it operates. Fully virtualized software is not installed in the traditional sense, although the end-user at first glance can not see it, because the virtualized software works just as normal. The software in the execution process works just as if it interacted with the operating system directly and with all its resources, but can be isolated or executed in a sandbox with different levels of restriction.\r\nModern operating systems, such as Microsoft Windows and Linux, can include limited software virtualization. For example, Windows 7 has Windows XP mode that allows you to run Windows XP software on Windows 7 without any changes.\r\nUser session virtualization is a newer version of desktop virtualization that works at the operating system level. While normal virtualization of the desktop allows an operating system to be run by virtualizing the hardware of the desktop, RDS and App-V allow for the virtualization of the applications. User session virtualization lies between the two.\r\nA desktop has an operating system loaded on the base hardware. This can be either physical or virtual. The user session virtualization keeps track of all changes to the operating system that a user might make by encapsulating the configuration changes and associating them to the user account. This allows the specific changes to be applied to the underlying operating system without actually changing it. This allows several users to have completely different operating system configurations applied to base operating system installation.\r\nIf you are in a distributed desktop environment and there are local file servers available at each location, you can deploy virtualized user sessions in the form of redirected folders and roaming profiles.","materialsDescription":" <span style=\"font-weight: bold;\">Understanding application virtualization</span>\r\nApplication virtualization technology isolates applications from the underlying operating system and from other applications to increase compatibility and manageability. This application virtualization technology enables applications to be streamed from a centralized location into an isolation environment on the target device where they will execute. The application files, configuration, and settings are copied to the target device and the application execution at run time is controlled by the application virtualization layer. When executed, the application run time believes that it is interfacing directly with the operating system when, in fact, it is interfacing with a virtualization environment that proxies all requests to the operating system.\r\n<span style=\"font-weight: bold;\">Understanding session virtualization</span>\r\nSession virtualization uses application streaming to deliver applications to hosting servers in the datacenter. The Application then connects the user to the server. The application then executes entirely on the server. The user interacts with the application remotely by sending mouse-clicks and keystrokes to the server. The server then responds by sending screen updates back to the user’s device. Whereas application virtualization is limited to Windows-based operating systems, session virtualization allows any user on any operating system to access any application delivered by IT. As a result, the application enables Windows, Mac, Linux, iOS and Android devices to run any applications using session virtualization. Furthermore, session virtualization leverages server-side processing power which liberates IT from the endless cycle of PC hardware refreshes which are typically needed to support application upgrades when using traditional application deployment methods.","iconURL":"https://roi4cio.com/fileadmin/user_upload/Application_and_User_Session_Virtualization__1_.png"},{"id":46,"title":"Data Protection and Recovery Software","alias":"data-protection-and-recovery-software","description":"Data protection and recovery software provide data backup, integrity and security for data backups and it enables timely, reliable and secure backup of data from a host device to destination device. Recently, Data Protection and Recovery Software market are disrupted by innovative technologies such as server virtualization, disk-based backup, and cloud services where emerging players are playing an important role. Tier one players such as IBM, Hewlett Packard Enterprise, EMC Corporation, Symantec Corporation and Microsoft Corporation are also moving towards these technologies through partnerships and acquisitions.\r\nThe major factor driving data protection and recovery software market is the high adoption of cloud-based services and technologies. Many organizations are moving towards the cloud to reduce their operational expenses and to provide real-time access to their employees. However, increased usage of the cloud has increased the risk of data loss and data theft and unauthorized access to confidential information, which increases the demand for data protection and recovery solution suites.","materialsDescription":" \r\n<span style=\"font-weight: bold; \">What is Data recovery?</span>\r\nData recovery is a process of salvaging (retrieving) inaccessible, lost, corrupted, damaged or formatted data from secondary storage, removable media or files, when the data stored in them cannot be accessed in a normal way. The data is most often salvaged from storage media such as internal or external hard disk drives (HDDs), solid-state drives (SSDs), USB flash drives, magnetic tapes, CDs, DVDs, RAID subsystems, and other electronic devices. Recovery may be required due to physical damage to the storage devices or logical damage to the file system that prevents it from being mounted by the host operating system (OS).\r\nThe most common data recovery scenario involves an operating system failure, malfunction of a storage device, logical failure of storage devices, accidental damage or deletion, etc. (typically, on a single-drive, single-partition, single-OS system), in which case the ultimate goal is simply to copy all important files from the damaged media to another new drive. This can be easily accomplished using a Live CD or DVD by booting directly from a ROM instead of the corrupted drive in question. Many Live CDs or DVDs provide a means to mount the system drive and backup drives or removable media, and to move the files from the system drive to the backup media with a file manager or optical disc authoring software. Such cases can often be mitigated by disk partitioning and consistently storing valuable data files (or copies of them) on a different partition from the replaceable OS system files.\r\nAnother scenario involves a drive-level failure, such as a compromised file system or drive partition, or a hard disk drive failure. In any of these cases, the data is not easily read from the media devices. Depending on the situation, solutions involve repairing the logical file system, partition table or master boot record, or updating the firmware or drive recovery techniques ranging from software-based recovery of corrupted data, hardware- and software-based recovery of damaged service areas (also known as the hard disk drive's "firmware"), to hardware replacement on a physically damaged drive which allows for extraction of data to a new drive. If a drive recovery is necessary, the drive itself has typically failed permanently, and the focus is rather on a one-time recovery, salvaging whatever data can be read.\r\nIn a third scenario, files have been accidentally "deleted" from a storage medium by the users. Typically, the contents of deleted files are not removed immediately from the physical drive; instead, references to them in the directory structure are removed, and thereafter space the deleted data occupy is made available for later data overwriting. In the mind of end users, deleted files cannot be discoverable through a standard file manager, but the deleted data still technically exists on the physical drive. In the meantime, the original file contents remain, often in a number of disconnected fragments, and may be recoverable if not overwritten by other data files.\r\nThe term "data recovery" is also used in the context of forensic applications or espionage, where data which have been encrypted or hidden, rather than damaged, are recovered. Sometimes data present in the computer gets encrypted or hidden due to reasons like virus attack which can only be recovered by some computer forensic experts.\r\n<span style=\"font-weight: bold;\">What is a backup?</span>\r\nA backup, or data backup, or the process of backing up, refers to the copying into an archive file of computer data that is already in secondary storage—so that it may be used to restore the original after a data loss event. The verb form is "back up" (a phrasal verb), whereas the noun and adjective form is "backup".\r\nBackups have two distinct purposes. The primary purpose is to recover data after its loss, be it by data deletion or corruption. Data loss can be a common experience of computer users; a 2008 survey found that 66% of respondents had lost files on their home PC. The secondary purpose of backups is to recover data from an earlier time, according to a user-defined data retention policy, typically configured within a backup application for how long copies of data are required. Though backups represent a simple form of disaster recovery and should be part of any disaster recovery plan, backups by themselves should not be considered a complete disaster recovery plan. One reason for this is that not all backup systems are able to reconstitute a computer system or other complex configuration such as a computer cluster, active directory server, or database server by simply restoring data from a backup.\r\nSince a backup system contains at least one copy of all data considered worth saving, the data storage requirements can be significant. Organizing this storage space and managing the backup process can be a complicated undertaking. A data repository model may be used to provide structure to the storage. Nowadays, there are many different types of data storage devices that are useful for making backups. There are also many different ways in which these devices can be arranged to provide geographic redundancy, data security, and portability.\r\nBefore data are sent to their storage locations, they are selected, extracted, and manipulated. Many different techniques have been developed to optimize the backup procedure. These include optimizations for dealing with open files and live data sources as well as compression, encryption, and de-duplication, among others. Every backup scheme should include dry runs that validate the reliability of the data being backed up. It is important to recognize the limitations and human factors involved in any backup scheme.","iconURL":"https://roi4cio.com/fileadmin/user_upload/Data_Protection_and_Recovery_Software__1_.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"http://www.amt.ru/web/ru/arhiv/-/asset_publisher/yxdwXflc0xp2/content/amt-grup-modernizirovala-it-infrastrukturu-nacional-nogo-banka-kyrgyzskoj-respubliki?inheritRedirect=false&redirect=http%3A%2F%2Fwww.amt.ru%2Fweb%2Fru%2Farhiv%3Fp_p_id%3D101_INSTANCE_yxdwXflc0xp2%26p_p_lifecycle%3D0%26p_p_state%3Dnormal%26p_p_mode%3Dview%26p_p_col_id%3Dcolumn-1%26p_p_col_count%3D1%26_101_INSTANCE_yxdwXflc0xp2_advancedSearch%3Dfalse%26_101_INSTANCE_yxdwXflc0xp2_keywords%3D%26_101_INSTANCE_yxdwXflc0xp2_delta%3D20%26p_r_p_564233524_resetCur%3Dfalse%26_101_INSTANCE_yxdwXflc0xp2_cur%3D4%26_101_INSTANCE_yxdwXflc0xp2_andOperator%3Dtrue","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":428,"title":"TrapX DeceptionGrid Platform for financial industry","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold; \">Attackers Target Authentication Data</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold; \">Project Background - a Technology Evaluation</span>\r\nOur financial case study focuses on a global insurance institution. Prior toour involvement, there were absolutely no indicators of malware infection or persistent threats visible to the customer. The customer had a robustindustry suite of cyber defense products which included a firewall, antivirussuites, intrusion detection software, endpoint security and othersoftware.\r\nWithin a short period of time, the TrapX DeceptionGrid generatedALERTS and identified two malicious separate processes involved inunauthorized lateral movement within the insurance company network.\r\nUpon analysis it was determined that both of these malicious processeswere communicating with multiple connection points in Russia.\r\nThese connection points in Russia and the other injected softwarecaptured worked together as an advanced password stealer. The attackerspenetrated the network and had captured password information. This targeted theft of authentication credentials represented a serious threat tothe integrity of the company's overall operations. At this time it has notbeen determined to what extent passwords were captured prior todetection.\r\nOther malware of lower risk identified by DeceptionGrid included Trj/Downloader.LEK Trojan, TROJ_QHOST.DB Trojan, and theW32.Greypack worm. All of these were not detected by the customersexisting cyber suite. Analysis suggests at least one of them might havebeen detected but the alerts were missed against the volume of overallalert traffic.\r\n\r\n<span style=\"font-weight: bold;\">Critical and Confidential Authentication Credentials at Risk</span>\r\nTrapX determined that critical and confidential password data was beingexfiltrated to Russia. The scope of data compromise is still underinvestigation at this time and the global insurance firm has taken preemptivemeasures to replace credentials on suspected software systems. \r\n","alias":"trapx-deceptiongrid-platform-for-financial-industry","roi":0,"seo":{"title":"TrapX DeceptionGrid Platform for financial industry","keywords":"","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold; \">Attackers Target Authentication Data</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold; \">Project Background - a Technology Evaluation</span>\r\nOur financial case study focuses on a global insurance institution. Prior toour involvement, there were absolutely no indicators of malware infection or persistent threats visible to the customer. The customer had a robustindustry suite of cyber defense products which included a firewall, antivirussuites, intrusion detection software, endpoint security and othersoftware.\r\nWithin a short period of time, the TrapX DeceptionGrid generatedALERTS and identified two malicious separate processes involved inunauthorized lateral movement within the insurance company network.\r\nUpon analysis it was determined that both of these malicious processeswere communicating with multiple connection points in Russia.\r\nThese connection points in Russia and the other injected softwarecaptured worked together as an advanced password stealer. The attackerspenetrated the network and had captured password information. This targeted theft of authentication credentials represented a serious threat tothe integrity of the company's overall operations. At this time it has notbeen determined to what extent passwords were captured prior todetection.\r\nOther malware of lower risk identified by DeceptionGrid included Trj/Downloader.LEK Trojan, TROJ_QHOST.DB Trojan, and theW32.Greypack worm. All of these were not detected by the customersexisting cyber suite. Analysis suggests at least one of them might havebeen detected but the alerts were missed against the volume of overallalert traffic.\r\n\r\n<span style=\"font-weight: bold;\">Critical and Confidential Authentication Credentials at Risk</span>\r\nTrapX determined that critical and confidential password data was beingexfiltrated to Russia. The scope of data compromise is still underinvestigation at this time and the global insurance firm has taken preemptivemeasures to replace credentials on suspected software systems. \r\n","og:title":"TrapX DeceptionGrid Platform for financial industry","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold; \">Attackers Target Authentication Data</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold; \">Project Background - a Technology Evaluation</span>\r\nOur financial case study focuses on a global insurance institution. Prior toour involvement, there were absolutely no indicators of malware infection or persistent threats visible to the customer. The customer had a robustindustry suite of cyber defense products which included a firewall, antivirussuites, intrusion detection software, endpoint security and othersoftware.\r\nWithin a short period of time, the TrapX DeceptionGrid generatedALERTS and identified two malicious separate processes involved inunauthorized lateral movement within the insurance company network.\r\nUpon analysis it was determined that both of these malicious processeswere communicating with multiple connection points in Russia.\r\nThese connection points in Russia and the other injected softwarecaptured worked together as an advanced password stealer. The attackerspenetrated the network and had captured password information. This targeted theft of authentication credentials represented a serious threat tothe integrity of the company's overall operations. At this time it has notbeen determined to what extent passwords were captured prior todetection.\r\nOther malware of lower risk identified by DeceptionGrid included Trj/Downloader.LEK Trojan, TROJ_QHOST.DB Trojan, and theW32.Greypack worm. All of these were not detected by the customersexisting cyber suite. Analysis suggests at least one of them might havebeen detected but the alerts were missed against the volume of overallalert traffic.\r\n\r\n<span style=\"font-weight: bold;\">Critical and Confidential Authentication Credentials at Risk</span>\r\nTrapX determined that critical and confidential password data was beingexfiltrated to Russia. The scope of data compromise is still underinvestigation at this time and the global insurance firm has taken preemptivemeasures to replace credentials on suspected software systems. \r\n"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""},"vendors":[{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""}],"products":[{"id":1724,"logo":false,"scheme":false,"title":"TrapX DeceptionGrid platform","vendorVerified":0,"rating":"3.30","implementationsCount":9,"suppliersCount":0,"alias":"trapx-deceptiongrid-platform","companyTypes":[],"description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","shortDescription":"The TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement, Advanced Persistent Threats (APTs) and sophisticated cybercriminals","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","keywords":"from, TrapX, DeceptionGrid, breach, attack, platform, intelligence, remediation, protects, assets, malicious insiders, lateral-movement, Advanced Persistent Threats (APTs), sophisticated cybercriminals, Console, Attack Visualization, security operations team, intrusion, Attacker ID, attack identification, human attacker, automated attack tools, security teams, Automated Provisioning, Deception Tokens, Active Traps, Emulated Traps, Medium Interaction Emulated Traps, FullOS Traps, High Interaction (Full Operating System) Traps","description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","og:title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","og:description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers."},"eventUrl":"","translationId":1723,"dealDetails":{"avgPartnerDiscount":30,"dealProtection":1,"avgDealSize":30000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"It is required to transfer the customer data to the vendor in order to receive a testing version for 30 days","categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1724,"logo":false,"scheme":false,"title":"TrapX DeceptionGrid platform","vendorVerified":0,"rating":"3.30","implementationsCount":9,"suppliersCount":0,"alias":"trapx-deceptiongrid-platform","companyTypes":[],"description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","shortDescription":"The TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement, Advanced Persistent Threats (APTs) and sophisticated cybercriminals","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","keywords":"from, TrapX, DeceptionGrid, breach, attack, platform, intelligence, remediation, protects, assets, malicious insiders, lateral-movement, Advanced Persistent Threats (APTs), sophisticated cybercriminals, Console, Attack Visualization, security operations team, intrusion, Attacker ID, attack identification, human attacker, automated attack tools, security teams, Automated Provisioning, Deception Tokens, Active Traps, Emulated Traps, Medium Interaction Emulated Traps, FullOS Traps, High Interaction (Full Operating System) Traps","description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","og:title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","og:description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers."},"eventUrl":"","translationId":1723,"dealDetails":{"avgPartnerDiscount":30,"dealProtection":1,"avgDealSize":30000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"It is required to transfer the customer data to the vendor in order to receive a testing version for 30 days","categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"}]}},"categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://trapx.com/wp-content/uploads/2017/08/Case_Study_TrapX_Finance_Insurance.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":429,"title":"TrapX DeceptionGrid Platform for National Government","description":"<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Multiple Attackers Penetrate National Agency</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Project Background - a Technology Evaluation</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">Our case study focuses on a large national government agency. This agency has hundreds of employees and has multiple facilities disbursed over a large geographic area. This agency wanted to learn more about deception technology as part of their regular evaluation of cyber security vendors.</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Massive Penetration by Attackers Detected in Multiple Areas</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">DeceptionGrid was placed into operation. Starting almost immediately and over the course of several weeks the government security operations command (SOC) team received multiple High Priority Alerts. This was one of the most massive attacks we have ever discovered. We identified multiple attackers in several areas to include over five (5+) attackers using malware servers, over five (5+) attackers linking back data flow to botnet c&c servers and over fifty (50+) remote attackers using TOR anonymous proxy to hide source IP addresses. In some cases the malware was automatically trapped and injected into the sandbox for continued analysis. Multiple attackers had established command and control and had bypassed the complete array of existing intrusion detection, firewall, endpoint and perimeter cyber software defense.</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">Malware found included Cryptowall, P2P Malware, Trojan-Banker, TrojanRansome, Mobogenie.B and WS.Reputation.1. </span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Exfiltration of Data Discovered - Broadscale Remediation Required</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">It is clear that multiple attackers have successfully exfiltrated data from this government agency. The attack vectors varied substantially and compromised workstations and servers across multiple departments. Required remediation was done on a broad scale and included reprovisioning of both workstations and servers. The government involved has been forced to either re-provision on a large scale, or, to perform more time intensive memory dump analysis to better understand the extent of the penetration by this varied mix of attackers. Source attacker IP adresses as known are confidential at this time and part of an ongoing criminal investigation.</span>","alias":"trapx-deceptiongrid-platform-for-national-government","roi":0,"seo":{"title":"TrapX DeceptionGrid Platform for National Government","keywords":"","description":"<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Multiple Attackers Penetrate National Agency</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Project Background - a Technology Evaluation</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">Our case study focuses on a large national government agency. This agency has hundreds of employees and has multiple facilities disbursed over a large geographic area. This agency wanted to learn more about deception technology as part of their regular evaluation of cyber security vendors.</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Massive Penetration by Attackers Detected in Multiple Areas</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">DeceptionGrid was placed into operation. Starting almost immediately and over the course of several weeks the government security operations command (SOC) team received multiple High Priority Alerts. This was one of the most massive attacks we have ever discovered. We identified multiple attackers in several areas to include over five (5+) attackers using malware servers, over five (5+) attackers linking back data flow to botnet c&c servers and over fifty (50+) remote attackers using TOR anonymous proxy to hide source IP addresses. In some cases the malware was automatically trapped and injected into the sandbox for continued analysis. Multiple attackers had established command and control and had bypassed the complete array of existing intrusion detection, firewall, endpoint and perimeter cyber software defense.</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">Malware found included Cryptowall, P2P Malware, Trojan-Banker, TrojanRansome, Mobogenie.B and WS.Reputation.1. </span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Exfiltration of Data Discovered - Broadscale Remediation Required</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">It is clear that multiple attackers have successfully exfiltrated data from this government agency. The attack vectors varied substantially and compromised workstations and servers across multiple departments. Required remediation was done on a broad scale and included reprovisioning of both workstations and servers. The government involved has been forced to either re-provision on a large scale, or, to perform more time intensive memory dump analysis to better understand the extent of the penetration by this varied mix of attackers. Source attacker IP adresses as known are confidential at this time and part of an ongoing criminal investigation.</span>","og:title":"TrapX DeceptionGrid Platform for National Government","og:description":"<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Multiple Attackers Penetrate National Agency</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Project Background - a Technology Evaluation</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">Our case study focuses on a large national government agency. This agency has hundreds of employees and has multiple facilities disbursed over a large geographic area. This agency wanted to learn more about deception technology as part of their regular evaluation of cyber security vendors.</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Massive Penetration by Attackers Detected in Multiple Areas</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">DeceptionGrid was placed into operation. Starting almost immediately and over the course of several weeks the government security operations command (SOC) team received multiple High Priority Alerts. This was one of the most massive attacks we have ever discovered. We identified multiple attackers in several areas to include over five (5+) attackers using malware servers, over five (5+) attackers linking back data flow to botnet c&c servers and over fifty (50+) remote attackers using TOR anonymous proxy to hide source IP addresses. In some cases the malware was automatically trapped and injected into the sandbox for continued analysis. Multiple attackers had established command and control and had bypassed the complete array of existing intrusion detection, firewall, endpoint and perimeter cyber software defense.</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">Malware found included Cryptowall, P2P Malware, Trojan-Banker, TrojanRansome, Mobogenie.B and WS.Reputation.1. </span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); font-weight: bold; \">Exfiltration of Data Discovered - Broadscale Remediation Required</span>\r\n<span style=\"font-size: 12px; font-family: Verdana, sans-serif; color: rgb(0, 0, 0); \">It is clear that multiple attackers have successfully exfiltrated data from this government agency. The attack vectors varied substantially and compromised workstations and servers across multiple departments. Required remediation was done on a broad scale and included reprovisioning of both workstations and servers. The government involved has been forced to either re-provision on a large scale, or, to perform more time intensive memory dump analysis to better understand the extent of the penetration by this varied mix of attackers. Source attacker IP adresses as known are confidential at this time and part of an ongoing criminal investigation.</span>"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""},"vendors":[{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""}],"products":[{"id":1724,"logo":false,"scheme":false,"title":"TrapX DeceptionGrid platform","vendorVerified":0,"rating":"3.30","implementationsCount":9,"suppliersCount":0,"alias":"trapx-deceptiongrid-platform","companyTypes":[],"description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","shortDescription":"The TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement, Advanced Persistent Threats (APTs) and sophisticated cybercriminals","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","keywords":"from, TrapX, DeceptionGrid, breach, attack, platform, intelligence, remediation, protects, assets, malicious insiders, lateral-movement, Advanced Persistent Threats (APTs), sophisticated cybercriminals, Console, Attack Visualization, security operations team, intrusion, Attacker ID, attack identification, human attacker, automated attack tools, security teams, Automated Provisioning, Deception Tokens, Active Traps, Emulated Traps, Medium Interaction Emulated Traps, FullOS Traps, High Interaction (Full Operating System) Traps","description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","og:title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","og:description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers."},"eventUrl":"","translationId":1723,"dealDetails":{"avgPartnerDiscount":30,"dealProtection":1,"avgDealSize":30000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"It is required to transfer the customer data to the vendor in order to receive a testing version for 30 days","categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1724,"logo":false,"scheme":false,"title":"TrapX DeceptionGrid platform","vendorVerified":0,"rating":"3.30","implementationsCount":9,"suppliersCount":0,"alias":"trapx-deceptiongrid-platform","companyTypes":[],"description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","shortDescription":"The TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement, Advanced Persistent Threats (APTs) and sophisticated cybercriminals","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","keywords":"from, TrapX, DeceptionGrid, breach, attack, platform, intelligence, remediation, protects, assets, malicious insiders, lateral-movement, Advanced Persistent Threats (APTs), sophisticated cybercriminals, Console, Attack Visualization, security operations team, intrusion, Attacker ID, attack identification, human attacker, automated attack tools, security teams, Automated Provisioning, Deception Tokens, Active Traps, Emulated Traps, Medium Interaction Emulated Traps, FullOS Traps, High Interaction (Full Operating System) Traps","description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","og:title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","og:description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers."},"eventUrl":"","translationId":1723,"dealDetails":{"avgPartnerDiscount":30,"dealProtection":1,"avgDealSize":30000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"It is required to transfer the customer data to the vendor in order to receive a testing version for 30 days","categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"}]}},"categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://trapx.com/wp-content/uploads/2017/08/Case_Study_TrapX_NationalGovernment.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":430,"title":"TrapX DeceptionGrid Platform for Software Vendor","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Attackers Target Software Company</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Project Background - a Technology Evaluation</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Our case study focuses on a leading software vendor that provides software through cloud services to their customers in healthcare. This customer's information technology team invested very substantially in defense-in-depth cyber defense software. Their security operations center regularly detected malware and was able to routinely remediate all of these known incidents.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The customer had a strong industry suite of cyber defense products which included firewalls, anti virus suites, intrusion detection software, endpoint security and other software. Our initial installation included over ten (10) vLANS.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">DeceptionGrid was placed into operation. Almost immediately the customer information technology staff received multiple High Priority Alerts. These included identified suspicious activity and led to the discovery of several network misconfigurations. Several internal internet addresses were exposed to the internet and open to a variety of high risk protocols. Inbound connections from attackers were operational via SSH, Telnet and Remote Desktop. A TOR (anonymous proxy) obfuscated web crawler had mapped all of the exposed hosts.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Some of the malware was automatically trapped and injected into the sandbox by DeceptionGrid for continued analysis. The attackers had multiple command and control points and had bypassed the complete array of existing security.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Multiple Concurrent Attackers Detected and Remediated</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">A full investigation continued as DeceptionGrid continued to monitor and capture malware movement. Multiple command and control point in six (6) workstations were linked to attackers in Beijing China, Moldava, and the multiple locations within Ukraine. Dozens of workstations had to be reprovisioned to eliminate access. Manual memory dump and analysis was required across many information technology assets to identify the full scope of the extensive and previously undetected attacker activity. Scope of Data Theft Remains Indeterminate Multiple attackers accessed this technology company's networks workstations and servers. The scope of intellectual property data exfiltration and theft is unknown but under continued investigation. </span>","alias":"trapx-deceptiongrid-platform-for-software-vendor","roi":0,"seo":{"title":"TrapX DeceptionGrid Platform for Software Vendor","keywords":"","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Attackers Target Software Company</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Project Background - a Technology Evaluation</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Our case study focuses on a leading software vendor that provides software through cloud services to their customers in healthcare. This customer's information technology team invested very substantially in defense-in-depth cyber defense software. Their security operations center regularly detected malware and was able to routinely remediate all of these known incidents.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The customer had a strong industry suite of cyber defense products which included firewalls, anti virus suites, intrusion detection software, endpoint security and other software. Our initial installation included over ten (10) vLANS.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">DeceptionGrid was placed into operation. Almost immediately the customer information technology staff received multiple High Priority Alerts. These included identified suspicious activity and led to the discovery of several network misconfigurations. Several internal internet addresses were exposed to the internet and open to a variety of high risk protocols. Inbound connections from attackers were operational via SSH, Telnet and Remote Desktop. A TOR (anonymous proxy) obfuscated web crawler had mapped all of the exposed hosts.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Some of the malware was automatically trapped and injected into the sandbox by DeceptionGrid for continued analysis. The attackers had multiple command and control points and had bypassed the complete array of existing security.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Multiple Concurrent Attackers Detected and Remediated</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">A full investigation continued as DeceptionGrid continued to monitor and capture malware movement. Multiple command and control point in six (6) workstations were linked to attackers in Beijing China, Moldava, and the multiple locations within Ukraine. Dozens of workstations had to be reprovisioned to eliminate access. Manual memory dump and analysis was required across many information technology assets to identify the full scope of the extensive and previously undetected attacker activity. Scope of Data Theft Remains Indeterminate Multiple attackers accessed this technology company's networks workstations and servers. The scope of intellectual property data exfiltration and theft is unknown but under continued investigation. </span>","og:title":"TrapX DeceptionGrid Platform for Software Vendor","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Attackers Target Software Company</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Project Background - a Technology Evaluation</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Our case study focuses on a leading software vendor that provides software through cloud services to their customers in healthcare. This customer's information technology team invested very substantially in defense-in-depth cyber defense software. Their security operations center regularly detected malware and was able to routinely remediate all of these known incidents.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The customer had a strong industry suite of cyber defense products which included firewalls, anti virus suites, intrusion detection software, endpoint security and other software. Our initial installation included over ten (10) vLANS.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">DeceptionGrid was placed into operation. Almost immediately the customer information technology staff received multiple High Priority Alerts. These included identified suspicious activity and led to the discovery of several network misconfigurations. Several internal internet addresses were exposed to the internet and open to a variety of high risk protocols. Inbound connections from attackers were operational via SSH, Telnet and Remote Desktop. A TOR (anonymous proxy) obfuscated web crawler had mapped all of the exposed hosts.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Some of the malware was automatically trapped and injected into the sandbox by DeceptionGrid for continued analysis. The attackers had multiple command and control points and had bypassed the complete array of existing security.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Multiple Concurrent Attackers Detected and Remediated</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">A full investigation continued as DeceptionGrid continued to monitor and capture malware movement. Multiple command and control point in six (6) workstations were linked to attackers in Beijing China, Moldava, and the multiple locations within Ukraine. Dozens of workstations had to be reprovisioned to eliminate access. Manual memory dump and analysis was required across many information technology assets to identify the full scope of the extensive and previously undetected attacker activity. Scope of Data Theft Remains Indeterminate Multiple attackers accessed this technology company's networks workstations and servers. The scope of intellectual property data exfiltration and theft is unknown but under continued investigation. </span>"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""},"vendors":[{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""}],"products":[{"id":1724,"logo":false,"scheme":false,"title":"TrapX DeceptionGrid platform","vendorVerified":0,"rating":"3.30","implementationsCount":9,"suppliersCount":0,"alias":"trapx-deceptiongrid-platform","companyTypes":[],"description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","shortDescription":"The TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement, Advanced Persistent Threats (APTs) and sophisticated cybercriminals","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","keywords":"from, TrapX, DeceptionGrid, breach, attack, platform, intelligence, remediation, protects, assets, malicious insiders, lateral-movement, Advanced Persistent Threats (APTs), sophisticated cybercriminals, Console, Attack Visualization, security operations team, intrusion, Attacker ID, attack identification, human attacker, automated attack tools, security teams, Automated Provisioning, Deception Tokens, Active Traps, Emulated Traps, Medium Interaction Emulated Traps, FullOS Traps, High Interaction (Full Operating System) Traps","description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","og:title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","og:description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers."},"eventUrl":"","translationId":1723,"dealDetails":{"avgPartnerDiscount":30,"dealProtection":1,"avgDealSize":30000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"It is required to transfer the customer data to the vendor in order to receive a testing version for 30 days","categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1724,"logo":false,"scheme":false,"title":"TrapX DeceptionGrid platform","vendorVerified":0,"rating":"3.30","implementationsCount":9,"suppliersCount":0,"alias":"trapx-deceptiongrid-platform","companyTypes":[],"description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","shortDescription":"The TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement, Advanced Persistent Threats (APTs) and sophisticated cybercriminals","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","keywords":"from, TrapX, DeceptionGrid, breach, attack, platform, intelligence, remediation, protects, assets, malicious insiders, lateral-movement, Advanced Persistent Threats (APTs), sophisticated cybercriminals, Console, Attack Visualization, security operations team, intrusion, Attacker ID, attack identification, human attacker, automated attack tools, security teams, Automated Provisioning, Deception Tokens, Active Traps, Emulated Traps, Medium Interaction Emulated Traps, FullOS Traps, High Interaction (Full Operating System) Traps","description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","og:title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","og:description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers."},"eventUrl":"","translationId":1723,"dealDetails":{"avgPartnerDiscount":30,"dealProtection":1,"avgDealSize":30000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"It is required to transfer the customer data to the vendor in order to receive a testing version for 30 days","categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"}]}},"categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://trapx.com/wp-content/uploads/2017/08/Case_Study_TrapX_Software.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":431,"title":"TrapX DeceptionGrid Platform for Law Enforcement","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Attackers Target Law Enforcement Data</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Project Background - a Technology Evaluation</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Our case study focuses on a prominent law enforcement agency. This agency has responsibility for many activities which may include highly sensitive investigations into organized crime and terrorist activity. This agency is always interested in improving their cyber defenses and has a large budget dedicated to technology acquisition. Priorities for this agency include the protection of the confidentiality of their ongoing operations, internal processes and their personnel.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">This agency conducted a survey of technology vendors and wanted to learn more about deception technology. They were familiar with legacy honeypot technology and found it to be far to expensive to implement both in terms of resources and financial cost. This agency was very cautious and had partitioned several networks within the enterprise. Some were to be used for highly confidential (classified) data only - others for data of lesser confidentiality.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Advanced Persistent Threat Leverages Lapse in Protocol</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">DeceptionGrid was placed into operation. Within one week the customer security operations (SOC) team received a High Priority Alert indicating the lateral movement of an advanced threat. The malware was automatically trapped and injected into the sandbox for continued analysis. The attackers had established sophisticated command and control and had bypassed the complete array of existing intrusion detection, firewall, endpoint and perimeter cyber software defense.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">A full investigation continued as DeceptionGrid continued to monitor and capture malware movement. The agency's security operations team determined that there was an internal breach in their protocol. A connection, in breach of the agency's operting procedures, was found between their secure network and one of the less secure networks (lower security rating). This breach in protocol enabled the attacker's access .</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Exfiltration of Data Discovered and Halted</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The attacker was found to have moved without detection throughout the law enforcement agency network and servers. There were over ten explicit lateral movements made prior to detection by DeceptionGrid. The attacker found and exfiltrated data including the confidential records of agency personnel, their I.D information, their photographs and other highly confidential data. DeceptionGrid enabled the agency to disrupt the attack and then confidently restore normal security protocols.</span>","alias":"trapx-deceptiongrid-platform-for-law-enforcement","roi":0,"seo":{"title":"TrapX DeceptionGrid Platform for Law Enforcement","keywords":"","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Attackers Target Law Enforcement Data</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Project Background - a Technology Evaluation</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Our case study focuses on a prominent law enforcement agency. This agency has responsibility for many activities which may include highly sensitive investigations into organized crime and terrorist activity. This agency is always interested in improving their cyber defenses and has a large budget dedicated to technology acquisition. Priorities for this agency include the protection of the confidentiality of their ongoing operations, internal processes and their personnel.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">This agency conducted a survey of technology vendors and wanted to learn more about deception technology. They were familiar with legacy honeypot technology and found it to be far to expensive to implement both in terms of resources and financial cost. This agency was very cautious and had partitioned several networks within the enterprise. Some were to be used for highly confidential (classified) data only - others for data of lesser confidentiality.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Advanced Persistent Threat Leverages Lapse in Protocol</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">DeceptionGrid was placed into operation. Within one week the customer security operations (SOC) team received a High Priority Alert indicating the lateral movement of an advanced threat. The malware was automatically trapped and injected into the sandbox for continued analysis. The attackers had established sophisticated command and control and had bypassed the complete array of existing intrusion detection, firewall, endpoint and perimeter cyber software defense.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">A full investigation continued as DeceptionGrid continued to monitor and capture malware movement. The agency's security operations team determined that there was an internal breach in their protocol. A connection, in breach of the agency's operting procedures, was found between their secure network and one of the less secure networks (lower security rating). This breach in protocol enabled the attacker's access .</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Exfiltration of Data Discovered and Halted</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The attacker was found to have moved without detection throughout the law enforcement agency network and servers. There were over ten explicit lateral movements made prior to detection by DeceptionGrid. The attacker found and exfiltrated data including the confidential records of agency personnel, their I.D information, their photographs and other highly confidential data. DeceptionGrid enabled the agency to disrupt the attack and then confidently restore normal security protocols.</span>","og:title":"TrapX DeceptionGrid Platform for Law Enforcement","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Attackers Target Law Enforcement Data</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Project Background - a Technology Evaluation</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Our case study focuses on a prominent law enforcement agency. This agency has responsibility for many activities which may include highly sensitive investigations into organized crime and terrorist activity. This agency is always interested in improving their cyber defenses and has a large budget dedicated to technology acquisition. Priorities for this agency include the protection of the confidentiality of their ongoing operations, internal processes and their personnel.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">This agency conducted a survey of technology vendors and wanted to learn more about deception technology. They were familiar with legacy honeypot technology and found it to be far to expensive to implement both in terms of resources and financial cost. This agency was very cautious and had partitioned several networks within the enterprise. Some were to be used for highly confidential (classified) data only - others for data of lesser confidentiality.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Advanced Persistent Threat Leverages Lapse in Protocol</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">DeceptionGrid was placed into operation. Within one week the customer security operations (SOC) team received a High Priority Alert indicating the lateral movement of an advanced threat. The malware was automatically trapped and injected into the sandbox for continued analysis. The attackers had established sophisticated command and control and had bypassed the complete array of existing intrusion detection, firewall, endpoint and perimeter cyber software defense.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">A full investigation continued as DeceptionGrid continued to monitor and capture malware movement. The agency's security operations team determined that there was an internal breach in their protocol. A connection, in breach of the agency's operting procedures, was found between their secure network and one of the less secure networks (lower security rating). This breach in protocol enabled the attacker's access .</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Exfiltration of Data Discovered and Halted</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The attacker was found to have moved without detection throughout the law enforcement agency network and servers. There were over ten explicit lateral movements made prior to detection by DeceptionGrid. The attacker found and exfiltrated data including the confidential records of agency personnel, their I.D information, their photographs and other highly confidential data. DeceptionGrid enabled the agency to disrupt the attack and then confidently restore normal security protocols.</span>"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""},"vendors":[{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""}],"products":[{"id":1724,"logo":false,"scheme":false,"title":"TrapX DeceptionGrid platform","vendorVerified":0,"rating":"3.30","implementationsCount":9,"suppliersCount":0,"alias":"trapx-deceptiongrid-platform","companyTypes":[],"description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","shortDescription":"The TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement, Advanced Persistent Threats (APTs) and sophisticated cybercriminals","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","keywords":"from, TrapX, DeceptionGrid, breach, attack, platform, intelligence, remediation, protects, assets, malicious insiders, lateral-movement, Advanced Persistent Threats (APTs), sophisticated cybercriminals, Console, Attack Visualization, security operations team, intrusion, Attacker ID, attack identification, human attacker, automated attack tools, security teams, Automated Provisioning, Deception Tokens, Active Traps, Emulated Traps, Medium Interaction Emulated Traps, FullOS Traps, High Interaction (Full Operating System) Traps","description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","og:title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","og:description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers."},"eventUrl":"","translationId":1723,"dealDetails":{"avgPartnerDiscount":30,"dealProtection":1,"avgDealSize":30000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"It is required to transfer the customer data to the vendor in order to receive a testing version for 30 days","categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1724,"logo":false,"scheme":false,"title":"TrapX DeceptionGrid platform","vendorVerified":0,"rating":"3.30","implementationsCount":9,"suppliersCount":0,"alias":"trapx-deceptiongrid-platform","companyTypes":[],"description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","shortDescription":"The TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement, Advanced Persistent Threats (APTs) and sophisticated cybercriminals","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","keywords":"from, TrapX, DeceptionGrid, breach, attack, platform, intelligence, remediation, protects, assets, malicious insiders, lateral-movement, Advanced Persistent Threats (APTs), sophisticated cybercriminals, Console, Attack Visualization, security operations team, intrusion, Attacker ID, attack identification, human attacker, automated attack tools, security teams, Automated Provisioning, Deception Tokens, Active Traps, Emulated Traps, Medium Interaction Emulated Traps, FullOS Traps, High Interaction (Full Operating System) Traps","description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","og:title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","og:description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers."},"eventUrl":"","translationId":1723,"dealDetails":{"avgPartnerDiscount":30,"dealProtection":1,"avgDealSize":30000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"It is required to transfer the customer data to the vendor in order to receive a testing version for 30 days","categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"}]}},"categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://trapx.com/wp-content/uploads/2017/08/Case_Study_TrapX_StateLawEnforcement.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":433,"title":"Barracuda NGFW on AWS for software provider","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation drives new business growth, safely migrates its health club management application to AWS, protects customer data, and provisions firewalls in 15 minutes instead of several hours by using Barracuda NextGen Firewalls on the AWS Cloud. The organization provides cloud-based enterprise resource planning (ERP) software for health and athletic clubs throughout the United States. Club Automation migrated its applications to AWS and uses Barracuda firewalls provisioned through the AWS Marketplace.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold; \">About Club Automation</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation a leading cloudbased software provider with a mission of contributing to a healthier and more active world by empowering more-efficient health and fitness club management. Based in Chicago, the company offers a software-as-a-service (SaaS) solution that enables health and fitness clubs to run their facilities effortlessly.</span>\r\n\r\n<span style=\"font-weight: bold; \">The Challenge </span>\r\nNot long ago, Club Automation was a small upstart company in the health club software industry with a big goal: to revolutionize the entire industry with a SaaS enterprise resource planning (ERP) solution that manages all parts of a health club’s business. The company is now experiencing explosive business growth. <span style=\"font-weight: bold; font-style: italic; \">“We came into the club ERP space as an underdog, but we’ve grown extremely fast,” says Max Longin, a founding partner at the company. “About 70 percent of our total revenue as a company has come in the past year.” Even so, Longin considers this a period of “controlled growth.” “We have not really been marketing ourselves—our new customers have been coming to us through word of mouth. Our concern has been that if our systems are not ready to scale to support more growth, we could compromise performance and our customers’ experience.”</span>\r\nTo address that concern, Club Automation sought to move its SaaS application to a new cloud technology provider.<span style=\"font-weight: bold; font-style: italic; \"> “We needed more agility and scalability than we had with our previous hybrid-cloud solution, which included a secure but legacy private-cloud environment,” Longin confirms. “We had to scale ahead of required capacity, which was costly and required a lot of planning. We wanted to be more agile, so we could quickly roll out new apps and features for our customers.”</span>\r\nAs Club Automation considered new cloud technologies, it also needed to ensure strong security for its application workloads. <span style=\"font-weight: bold; font-style: italic; \">“We operate in a cardholder environment, and our solution needs to be PCI compliant and highly secure,” Longin says. “We can’t allow access to our backend systems by anyone other than our developers. We had to eliminate attack surface areas within a cloud environment, and we needed the security to enable our business to move our workloads to the cloud safely.”</span>\r\n<span style=\"font-weight: bold; \">Why Amazon Web Services </span>\r\nClub Automation decided to move its SaaS application to the Amazon Web Services (AWS) cloud, in part because AWS addressed the company’s security and performance challenges. “Previously, we were not set up to support geographic growth, because we only had a few dispersed data centers and we had challenges deploying security quickly and getting solid performance in all areas of the United States,” Longin says. “We looked at Microsoft Azure, but it wasn’t the right solution for our needs,” says Longin. “AWS fit like a glove, and it offers the best services for our business.” Club Automation runs its web servers on Amazon Elastic Compute Cloud (Amazon EC2) instances and runs background jobs on AWS Elastic Beanstalk, a service for deploying and scaling web applications. The company is also using Amazon Aurora, a hosted relational database service, to store and manage customer membership and financial data.\r\nTo safely migrate its SaaS application workloads to AWS, Club Automation chose to work with Barracuda Networks, an AWS Partner Network (APN) Advanced Technology Partner with an AWS Security Competency certification. Barracuda provides firewalls engineered for AWS to help customers deploy a comprehensive security architecture and increase protection against cyberattacks and advanced threats. “I had a previous business relationship with Barracuda and was impressed with the stability of the solutions,” Longin says. Club Automation deployed Barracuda NextGen Firewalls to help secure the company’s AWS environment. The firewalls are installed on an Amazon EC2 instance in the Club Automation Amazon Virtual Private Cloud (Amazon VPC). Each firewall sits in a public subnet, protecting against unauthorized access to the private subnets where the cardholder data environment is located.\r\nClub Automation was able to easily purchase and deploy the Barracuda firewalls through the AWS Marketplace, an online store where customers can find software and services from AWS partners so they can build solutions and run their businesses.\r\n\r\n<span style=\"font-weight: bold;\">The Benefits</span>\r\n By moving its SaaS application to the AWS Cloud, Club Automation has been able to keep up with its rapid rate of growth. “AWS makes it very easy for us to scale and innovate,” says Longin. “We needed the right platform to enable growth, and we have that. Instead of having to carefully control growth because of platform limitations, we can scale on demand to support an increasing number of clubs with our application. We no longer have any restrictions on how large or fast we grow.” The company now has the agility to respond quickly to customer needs and can deploy its solutions 30–40 percent faster. Longin says, “We have to innovate by giving clubs the features they’re looking for. For example, we’re currently rolling out a new mobile app, branded by each club, and we could not have done that without using AWS and Barracuda.”\r\nClub Automation is taking advantage of Barracuda firewalls to help secure its growing number of AWS services. “We are using the Barracuda NextGen Firewalls, provisioned through the AWS Marketplace, to effectively guard our application against web-based attacks and application layer attacks,” says Longin. “The Barracuda solution plugs in seamlessly to our AWS environment, and it is doing its job of minimizing the attack surface area and helping our customers keep club member cardholder data protected.”\r\nClub Automation has also decreased the amount of time the configuration process took with its previous firewall solution. Barracuda offerings on the AWS Marketplace support AWS CloudFormation templates, which allow developers and administrators to deploy applications within a stack of AWS-related resources. <span style=\"font-weight: bold; font-style: italic;\">“The Barracuda firewall is a self-service, cloud-based solution that takes less than 15 minutes to get up and running, as opposed to the hours and sometimes days the previous solution took,” Longin says. “Provisioning new users is much simpler and faster. Instead of opening a support ticket and waiting for it to be addressed, we can just go into AWS and provision new users ourselves. This is a key benefit for us as we keep growing.”</span>\r\nRelying on Barracuda, Club Automation enabled its IT team to securely move its SaaS workloads to AWS. <span style=\"font-weight: bold; font-style: italic;\">“We had considered using a cloud solution a few years ago, but cloud offerings were not what they are today, and security solutions like Barracuda’s were not available,” says Longin. “Our move to AWS would not have been possible without Barracuda firewalls,” remarks Longin. “Using Barracuda helped us safely transition more of our workloads to AWS, and we expect our full production environment to be all-in on AWS by the end of the year.”</span>\r\nIn addition, Club Automation benefited from the ease of deployment from the AWS Marketplace.<span style=\"font-weight: bold; font-style: italic;\"> “It couldn’t have been more simple,” says Longin. “All we had to do was find the solution and then quickly configure and deploy it through the AWS Marketplace. In the software industry, it’s rare when something works as expected, but the AWS Marketplace did just that.” In the near future, Club Automation expects to use the marketplace for the upcoming Barracuda metered billing service. “With metered billing, we will be able to consume Barracuda services in the same way we consume AWS services, which will be very cost-effective for us,” </span>Longin says.\r\nPreviously, Club Automation had been holding back on expansion and had only grown through word of mouth, because it was concerned that its IT staff could not support rapid expansion. Now, using AWS, the company is poised for major growth.<span style=\"font-weight: bold; font-style: italic;\"> “We are ready and able to grow,” says Longin. “We have started hiring inside sales representatives and creating marketing plans, because we have a platform that enables scalability and expansion while also allowing us to maintain our high standards of customer service. To keep growing fast, we need agility and innovation. That’s what fueled our transition to AWS and Barracuda, and it will continue fueling our growth in this industry.”</span>","alias":"barracuda-ngfw-on-aws-for-software-provider","roi":0,"seo":{"title":"Barracuda NGFW on AWS for software provider","keywords":"Barracuda, Automation, Club, Longin, says, solution, with, that","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation drives new business growth, safely migrates its health club management application to AWS, protects customer data, and provisions firewalls in 15 minutes instead of several hours by using Barracuda NextGen Firewalls on the AWS Cloud. The organization provides cloud-based enterprise resource planning (ERP) software for health and athletic clubs throughout the United States. Club Automation migrated its applications to AWS and uses Barracuda firewalls provisioned through the AWS Marketplace.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold; \">About Club Automation</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation a leading cloudbased software provider with a mission of contributing to a healthier and more active world by empowering more-efficient health and fitness club management. Based in Chicago, the company offers a software-as-a-service (SaaS) solution that enables health and fitness clubs to run their facilities effortlessly.</span>\r\n\r\n<span style=\"font-weight: bold; \">The Challenge </span>\r\nNot long ago, Club Automation was a small upstart company in the health club software industry with a big goal: to revolutionize the entire industry with a SaaS enterprise resource planning (ERP) solution that manages all parts of a health club’s business. The company is now experiencing explosive business growth. <span style=\"font-weight: bold; font-style: italic; \">“We came into the club ERP space as an underdog, but we’ve grown extremely fast,” says Max Longin, a founding partner at the company. “About 70 percent of our total revenue as a company has come in the past year.” Even so, Longin considers this a period of “controlled growth.” “We have not really been marketing ourselves—our new customers have been coming to us through word of mouth. Our concern has been that if our systems are not ready to scale to support more growth, we could compromise performance and our customers’ experience.”</span>\r\nTo address that concern, Club Automation sought to move its SaaS application to a new cloud technology provider.<span style=\"font-weight: bold; font-style: italic; \"> “We needed more agility and scalability than we had with our previous hybrid-cloud solution, which included a secure but legacy private-cloud environment,” Longin confirms. “We had to scale ahead of required capacity, which was costly and required a lot of planning. We wanted to be more agile, so we could quickly roll out new apps and features for our customers.”</span>\r\nAs Club Automation considered new cloud technologies, it also needed to ensure strong security for its application workloads. <span style=\"font-weight: bold; font-style: italic; \">“We operate in a cardholder environment, and our solution needs to be PCI compliant and highly secure,” Longin says. “We can’t allow access to our backend systems by anyone other than our developers. We had to eliminate attack surface areas within a cloud environment, and we needed the security to enable our business to move our workloads to the cloud safely.”</span>\r\n<span style=\"font-weight: bold; \">Why Amazon Web Services </span>\r\nClub Automation decided to move its SaaS application to the Amazon Web Services (AWS) cloud, in part because AWS addressed the company’s security and performance challenges. “Previously, we were not set up to support geographic growth, because we only had a few dispersed data centers and we had challenges deploying security quickly and getting solid performance in all areas of the United States,” Longin says. “We looked at Microsoft Azure, but it wasn’t the right solution for our needs,” says Longin. “AWS fit like a glove, and it offers the best services for our business.” Club Automation runs its web servers on Amazon Elastic Compute Cloud (Amazon EC2) instances and runs background jobs on AWS Elastic Beanstalk, a service for deploying and scaling web applications. The company is also using Amazon Aurora, a hosted relational database service, to store and manage customer membership and financial data.\r\nTo safely migrate its SaaS application workloads to AWS, Club Automation chose to work with Barracuda Networks, an AWS Partner Network (APN) Advanced Technology Partner with an AWS Security Competency certification. Barracuda provides firewalls engineered for AWS to help customers deploy a comprehensive security architecture and increase protection against cyberattacks and advanced threats. “I had a previous business relationship with Barracuda and was impressed with the stability of the solutions,” Longin says. Club Automation deployed Barracuda NextGen Firewalls to help secure the company’s AWS environment. The firewalls are installed on an Amazon EC2 instance in the Club Automation Amazon Virtual Private Cloud (Amazon VPC). Each firewall sits in a public subnet, protecting against unauthorized access to the private subnets where the cardholder data environment is located.\r\nClub Automation was able to easily purchase and deploy the Barracuda firewalls through the AWS Marketplace, an online store where customers can find software and services from AWS partners so they can build solutions and run their businesses.\r\n\r\n<span style=\"font-weight: bold;\">The Benefits</span>\r\n By moving its SaaS application to the AWS Cloud, Club Automation has been able to keep up with its rapid rate of growth. “AWS makes it very easy for us to scale and innovate,” says Longin. “We needed the right platform to enable growth, and we have that. Instead of having to carefully control growth because of platform limitations, we can scale on demand to support an increasing number of clubs with our application. We no longer have any restrictions on how large or fast we grow.” The company now has the agility to respond quickly to customer needs and can deploy its solutions 30–40 percent faster. Longin says, “We have to innovate by giving clubs the features they’re looking for. For example, we’re currently rolling out a new mobile app, branded by each club, and we could not have done that without using AWS and Barracuda.”\r\nClub Automation is taking advantage of Barracuda firewalls to help secure its growing number of AWS services. “We are using the Barracuda NextGen Firewalls, provisioned through the AWS Marketplace, to effectively guard our application against web-based attacks and application layer attacks,” says Longin. “The Barracuda solution plugs in seamlessly to our AWS environment, and it is doing its job of minimizing the attack surface area and helping our customers keep club member cardholder data protected.”\r\nClub Automation has also decreased the amount of time the configuration process took with its previous firewall solution. Barracuda offerings on the AWS Marketplace support AWS CloudFormation templates, which allow developers and administrators to deploy applications within a stack of AWS-related resources. <span style=\"font-weight: bold; font-style: italic;\">“The Barracuda firewall is a self-service, cloud-based solution that takes less than 15 minutes to get up and running, as opposed to the hours and sometimes days the previous solution took,” Longin says. “Provisioning new users is much simpler and faster. Instead of opening a support ticket and waiting for it to be addressed, we can just go into AWS and provision new users ourselves. This is a key benefit for us as we keep growing.”</span>\r\nRelying on Barracuda, Club Automation enabled its IT team to securely move its SaaS workloads to AWS. <span style=\"font-weight: bold; font-style: italic;\">“We had considered using a cloud solution a few years ago, but cloud offerings were not what they are today, and security solutions like Barracuda’s were not available,” says Longin. “Our move to AWS would not have been possible without Barracuda firewalls,” remarks Longin. “Using Barracuda helped us safely transition more of our workloads to AWS, and we expect our full production environment to be all-in on AWS by the end of the year.”</span>\r\nIn addition, Club Automation benefited from the ease of deployment from the AWS Marketplace.<span style=\"font-weight: bold; font-style: italic;\"> “It couldn’t have been more simple,” says Longin. “All we had to do was find the solution and then quickly configure and deploy it through the AWS Marketplace. In the software industry, it’s rare when something works as expected, but the AWS Marketplace did just that.” In the near future, Club Automation expects to use the marketplace for the upcoming Barracuda metered billing service. “With metered billing, we will be able to consume Barracuda services in the same way we consume AWS services, which will be very cost-effective for us,” </span>Longin says.\r\nPreviously, Club Automation had been holding back on expansion and had only grown through word of mouth, because it was concerned that its IT staff could not support rapid expansion. Now, using AWS, the company is poised for major growth.<span style=\"font-weight: bold; font-style: italic;\"> “We are ready and able to grow,” says Longin. “We have started hiring inside sales representatives and creating marketing plans, because we have a platform that enables scalability and expansion while also allowing us to maintain our high standards of customer service. To keep growing fast, we need agility and innovation. That’s what fueled our transition to AWS and Barracuda, and it will continue fueling our growth in this industry.”</span>","og:title":"Barracuda NGFW on AWS for software provider","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation drives new business growth, safely migrates its health club management application to AWS, protects customer data, and provisions firewalls in 15 minutes instead of several hours by using Barracuda NextGen Firewalls on the AWS Cloud. The organization provides cloud-based enterprise resource planning (ERP) software for health and athletic clubs throughout the United States. Club Automation migrated its applications to AWS and uses Barracuda firewalls provisioned through the AWS Marketplace.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold; \">About Club Automation</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation a leading cloudbased software provider with a mission of contributing to a healthier and more active world by empowering more-efficient health and fitness club management. Based in Chicago, the company offers a software-as-a-service (SaaS) solution that enables health and fitness clubs to run their facilities effortlessly.</span>\r\n\r\n<span style=\"font-weight: bold; \">The Challenge </span>\r\nNot long ago, Club Automation was a small upstart company in the health club software industry with a big goal: to revolutionize the entire industry with a SaaS enterprise resource planning (ERP) solution that manages all parts of a health club’s business. The company is now experiencing explosive business growth. <span style=\"font-weight: bold; font-style: italic; \">“We came into the club ERP space as an underdog, but we’ve grown extremely fast,” says Max Longin, a founding partner at the company. “About 70 percent of our total revenue as a company has come in the past year.” Even so, Longin considers this a period of “controlled growth.” “We have not really been marketing ourselves—our new customers have been coming to us through word of mouth. Our concern has been that if our systems are not ready to scale to support more growth, we could compromise performance and our customers’ experience.”</span>\r\nTo address that concern, Club Automation sought to move its SaaS application to a new cloud technology provider.<span style=\"font-weight: bold; font-style: italic; \"> “We needed more agility and scalability than we had with our previous hybrid-cloud solution, which included a secure but legacy private-cloud environment,” Longin confirms. “We had to scale ahead of required capacity, which was costly and required a lot of planning. We wanted to be more agile, so we could quickly roll out new apps and features for our customers.”</span>\r\nAs Club Automation considered new cloud technologies, it also needed to ensure strong security for its application workloads. <span style=\"font-weight: bold; font-style: italic; \">“We operate in a cardholder environment, and our solution needs to be PCI compliant and highly secure,” Longin says. “We can’t allow access to our backend systems by anyone other than our developers. We had to eliminate attack surface areas within a cloud environment, and we needed the security to enable our business to move our workloads to the cloud safely.”</span>\r\n<span style=\"font-weight: bold; \">Why Amazon Web Services </span>\r\nClub Automation decided to move its SaaS application to the Amazon Web Services (AWS) cloud, in part because AWS addressed the company’s security and performance challenges. “Previously, we were not set up to support geographic growth, because we only had a few dispersed data centers and we had challenges deploying security quickly and getting solid performance in all areas of the United States,” Longin says. “We looked at Microsoft Azure, but it wasn’t the right solution for our needs,” says Longin. “AWS fit like a glove, and it offers the best services for our business.” Club Automation runs its web servers on Amazon Elastic Compute Cloud (Amazon EC2) instances and runs background jobs on AWS Elastic Beanstalk, a service for deploying and scaling web applications. The company is also using Amazon Aurora, a hosted relational database service, to store and manage customer membership and financial data.\r\nTo safely migrate its SaaS application workloads to AWS, Club Automation chose to work with Barracuda Networks, an AWS Partner Network (APN) Advanced Technology Partner with an AWS Security Competency certification. Barracuda provides firewalls engineered for AWS to help customers deploy a comprehensive security architecture and increase protection against cyberattacks and advanced threats. “I had a previous business relationship with Barracuda and was impressed with the stability of the solutions,” Longin says. Club Automation deployed Barracuda NextGen Firewalls to help secure the company’s AWS environment. The firewalls are installed on an Amazon EC2 instance in the Club Automation Amazon Virtual Private Cloud (Amazon VPC). Each firewall sits in a public subnet, protecting against unauthorized access to the private subnets where the cardholder data environment is located.\r\nClub Automation was able to easily purchase and deploy the Barracuda firewalls through the AWS Marketplace, an online store where customers can find software and services from AWS partners so they can build solutions and run their businesses.\r\n\r\n<span style=\"font-weight: bold;\">The Benefits</span>\r\n By moving its SaaS application to the AWS Cloud, Club Automation has been able to keep up with its rapid rate of growth. “AWS makes it very easy for us to scale and innovate,” says Longin. “We needed the right platform to enable growth, and we have that. Instead of having to carefully control growth because of platform limitations, we can scale on demand to support an increasing number of clubs with our application. We no longer have any restrictions on how large or fast we grow.” The company now has the agility to respond quickly to customer needs and can deploy its solutions 30–40 percent faster. Longin says, “We have to innovate by giving clubs the features they’re looking for. For example, we’re currently rolling out a new mobile app, branded by each club, and we could not have done that without using AWS and Barracuda.”\r\nClub Automation is taking advantage of Barracuda firewalls to help secure its growing number of AWS services. “We are using the Barracuda NextGen Firewalls, provisioned through the AWS Marketplace, to effectively guard our application against web-based attacks and application layer attacks,” says Longin. “The Barracuda solution plugs in seamlessly to our AWS environment, and it is doing its job of minimizing the attack surface area and helping our customers keep club member cardholder data protected.”\r\nClub Automation has also decreased the amount of time the configuration process took with its previous firewall solution. Barracuda offerings on the AWS Marketplace support AWS CloudFormation templates, which allow developers and administrators to deploy applications within a stack of AWS-related resources. <span style=\"font-weight: bold; font-style: italic;\">“The Barracuda firewall is a self-service, cloud-based solution that takes less than 15 minutes to get up and running, as opposed to the hours and sometimes days the previous solution took,” Longin says. “Provisioning new users is much simpler and faster. Instead of opening a support ticket and waiting for it to be addressed, we can just go into AWS and provision new users ourselves. This is a key benefit for us as we keep growing.”</span>\r\nRelying on Barracuda, Club Automation enabled its IT team to securely move its SaaS workloads to AWS. <span style=\"font-weight: bold; font-style: italic;\">“We had considered using a cloud solution a few years ago, but cloud offerings were not what they are today, and security solutions like Barracuda’s were not available,” says Longin. “Our move to AWS would not have been possible without Barracuda firewalls,” remarks Longin. “Using Barracuda helped us safely transition more of our workloads to AWS, and we expect our full production environment to be all-in on AWS by the end of the year.”</span>\r\nIn addition, Club Automation benefited from the ease of deployment from the AWS Marketplace.<span style=\"font-weight: bold; font-style: italic;\"> “It couldn’t have been more simple,” says Longin. “All we had to do was find the solution and then quickly configure and deploy it through the AWS Marketplace. In the software industry, it’s rare when something works as expected, but the AWS Marketplace did just that.” In the near future, Club Automation expects to use the marketplace for the upcoming Barracuda metered billing service. “With metered billing, we will be able to consume Barracuda services in the same way we consume AWS services, which will be very cost-effective for us,” </span>Longin says.\r\nPreviously, Club Automation had been holding back on expansion and had only grown through word of mouth, because it was concerned that its IT staff could not support rapid expansion. Now, using AWS, the company is poised for major growth.<span style=\"font-weight: bold; font-style: italic;\"> “We are ready and able to grow,” says Longin. “We have started hiring inside sales representatives and creating marketing plans, because we have a platform that enables scalability and expansion while also allowing us to maintain our high standards of customer service. To keep growing fast, we need agility and innovation. That’s what fueled our transition to AWS and Barracuda, and it will continue fueling our growth in this industry.”</span>"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":4196,"title":"Club Automation","logoURL":"https://roi4cio.com/uploads/roi/company/Club_Automation.png","alias":"club-automation","address":"","roles":[],"description":"Club Automation is the leading cloud-based club management software provider for the health and athletic club industry.\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation's mission is to contribute to a healthier and more active world by empowering health and fitness clubs to run their facilities effortlessly.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"> </span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">We started with our own club - now it's your turn</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation started after club owner Jeff VanDixhorn wanted something to manage all parts of his business - from front desk to back end. He partnered with developer Max Longin and together they built a web-based solution that totally transformed the way his clubs operated. They soon realized that their solution can do much more than just help his own facilities - it can revolutionize the entire industry!</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today, Club Automation is a leading cloud-based software provider that helps the health and athletic industry to manage their clubs more efficiently. </span>","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":2,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.clubautomation.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Club Automation","keywords":"Club, Automation, club, that, their, more, clubs, industry","description":"<div>Club Automation is the leading cloud-based club management software provider for the health and athletic club industry.\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation's mission is to contribute to a healthier and more active world by empowering health and fitness clubs to run their facilities effortlessly.</span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"> </span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">We started with our own club - now it's your turn</span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation started after club owner Jeff VanDixhorn wanted something to manage all parts of his business - from front desk to back end. He partnered with developer Max Longin and together they built a web-based solution that totally transformed the way his clubs operated. They soon realized that their solution can do much more than just help his own facilities - it can revolutionize the entire industry!</span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today, Club Automation is a leading cloud-based software provider that helps the health and athletic industry to manage their clubs more efficiently. </span></div>","og:title":"Club Automation","og:description":"<div>Club Automation is the leading cloud-based club management software provider for the health and athletic club industry.\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation's mission is to contribute to a healthier and more active world by empowering health and fitness clubs to run their facilities effortlessly.</span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"> </span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">We started with our own club - now it's your turn</span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Club Automation started after club owner Jeff VanDixhorn wanted something to manage all parts of his business - from front desk to back end. He partnered with developer Max Longin and together they built a web-based solution that totally transformed the way his clubs operated. They soon realized that their solution can do much more than just help his own facilities - it can revolutionize the entire industry!</span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span></div>\r\n<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today, Club Automation is a leading cloud-based software provider that helps the health and athletic industry to manage their clubs more efficiently. </span></div>","og:image":"https://roi4cio.com/uploads/roi/company/Club_Automation.png"},"eventUrl":""},"vendors":[{"id":176,"title":"Amazon Web Services","logoURL":"https://roi4cio.com/uploads/roi/company/aws_logo.png","alias":"amazon-web-services","address":"","roles":[],"description":"Amazon Web Services (AWS), a subsidiary of Amazon.com, offers a suite of cloud-computing services that make up an on-demand computing platform. These services operate from 13 geographical regions across the world. The most central and best-known of these services arguably include Amazon Elastic Compute Cloud, also known as "EC2", and Amazon Simple Storage Service, also known as "S3". As of 2016 AWS has more than 70 services, spanning a wide range, including compute, storage, networking, database, analytics, application services, deployment, management, mobile, developer tools and tools for the Internet of things. Amazon markets AWS as a service to provide large computing capacity quicker and cheaper than a client company building an actual physical server farm.","companyTypes":[],"products":{},"vendoredProductsCount":36,"suppliedProductsCount":36,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":18,"vendorImplementationsCount":25,"vendorPartnersCount":0,"supplierPartnersCount":7,"b4r":0,"categories":{},"companyUrl":"http://aws.amazon.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Amazon Web Services","keywords":"Amazon, services, known, computing, also, tools, Services, than","description":"Amazon Web Services (AWS), a subsidiary of Amazon.com, offers a suite of cloud-computing services that make up an on-demand computing platform. These services operate from 13 geographical regions across the world. The most central and best-known of these services arguably include Amazon Elastic Compute Cloud, also known as "EC2", and Amazon Simple Storage Service, also known as "S3". As of 2016 AWS has more than 70 services, spanning a wide range, including compute, storage, networking, database, analytics, application services, deployment, management, mobile, developer tools and tools for the Internet of things. Amazon markets AWS as a service to provide large computing capacity quicker and cheaper than a client company building an actual physical server farm.","og:title":"Amazon Web Services","og:description":"Amazon Web Services (AWS), a subsidiary of Amazon.com, offers a suite of cloud-computing services that make up an on-demand computing platform. These services operate from 13 geographical regions across the world. The most central and best-known of these services arguably include Amazon Elastic Compute Cloud, also known as "EC2", and Amazon Simple Storage Service, also known as "S3". As of 2016 AWS has more than 70 services, spanning a wide range, including compute, storage, networking, database, analytics, application services, deployment, management, mobile, developer tools and tools for the Internet of things. Amazon markets AWS as a service to provide large computing capacity quicker and cheaper than a client company building an actual physical server farm.","og:image":"https://roi4cio.com/uploads/roi/company/aws_logo.png"},"eventUrl":""},{"id":183,"title":"Barracuda Networks","logoURL":"https://roi4cio.com/uploads/roi/company/barracuda_logo.png","alias":"barracuda-networks","address":"","roles":[],"description":"<span style=\"background-color: rgb(255, 255, 255); \">Barracuda Networks, Inc. is a company providing security, networking and storage products based on network appliances and cloud services. The company's security products include products for protection against email, web surfing, web hackers and instant messaging threats such as spam, spyware, trojans, and viruses. The company's networking and storage products include web filtering, load balancing, application delivery controllers, message archiving, NG firewalls, backup services and data protection.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":11,"suppliedProductsCount":11,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":15,"vendorPartnersCount":0,"supplierPartnersCount":4,"b4r":1,"categories":{},"companyUrl":"www.barracuda.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Barracuda Networks","keywords":"products, company, Barracuda, include, protection, services, storage, security","description":"<span style=\"background-color: rgb(255, 255, 255); \">Barracuda Networks, Inc. is a company providing security, networking and storage products based on network appliances and cloud services. The company's security products include products for protection against email, web surfing, web hackers and instant messaging threats such as spam, spyware, trojans, and viruses. The company's networking and storage products include web filtering, load balancing, application delivery controllers, message archiving, NG firewalls, backup services and data protection.</span> ","og:title":"Barracuda Networks","og:description":"<span style=\"background-color: rgb(255, 255, 255); \">Barracuda Networks, Inc. is a company providing security, networking and storage products based on network appliances and cloud services. The company's security products include products for protection against email, web surfing, web hackers and instant messaging threats such as spam, spyware, trojans, and viruses. The company's networking and storage products include web filtering, load balancing, application delivery controllers, message archiving, NG firewalls, backup services and data protection.</span> ","og:image":"https://roi4cio.com/uploads/roi/company/barracuda_logo.png"},"eventUrl":""}],"products":[{"id":107,"logo":false,"scheme":false,"title":"Amazon EC2","vendorVerified":0,"rating":"2.00","implementationsCount":11,"suppliersCount":0,"alias":"amazon-ec2","companyTypes":[],"description":"Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.\r\nAmazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment. Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change. Amazon EC2 changes the economics of computing by allowing you to pay only for capacity that you actually use. Amazon EC2 provides developers the tools to build failure resilient applications and isolate them from common failure scenarios.<br />\r\n\r\n<span style=\"font-weight: bold;\">BENEFITS</span><br />\r\nELASTIC WEB-SCALE COMPUTING<br />\r\nAmazon EC2 enables you to increase or decrease capacity within minutes, not hours or days. You can commission one, hundreds, or even thousands of server instances simultaneously. You can also use Amazon EC2 Auto Scaling to maintain availability of your EC2 fleet and automatically scale your fleet up and down depending on its needs in order to maximize performance and minimize cost. To scale multiple services, you can use AWS Auto Scaling.<br />\r\nCOMPLETELY CONTROLLED<br />\r\nYou have complete control of your instances including root access and the ability to interact with them as you would any machine. You can stop any instance while retaining the data on the boot partition, and then subsequently restart the same instance using web service APIs. Instances can be rebooted remotely using web service APIs, and you also have access to their console output.<br />\r\nFLEXIBLE CLOUD HOSTING SERVICES<br />\r\nYou have the choice of multiple instance types, operating systems, and software packages. Amazon EC2 allows you to select a configuration of memory, CPU, instance storage, and the boot partition size that is optimal for your choice of operating system and application. For example, choice of operating systems includes numerous Linux distributions and Microsoft Windows Server.<br />\r\nINTEGRATED<br />\r\nAmazon EC2 is integrated with most AWS services such as Amazon Simple Storage Service (Amazon S3), Amazon Relational Database Service (Amazon RDS), and Amazon Virtual Private Cloud (Amazon VPC) to provide a complete, secure solution for computing, query processing, and cloud storage across a wide range of applications.<br />\r\nRELIABLE<br />\r\nAmazon EC2 offers a highly reliable environment where replacement instances can be rapidly and predictably commissioned. The service runs within Amazon’s proven network infrastructure and data centers. The Amazon EC2 Service Level Agreement commitment is 99.99% availability for each Amazon EC2 Region.<br />\r\nSECURE<br />\r\nCloud security at AWS is the highest priority. As an AWS customer, you will benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. Amazon EC2 works in conjunction with Amazon VPC to provide security and robust networking functionality for your compute resources.<br />\r\nINEXPENSIVE<br />\r\nAmazon EC2 passes on to you the financial benefits of Amazon’s scale. You pay a very low rate for the compute capacity you actually consume.<br />\r\nEASY TO START<br />\r\nThere are several ways to get started with Amazon EC2. You can use the AWS Management Console, the AWS Command Line Tools (CLI), or AWS SDKs. AWS is free to get started. ","shortDescription":"Amazon EC2 - Virtual Server Hosting\r\nAmazon Elastic Compute Cloud is a web service that provides resizable compute capacity in the cloud.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":11,"sellingCount":15,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Amazon EC2","keywords":"Amazon, your, with, instances, computing, capacity, service, have","description":"Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.\r\nAmazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment. Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change. Amazon EC2 changes the economics of computing by allowing you to pay only for capacity that you actually use. Amazon EC2 provides developers the tools to build failure resilient applications and isolate them from common failure scenarios.<br />\r\n\r\n<span style=\"font-weight: bold;\">BENEFITS</span><br />\r\nELASTIC WEB-SCALE COMPUTING<br />\r\nAmazon EC2 enables you to increase or decrease capacity within minutes, not hours or days. You can commission one, hundreds, or even thousands of server instances simultaneously. You can also use Amazon EC2 Auto Scaling to maintain availability of your EC2 fleet and automatically scale your fleet up and down depending on its needs in order to maximize performance and minimize cost. To scale multiple services, you can use AWS Auto Scaling.<br />\r\nCOMPLETELY CONTROLLED<br />\r\nYou have complete control of your instances including root access and the ability to interact with them as you would any machine. You can stop any instance while retaining the data on the boot partition, and then subsequently restart the same instance using web service APIs. Instances can be rebooted remotely using web service APIs, and you also have access to their console output.<br />\r\nFLEXIBLE CLOUD HOSTING SERVICES<br />\r\nYou have the choice of multiple instance types, operating systems, and software packages. Amazon EC2 allows you to select a configuration of memory, CPU, instance storage, and the boot partition size that is optimal for your choice of operating system and application. For example, choice of operating systems includes numerous Linux distributions and Microsoft Windows Server.<br />\r\nINTEGRATED<br />\r\nAmazon EC2 is integrated with most AWS services such as Amazon Simple Storage Service (Amazon S3), Amazon Relational Database Service (Amazon RDS), and Amazon Virtual Private Cloud (Amazon VPC) to provide a complete, secure solution for computing, query processing, and cloud storage across a wide range of applications.<br />\r\nRELIABLE<br />\r\nAmazon EC2 offers a highly reliable environment where replacement instances can be rapidly and predictably commissioned. The service runs within Amazon’s proven network infrastructure and data centers. The Amazon EC2 Service Level Agreement commitment is 99.99% availability for each Amazon EC2 Region.<br />\r\nSECURE<br />\r\nCloud security at AWS is the highest priority. As an AWS customer, you will benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. Amazon EC2 works in conjunction with Amazon VPC to provide security and robust networking functionality for your compute resources.<br />\r\nINEXPENSIVE<br />\r\nAmazon EC2 passes on to you the financial benefits of Amazon’s scale. You pay a very low rate for the compute capacity you actually consume.<br />\r\nEASY TO START<br />\r\nThere are several ways to get started with Amazon EC2. You can use the AWS Management Console, the AWS Command Line Tools (CLI), or AWS SDKs. AWS is free to get started. ","og:title":"Amazon EC2","og:description":"Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers.\r\nAmazon EC2’s simple web service interface allows you to obtain and configure capacity with minimal friction. It provides you with complete control of your computing resources and lets you run on Amazon’s proven computing environment. Amazon EC2 reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change. Amazon EC2 changes the economics of computing by allowing you to pay only for capacity that you actually use. Amazon EC2 provides developers the tools to build failure resilient applications and isolate them from common failure scenarios.<br />\r\n\r\n<span style=\"font-weight: bold;\">BENEFITS</span><br />\r\nELASTIC WEB-SCALE COMPUTING<br />\r\nAmazon EC2 enables you to increase or decrease capacity within minutes, not hours or days. You can commission one, hundreds, or even thousands of server instances simultaneously. You can also use Amazon EC2 Auto Scaling to maintain availability of your EC2 fleet and automatically scale your fleet up and down depending on its needs in order to maximize performance and minimize cost. To scale multiple services, you can use AWS Auto Scaling.<br />\r\nCOMPLETELY CONTROLLED<br />\r\nYou have complete control of your instances including root access and the ability to interact with them as you would any machine. You can stop any instance while retaining the data on the boot partition, and then subsequently restart the same instance using web service APIs. Instances can be rebooted remotely using web service APIs, and you also have access to their console output.<br />\r\nFLEXIBLE CLOUD HOSTING SERVICES<br />\r\nYou have the choice of multiple instance types, operating systems, and software packages. Amazon EC2 allows you to select a configuration of memory, CPU, instance storage, and the boot partition size that is optimal for your choice of operating system and application. For example, choice of operating systems includes numerous Linux distributions and Microsoft Windows Server.<br />\r\nINTEGRATED<br />\r\nAmazon EC2 is integrated with most AWS services such as Amazon Simple Storage Service (Amazon S3), Amazon Relational Database Service (Amazon RDS), and Amazon Virtual Private Cloud (Amazon VPC) to provide a complete, secure solution for computing, query processing, and cloud storage across a wide range of applications.<br />\r\nRELIABLE<br />\r\nAmazon EC2 offers a highly reliable environment where replacement instances can be rapidly and predictably commissioned. The service runs within Amazon’s proven network infrastructure and data centers. The Amazon EC2 Service Level Agreement commitment is 99.99% availability for each Amazon EC2 Region.<br />\r\nSECURE<br />\r\nCloud security at AWS is the highest priority. As an AWS customer, you will benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. Amazon EC2 works in conjunction with Amazon VPC to provide security and robust networking functionality for your compute resources.<br />\r\nINEXPENSIVE<br />\r\nAmazon EC2 passes on to you the financial benefits of Amazon’s scale. You pay a very low rate for the compute capacity you actually consume.<br />\r\nEASY TO START<br />\r\nThere are several ways to get started with Amazon EC2. You can use the AWS Management Console, the AWS Command Line Tools (CLI), or AWS SDKs. AWS is free to get started. "},"eventUrl":"","translationId":108,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":786,"title":"IaaS - computing","alias":"iaas-computing","description":"Cloud computing is the on demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. The term is generally used to describe data centers available to many users over the Internet. Large clouds, predominant today, often have functions distributed over multiple locations from central servers. If the connection to the user is relatively close, it may be designated an edge server.\r\nInfrastructure as a service (IaaS) are online services that provide high-level APIs used to dereference various low-level details of underlying network infrastructure like physical computing resources, location, data partitioning, scaling, security, backup etc. A hypervisor, such as Xen, Oracle VirtualBox, Oracle VM, KVM, VMware ESX/ESXi, or Hyper-V, LXD, runs the virtual machines as guests. Pools of hypervisors within the cloud operational system can support large numbers of virtual machines and the ability to scale services up and down according to customers' varying requirements.\r\nTypically IaaS involve the use of a cloud orchestration technology like Open Stack, Apache Cloudstack or Open Nebula. This manages the creation of a virtual machine and decides on which hypervisor (i.e. physical host) to start it, enables VM migration features between hosts, allocates storage volumes and attaches them to VMs, usage information for billing and lots more.\r\nAn alternative to hypervisors are Linux containers, which run in isolated partitions of a single Linux kernel running directly on the physical hardware. Linux cgroups and namespaces are the underlying Linux kernel technologies used to isolate, secure and manage the containers. Containerisation offers higher performance than virtualization, because there is no hypervisor overhead. Also, container capacity auto-scales dynamically with computing load, which eliminates the problem of over-provisioning and enables usage-based billing.\r\nIaaS clouds often offer additional resources such as a virtual-machine disk-image library, raw block storage, file or object storage, firewalls, load balancers, IP addresses, virtual local area networks (VLANs), and software bundles.\r\nThe NIST's definition of cloud computing defines Infrastructure as a Service as:\r\n<ul><li>The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications.</li><li>The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).</li></ul>\r\nAccording to the Internet Engineering Task Force (IETF), the most basic cloud-service model is that of providers offering IT infrastructure — virtual machines and other resources — as a service to subscribers.\r\nIaaS-cloud providers supply these resources on-demand from their large pools of equipment installed in data centers. For wide-area connectivity, customers can use either the Internet or carrier clouds (dedicated virtual private networks). To deploy their applications, cloud users install operating-system images and their application software on the cloud infrastructure. In this model, the cloud user patches and maintains the operating systems and the application software. Cloud providers typically bill IaaS services on a utility computing basis: cost reflects the amount of resources allocated and consumed.","materialsDescription":" <span style=\"font-weight: bold; \">Cloud Computing Basics</span>\r\nWhether you are running applications that share photos to millions of mobile users or you’re supporting the critical operations of your business, a cloud services platform provides rapid access to flexible and low cost IT resources. With cloud computing, you don’t need to make large upfront investments in hardware and spend a lot of time on the heavy lifting of managing that hardware. Instead, you can provision exactly the right type and size of computing resources you need to power your newest bright idea or operate your IT department. You can access as many resources as you need, almost instantly, and only pay for what you use.\r\n<span style=\"font-weight: bold; \">How Does Cloud Computing Work?</span>\r\nCloud computing provides a simple way to access servers, storage, databases and a broad set of application services over the Internet. A Cloud services platform such as Amazon Web Services owns and maintains the network-connected hardware required for these application services, while you provision and use what you need via a web application.\r\n<span style=\"font-weight: bold; \">Six Advantages and Benefits of Cloud Computing</span>\r\n<span style=\"font-weight: bold; \">Trade capital expense for variable expense</span>\r\nInstead of having to invest heavily in data centers and servers before you know how you’re going to use them, you can only pay when you consume computing resources, and only pay for how much you consume.\r\n<span style=\"font-weight: bold; \">Benefit from massive economies of scale</span>\r\nBy using cloud computing, you can achieve a lower variable cost than you can get on your own. Because usage from hundreds of thousands of customers are aggregated in the cloud, providers can achieve higher economies of scale which translates into lower pay as you go prices.\r\n<span style=\"font-weight: bold; \">Stop guessing capacity</span>\r\nEliminate guessing on your infrastructure capacity needs. When you make a capacity decision prior to deploying an application, you often either end up sitting on expensive idle resources or dealing with limited capacity. With cloud computing, these problems go away. You can access as much or as little as you need, and scale up and down as required with only a few minutes notice.\r\n<span style=\"font-weight: bold; \">Increase speed and agility</span>\r\nIn a cloud computing environment, new IT resources are only ever a click away, which means you reduce the time it takes to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.\r\n<span style=\"font-weight: bold; \">Stop spending money on running and maintaining data centers</span>\r\nFocus on projects that differentiate your business, not the infrastructure. Cloud computing lets you focus on your own customers, rather than on the heavy lifting of racking, stacking and powering servers.\r\n<span style=\"font-weight: bold; \">Go global in minutes</span>\r\nEasily deploy your application in multiple regions around the world with just a few clicks. This means you can provide a lower latency and better experience for your customers simply and at minimal cost.\r\n<span style=\"font-weight: bold;\">Types of Cloud Computing</span>\r\nCloud computing has three main types that are commonly referred to as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Selecting the right type of cloud computing for your needs can help you strike the right balance of control and the avoidance of undifferentiated heavy lifting.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_IaaS_computing.png"},{"id":689,"title":"Amazon Web Services","alias":"amazon-web-services","description":"Amazon Web Services (AWS) is a subsidiary of Amazon that provides on-demand cloud computing platforms to individuals, companies and governments, on a metered pay-as-you-go basis. In aggregate, these cloud computing web services provide a set of primitive, abstract technical infrastructure and distributed computing building blocks and tools. One of these services is Amazon Elastic Compute Cloud, which allows users to have at their disposal a virtual cluster of computers, available all the time, through the Internet. AWS's version of virtual computers emulate most of the attributes of a real computer including hardware (CPU(s) & GPU(s) for processing, local/RAM memory, hard-disk/SSD storage); a choice of operating systems; networking; and pre-loaded application software such as web servers, databases, CRM, etc.\r\nThe AWS technology is implemented at server farms throughout the world, and maintained by the Amazon subsidiary. Fees are based on a combination of usage, the hardware/OS/software/networking features chosen by the subscriber, required availability, redundancy, security, and service options. Subscribers can pay for a single virtual AWS computer, a dedicated physical computer, or clusters of either. As part of the subscription agreement, Amazon provides security for subscribers' system. AWS operates from many global geographical regions including 6 in North America.\r\nIn 2017, AWS comprised more than 90 services spanning a wide range including computing, storage, networking, database, analytics, application services, deployment, management, mobile, developer tools, and tools for the Internet of Things. The most popular include Amazon Elastic Compute Cloud (EC2) and Amazon Simple Storage Service (S3). Most services are not exposed directly to end users, but instead offer functionality through APIs for developers to use in their applications. Amazon Web Services' offerings are accessed over HTTP, using the REST architectural style and SOAP protocol.\r\nAmazon markets AWS to subscribers as a way of obtaining large scale computing capacity more quickly and cheaply than building an actual physical server farm. All services are billed based on usage, but each service measures usage in varying ways. As of 2017, AWS owns a dominant 34% of all cloud (IaaS, PaaS) while the next three competitors Microsoft, Google, and IBM have 11%, 8%, 6% respectively according to Synergy Group.","materialsDescription":"<span style=\"font-weight: bold;\">What is "Amazon Web Services" (AWS)?</span>\r\nWith Amazon Web Services (AWS), organizations can flexibly deploy storage space and computing capacity into Amazon's data centers without having to maintain their own hardware. A big advantage is that the infrastructure covers all dimensions for cloud computing. Whether it's video sharing, high-resolution photos, print data, or text documents, AWS can deliver IT resources on-demand, over the Internet, at a cost-per-use basis. The service exists since 2006 as a wholly owned subsidiary of Amazon Inc. The idea arose from the extensive experience with Amazon.com and the own need for platforms for web services in the cloud.\r\n<span style=\"font-weight: bold;\">What is Cloud Computing?</span>\r\nCloud Computing is a service that gives you access to expert-managed technology resources. The platform in the cloud provides the infrastructure (eg computing power, storage space) that does not have to be installed and configured in contrast to the hardware you have purchased yourself. Cloud computing only pays for the resources that are used. For example, a web shop can increase its computing power in the Christmas business and book less in "weak" months.\r\nAccess is via the Internet or VPN. There are no ongoing investment costs after the initial setup, but resources such as Virtual servers, databases or storage services are charged only after they have been used.\r\n<span style=\"font-weight: bold;\">Where is my data on Amazon AWS?</span>\r\nThere are currently eight Amazon Data Centers (AWS Regions) in different regions of the world. For each Amazon AWS resource, only the customer can decide where to use or store it. German customers typically use the data center in Ireland, which is governed by European law.\r\n<span style=\"font-weight: bold;\">How safe is my data on Amazon AWS?</span>\r\nThe customer data is stored in a highly secure infrastructure. Safety measures include, but are not limited to:\r\n<ul><li>Protection against DDos attacks (Distributed Denial of Service)</li><li>Defense against brute-force attacks on AWS accounts</li><li>Secure access: The access options are made via SSL.</li><li> Firewall: Output and access to the AWS data can be controlled.</li><li>Encrypted Data Storage: Data can be encrypted with Advanced Encryption Standard (AES) 256.</li><li>Certifications: Regular security review by independent certifications that AWS has undergone.</li></ul>\r\nEach Amazon data center (AWS region) consists of at least one Availability Zone. Availability Zones are stand-alone sub-sites that have been designed to be isolated from faults in other Availability Zones (independent power and data supply). Certain AWS resources, such as Database Services (RDS) or Storage Services (S3) automatically replicate your data within the AWS region to the different Availability Zones.\r\nAmazon AWS has appropriate certifications such as ISO27001 and has implemented a comprehensive security concept for the operation of its data center.\r\n<span style=\"font-weight: bold;\">Do I have to worry about hardware on Amazon AWS?</span>\r\nNo, all Amazon AWS resources are virtualized. Only Amazon takes care of the replacement and upgrade of hardware.\r\nNormally, you will not get anything out of defective hardware because defective storage media are exchanged by Amazon and since your data is stored multiple times redundantly, there is usually no problem either.\r\nIncidentally, if your chosen resources do not provide enough performance, you can easily get more CPU power from resources by just a few mouse clicks. You do not have to install anything new, just reboot your virtual machine or virtual database instance.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Amazon_Web_Services.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1243,"logo":false,"scheme":false,"title":"Amazon Virtual Private Cloud (VPC)","vendorVerified":0,"rating":"2.00","implementationsCount":7,"suppliersCount":0,"alias":"amazon-virtual-private-cloud-vpc","companyTypes":[],"description":"Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.\r\nYou can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your web servers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.\r\nAdditionally, you can create a Hardware Virtual Private Network (VPN) connection between your corporate data center and your VPC and leverage the AWS Cloud as an extension of your corporate data center.\r\n \r\n\r\n<span style=\"font-weight: bold;\">FEATURES</span>\r\nMULTIPLE CONNECTIVITY OPTIONS\r\nA variety of connectivity options exist for your Amazon VPC. You can connect your VPC to the Internet, to your data center, or other VPCs, based on the AWS resources that you want to expose publicly and those that you want to keep private.\r\n<ul><li>Connect directly to the Internet (public subnets)– You can launch instances into a publicly accessible subnet where they can send and receive traffic from the Internet.</li><li>Connect to the Internet using Network Address Translation (private subnets) – Private subnets can be used for instances that you do not want to be directly addressable from the Internet. Instances in a private subnet can access the Internet without exposing their private IP address by routing their traffic through a Network Address Translation (NAT) gateway in a public subnet.</li><li>Connect securely to your corporate datacenter– All traffic to and from instances in your VPC can be routed to your corporate datacenter over an industry standard, encrypted IPsec hardware VPN connection.</li><li>Connect privately to other VPCs- Peer VPCs together to share resources across multiple virtual networks owned by your or other AWS accounts.</li><li>Privately connect to AWS Services without using an Internet gateway, NAT or firewall proxy through a VPC Endpoint. Available AWS services include S3, DynamoDB, Kinesis Streams, Service Catalog, EC2 Systems Manager (SSM), Elastic Load Balancing (ELB) API, and Amazon Elastic Compute Cloud (EC2) API.</li><li>Privately connect to SaaS solutions supported by AWS PrivateLink.</li><li>Privately connect your internal services across different accounts and VPCs within your own organizations, significantly simplifying your internal network architecture.</li></ul>\r\nSECURE\r\nAmazon VPC provides advanced security features, such as security groups and network access control lists, to enable inbound and outbound filtering at the instance level and subnet level. In addition, you can store data in Amazon S3 and restrict access so that it’s only accessible from instances in your VPC. Optionally, you can also choose to launch Dedicated Instances which run on hardware dedicated to a single customer for additional isolation.\r\nSIMPLE\r\nYou can create a VPC quickly and easily using the AWS Management Console. You can select one of the common network setups that best match your needs and press "Start VPC Wizard." Subnets, IP ranges, route tables, and security groups are automatically created for you so you can concentrate on creating the applications to run in your VPC.\r\nALL THE SCALABILITY AND RELIABILITY OF AWS\r\nAmazon VPC provides all of the same benefits as the rest of the AWS platform. You can instantly scale your resources up or down, select Amazon EC2 instances types and sizes that are right for your applications, and pay only for the resources you use - all within Amazon’s proven infrastructure.","shortDescription":"Amazon Virtual Private Cloud - Provision a logically isolated section of the Amazon Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":20,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Amazon Virtual Private Cloud (VPC)","keywords":"your, Amazon, Internet, that, access, network, subnet, instances","description":"Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.\r\nYou can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your web servers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.\r\nAdditionally, you can create a Hardware Virtual Private Network (VPN) connection between your corporate data center and your VPC and leverage the AWS Cloud as an extension of your corporate data center.\r\n \r\n\r\n<span style=\"font-weight: bold;\">FEATURES</span>\r\nMULTIPLE CONNECTIVITY OPTIONS\r\nA variety of connectivity options exist for your Amazon VPC. You can connect your VPC to the Internet, to your data center, or other VPCs, based on the AWS resources that you want to expose publicly and those that you want to keep private.\r\n<ul><li>Connect directly to the Internet (public subnets)– You can launch instances into a publicly accessible subnet where they can send and receive traffic from the Internet.</li><li>Connect to the Internet using Network Address Translation (private subnets) – Private subnets can be used for instances that you do not want to be directly addressable from the Internet. Instances in a private subnet can access the Internet without exposing their private IP address by routing their traffic through a Network Address Translation (NAT) gateway in a public subnet.</li><li>Connect securely to your corporate datacenter– All traffic to and from instances in your VPC can be routed to your corporate datacenter over an industry standard, encrypted IPsec hardware VPN connection.</li><li>Connect privately to other VPCs- Peer VPCs together to share resources across multiple virtual networks owned by your or other AWS accounts.</li><li>Privately connect to AWS Services without using an Internet gateway, NAT or firewall proxy through a VPC Endpoint. Available AWS services include S3, DynamoDB, Kinesis Streams, Service Catalog, EC2 Systems Manager (SSM), Elastic Load Balancing (ELB) API, and Amazon Elastic Compute Cloud (EC2) API.</li><li>Privately connect to SaaS solutions supported by AWS PrivateLink.</li><li>Privately connect your internal services across different accounts and VPCs within your own organizations, significantly simplifying your internal network architecture.</li></ul>\r\nSECURE\r\nAmazon VPC provides advanced security features, such as security groups and network access control lists, to enable inbound and outbound filtering at the instance level and subnet level. In addition, you can store data in Amazon S3 and restrict access so that it’s only accessible from instances in your VPC. Optionally, you can also choose to launch Dedicated Instances which run on hardware dedicated to a single customer for additional isolation.\r\nSIMPLE\r\nYou can create a VPC quickly and easily using the AWS Management Console. You can select one of the common network setups that best match your needs and press "Start VPC Wizard." Subnets, IP ranges, route tables, and security groups are automatically created for you so you can concentrate on creating the applications to run in your VPC.\r\nALL THE SCALABILITY AND RELIABILITY OF AWS\r\nAmazon VPC provides all of the same benefits as the rest of the AWS platform. You can instantly scale your resources up or down, select Amazon EC2 instances types and sizes that are right for your applications, and pay only for the resources you use - all within Amazon’s proven infrastructure.","og:title":"Amazon Virtual Private Cloud (VPC)","og:description":"Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.\r\nYou can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your web servers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.\r\nAdditionally, you can create a Hardware Virtual Private Network (VPN) connection between your corporate data center and your VPC and leverage the AWS Cloud as an extension of your corporate data center.\r\n \r\n\r\n<span style=\"font-weight: bold;\">FEATURES</span>\r\nMULTIPLE CONNECTIVITY OPTIONS\r\nA variety of connectivity options exist for your Amazon VPC. You can connect your VPC to the Internet, to your data center, or other VPCs, based on the AWS resources that you want to expose publicly and those that you want to keep private.\r\n<ul><li>Connect directly to the Internet (public subnets)– You can launch instances into a publicly accessible subnet where they can send and receive traffic from the Internet.</li><li>Connect to the Internet using Network Address Translation (private subnets) – Private subnets can be used for instances that you do not want to be directly addressable from the Internet. Instances in a private subnet can access the Internet without exposing their private IP address by routing their traffic through a Network Address Translation (NAT) gateway in a public subnet.</li><li>Connect securely to your corporate datacenter– All traffic to and from instances in your VPC can be routed to your corporate datacenter over an industry standard, encrypted IPsec hardware VPN connection.</li><li>Connect privately to other VPCs- Peer VPCs together to share resources across multiple virtual networks owned by your or other AWS accounts.</li><li>Privately connect to AWS Services without using an Internet gateway, NAT or firewall proxy through a VPC Endpoint. Available AWS services include S3, DynamoDB, Kinesis Streams, Service Catalog, EC2 Systems Manager (SSM), Elastic Load Balancing (ELB) API, and Amazon Elastic Compute Cloud (EC2) API.</li><li>Privately connect to SaaS solutions supported by AWS PrivateLink.</li><li>Privately connect your internal services across different accounts and VPCs within your own organizations, significantly simplifying your internal network architecture.</li></ul>\r\nSECURE\r\nAmazon VPC provides advanced security features, such as security groups and network access control lists, to enable inbound and outbound filtering at the instance level and subnet level. In addition, you can store data in Amazon S3 and restrict access so that it’s only accessible from instances in your VPC. Optionally, you can also choose to launch Dedicated Instances which run on hardware dedicated to a single customer for additional isolation.\r\nSIMPLE\r\nYou can create a VPC quickly and easily using the AWS Management Console. You can select one of the common network setups that best match your needs and press "Start VPC Wizard." Subnets, IP ranges, route tables, and security groups are automatically created for you so you can concentrate on creating the applications to run in your VPC.\r\nALL THE SCALABILITY AND RELIABILITY OF AWS\r\nAmazon VPC provides all of the same benefits as the rest of the AWS platform. You can instantly scale your resources up or down, select Amazon EC2 instances types and sizes that are right for your applications, and pay only for the resources you use - all within Amazon’s proven infrastructure."},"eventUrl":"","translationId":1244,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":2,"title":"Virtual machine and cloud system software","alias":"virtual-machine-and-cloud-system-software","description":" A virtual machine (VM) is a software-based computer that exists within another computer’s operating system, often used for the purposes of testing, backing up data, or running SaaS applications. To fully grasp how VMs work, it’s important to first understand how computer software and hardware are typically integrated by an operating system.\r\n"The cloud" refers to servers that are accessed over the Internet, and the software and databases that run on those servers. Cloud servers are located in data centers all over the world. By using cloud computing, users and companies don't have to manage physical servers themselves or run software applications on their own machines.\r\nThe cloud enables users to access the same files and applications from almost any device, because the computing and storage take place on servers in a data center, instead of locally on the user device. This is why a user can log into their Instagram account on a new phone after their old phone breaks and still find their old account in place, with all their photos, videos, and conversation history. It works the same way with cloud email providers like Gmail or Microsoft Office 365, and with cloud storage providers like Dropbox or Google Drive.\r\nFor businesses, switching to cloud computing removes some IT costs and overhead: for instance, they no longer need to update and maintain their own servers, as the cloud vendor they are using will do that. This especially makes an impact on small businesses that may not have been able to afford their own internal infrastructure but can outsource their infrastructure needs affordably via the cloud. The cloud can also make it easier for companies to operate internationally because employees and customers can access the same files and applications from any location.\r\nSeveral cloud providers offer virtual machines to their customers. These virtual machines typically live on powerful servers that can act as a host to multiple VMs and can be used for a variety of reasons that wouldn’t be practical with a locally-hosted VM. These include:\r\n<ul><li>Running SaaS applications - Software-as-a-Service, or SaaS for short, is a cloud-based method of providing software to users. SaaS users subscribe to an application rather than purchasing it once and installing it. These applications are generally served to the user over the Internet. Often, it is virtual machines in the cloud that are doing the computation for SaaS applications as well as delivering them to users. If the cloud provider has a geographically distributed network edge, then the application will run closer to the user, resulting in faster performance.</li><li>Backing up data - Cloud-based VM services are very popular for backing up data because the data can be accessed from anywhere. Plus, cloud VMs provide better redundancy, require less maintenance, and generally scale better than physical data centers. (For example, it’s generally fairly easy to buy an extra gigabyte of storage space from a cloud VM provider, but much more difficult to build a new local data server for that extra gigabyte of data.)</li><li>Hosting services like email and access management - Hosting these services on cloud VMs is generally faster and more cost-effective, and helps minimize maintenance and offload security concerns as well.</li></ul>","materialsDescription":"What is an operating system?\r\nTraditional computers are built out of physical hardware, including hard disk drives, processor chips, RAM, etc. In order to utilize this hardware, computers rely on a type of software known as an operating system (OS). Some common examples of OSes are Mac OSX, Microsoft Windows, Linux, and Android.\r\nThe OS is what manages the computer’s hardware in ways that are useful to the user. For example, if the user wants to access the Internet, the OS directs the network interface card to make the connection. If the user wants to download a file, the OS will partition space on the hard drive for that file. The OS also runs and manages other pieces of software. For example, it can run a web browser and provide the browser with enough random access memory (RAM) to operate smoothly. Typically, operating systems exist within a physical computer at a one-to-one ratio; for each machine, there is a single OS managing its physical resources.\r\n<span style=\"font-weight: bold;\">Can you have two or more operating systems on one computer?</span>\r\nSome users want to be able to run multiple operating systems simultaneously on one computer, either for testing or one of the other reasons listed in the section below. This can be achieved through a process called virtualization. In virtualization, a piece of software behaves as if it were an independent computer. This piece of software is called a virtual machine, also known as a ‘guest’ computer. (The computer on which the VM is running is called the ‘host’.) The guest has an OS as well as its own virtual hardware.\r\n‘Virtual hardware’ may sound like a bit of an oxymoron, but it works by mapping to real hardware on the host computer. For example, the VM’s ‘hard drive’ is really just a file on the host computer’s hard drive. When the VM wants to save a new file, it actually has to communicate with the host OS, which will write this file to the host hard drive. Because virtual hardware must perform this added step of negotiating with the host to access hardware resources, virtual machines can’t run quite as fast as their host computers.\r\nWith virtualization, one computer can run two or more operating systems. The number of VMs that can run on one host is limited only by the host’s available resources. The user can run the OS of a VM in a window like any other program, or they can run it in fullscreen so that it looks and feels like a genuine host OS.\r\n <span style=\"font-weight: bold; \">What are virtual machines used for?</span>\r\nSome of the most popular reasons people run virtual machines include:\r\n<span style=\"font-weight: bold; \">Testing</span> - Oftentimes software developers want to be able to test their applications in different environments. They can use virtual machines to run their applications in various OSes on one computer. This is simpler and more cost-effective than having to test on several different physical machines.\r\n<span style=\"font-weight: bold; \">Running software designed for other OSes</span> - Although certain software applications are only available for a single platform, a VM can run software designed for a different OS. For example, a Mac user who wants to run software designed for Windows can run a Windows VM on their Mac host.\r\n<span style=\"font-weight: bold; \">Running outdated software</span> - Some pieces of older software can’t be run in modern OSes. Users who want to run these applications can run an old OS on a virtual machine.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Virtual_machine_and_cloud_system_software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1399,"logo":false,"scheme":false,"title":"Barracuda NextGen Firewall (NGFW)","vendorVerified":0,"rating":"3.00","implementationsCount":4,"suppliersCount":0,"alias":"barracuda-nextgen-firewall-ngfw","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Next-Generation Firewalls for the Cloud Era</span>\r\nIn the cloud era, network firewalls must do more than secure your network. They must also ensure you have uninterrupted network availability and robust access to cloud-hosted applications. The Barracuda NextGen Firewall F-Series is a family of hardware, virtual, and cloud-based appliances that protect and enhance your dispersed network infrastructure. They deliver advanced security by tightly integrating a comprehensive set of next-generation firewall technologies, including Layer 7 application profiling, intrusion prevention, web filtering, malware and advanced threat protection, antispam protection, and network access control. In addition, the F-Series combines highly resilient VPN technology with intelligent traffic management and WAN optimization capabilities. This lets you reduce line costs, increase overall network availability, improve site-to-site connectivity, and ensure uninterrupted access to applications hosted in the cloud. Scalable centralized management helps you reduce administrative overhead while defining and enforcing granular policies across your entire dispersed network. The F-Series cloud-ready firewalls are ideal for multi-site enterprises, managed service providers, and other organizations with complex, dispersed network infrastructures.\r\n<span style=\"font-weight: bold;\">Security for the Cloud Era</span>\r\nSecurity paradigms are shifting—and securing your network perimeter is no longer good enough. In the cloud era, workloads happen everywhere, users are increasingly mobile, and potential attack surfaces are multiplying. Barracuda NextGen Firewall F-Series is purpose-built to deal with the challenges of securing widely distributed networks.\r\n<span style=\"font-weight: bold;\">Advanced Threat Protection</span>\r\nIn today's constantly evolving threat landscape, your organization faces zero-hour malware exploits and advanced persistent threats that routinely bypass traditional, signature-based IPS and antivirus engines. Barracuda Advanced Threat Protection gives your security infrastructure the ability to identify and block new, sophisticated threats-without affecting network performance and throughput.\r\n<span style=\"font-weight: bold;\">Secure SD-WAN..</span>\r\nBarracuda Cloud Era Firewalls include full next gen Security paired with all network optimization and management functionality today known as Secure SD-WAN. This includes true zero touch deployment (ZTD), dynamic bandwidth measurement, performance based transport selection, application specific routing and even data duplication and WAN optimization technology. VPN tunnels between sites can make use of multiple uplinks simultaneously and dynamically assign the best path for the application.\r\n<span style=\"font-weight: bold;\">This enables:</span>\r\n\r\n<ul> <li>Balancing of Internet traffic across multiple uplinks to minimize downtime and improve performance</li> <li>VPN across multiple broadband connections and MPLs replacement</li> <li>Up to 24 physical uplinks to create highly redundant VPN tunnels</li> <li>Replacing network backhauling central policy enforcement architectures with direct internet break outs</li> <li>Faster access to cloud applications like office365 by dynamically prioritizing them over non-critical traffic</li> <li>Guaranteed users' access to critical applications through granular policy controls</li> <li>Increased available bandwidth with built-in traffic compression and data deduplication</li> <li>Auto creation of VPN tunnels between spokes in a hub-and-spoke architecture to enhance connection quality for latency-sensitive traffic</li> </ul>\r\n<span style=\"font-weight: bold;\">Why Barracuda NextGen Firewall?</span> When selecting security technology, it is critical that your products are supported by people who take your data security as seriously as you do. The Barracuda NextGen Firewall is supported by our award-winning 24x7 technical support staffed by in-house security engineers with no phone trees. Help is always a phone call away. Hundreds of thousands of organizations around the globe rely on Barracuda to protect their applications, networks, and data. The Barracuda NextGen Firewall is part of a comprehensive line of data protection, network firewall, and security products and services designed for organizations seeking robust yet affordable protection from ever-increasing cyber threats.\r\n<span style=\"font-style: italic;\">Source: https://www.barracuda.com/products/nextgenfirewall_f</span>","shortDescription":"Barracuda's Next Generation Firewalls redefine the role of the Firewall from a perimeter security solution to a distributed network optimization solution that scales across any number of locations.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":5,"discontinued":0,"rebateForPoc":0,"rebate":5,"seo":{"title":"Barracuda NextGen Firewall (NGFW)","keywords":"","description":"<span style=\"font-weight: bold;\">Next-Generation Firewalls for the Cloud Era</span>\r\nIn the cloud era, network firewalls must do more than secure your network. They must also ensure you have uninterrupted network availability and robust access to cloud-hosted applications. The Barracuda NextGen Firewall F-Series is a family of hardware, virtual, and cloud-based appliances that protect and enhance your dispersed network infrastructure. They deliver advanced security by tightly integrating a comprehensive set of next-generation firewall technologies, including Layer 7 application profiling, intrusion prevention, web filtering, malware and advanced threat protection, antispam protection, and network access control. In addition, the F-Series combines highly resilient VPN technology with intelligent traffic management and WAN optimization capabilities. This lets you reduce line costs, increase overall network availability, improve site-to-site connectivity, and ensure uninterrupted access to applications hosted in the cloud. Scalable centralized management helps you reduce administrative overhead while defining and enforcing granular policies across your entire dispersed network. The F-Series cloud-ready firewalls are ideal for multi-site enterprises, managed service providers, and other organizations with complex, dispersed network infrastructures.\r\n<span style=\"font-weight: bold;\">Security for the Cloud Era</span>\r\nSecurity paradigms are shifting—and securing your network perimeter is no longer good enough. In the cloud era, workloads happen everywhere, users are increasingly mobile, and potential attack surfaces are multiplying. Barracuda NextGen Firewall F-Series is purpose-built to deal with the challenges of securing widely distributed networks.\r\n<span style=\"font-weight: bold;\">Advanced Threat Protection</span>\r\nIn today's constantly evolving threat landscape, your organization faces zero-hour malware exploits and advanced persistent threats that routinely bypass traditional, signature-based IPS and antivirus engines. Barracuda Advanced Threat Protection gives your security infrastructure the ability to identify and block new, sophisticated threats-without affecting network performance and throughput.\r\n<span style=\"font-weight: bold;\">Secure SD-WAN..</span>\r\nBarracuda Cloud Era Firewalls include full next gen Security paired with all network optimization and management functionality today known as Secure SD-WAN. This includes true zero touch deployment (ZTD), dynamic bandwidth measurement, performance based transport selection, application specific routing and even data duplication and WAN optimization technology. VPN tunnels between sites can make use of multiple uplinks simultaneously and dynamically assign the best path for the application.\r\n<span style=\"font-weight: bold;\">This enables:</span>\r\n\r\n<ul> <li>Balancing of Internet traffic across multiple uplinks to minimize downtime and improve performance</li> <li>VPN across multiple broadband connections and MPLs replacement</li> <li>Up to 24 physical uplinks to create highly redundant VPN tunnels</li> <li>Replacing network backhauling central policy enforcement architectures with direct internet break outs</li> <li>Faster access to cloud applications like office365 by dynamically prioritizing them over non-critical traffic</li> <li>Guaranteed users' access to critical applications through granular policy controls</li> <li>Increased available bandwidth with built-in traffic compression and data deduplication</li> <li>Auto creation of VPN tunnels between spokes in a hub-and-spoke architecture to enhance connection quality for latency-sensitive traffic</li> </ul>\r\n<span style=\"font-weight: bold;\">Why Barracuda NextGen Firewall?</span> When selecting security technology, it is critical that your products are supported by people who take your data security as seriously as you do. The Barracuda NextGen Firewall is supported by our award-winning 24x7 technical support staffed by in-house security engineers with no phone trees. Help is always a phone call away. Hundreds of thousands of organizations around the globe rely on Barracuda to protect their applications, networks, and data. The Barracuda NextGen Firewall is part of a comprehensive line of data protection, network firewall, and security products and services designed for organizations seeking robust yet affordable protection from ever-increasing cyber threats.\r\n<span style=\"font-style: italic;\">Source: https://www.barracuda.com/products/nextgenfirewall_f</span>","og:title":"Barracuda NextGen Firewall (NGFW)","og:description":"<span style=\"font-weight: bold;\">Next-Generation Firewalls for the Cloud Era</span>\r\nIn the cloud era, network firewalls must do more than secure your network. They must also ensure you have uninterrupted network availability and robust access to cloud-hosted applications. The Barracuda NextGen Firewall F-Series is a family of hardware, virtual, and cloud-based appliances that protect and enhance your dispersed network infrastructure. They deliver advanced security by tightly integrating a comprehensive set of next-generation firewall technologies, including Layer 7 application profiling, intrusion prevention, web filtering, malware and advanced threat protection, antispam protection, and network access control. In addition, the F-Series combines highly resilient VPN technology with intelligent traffic management and WAN optimization capabilities. This lets you reduce line costs, increase overall network availability, improve site-to-site connectivity, and ensure uninterrupted access to applications hosted in the cloud. Scalable centralized management helps you reduce administrative overhead while defining and enforcing granular policies across your entire dispersed network. The F-Series cloud-ready firewalls are ideal for multi-site enterprises, managed service providers, and other organizations with complex, dispersed network infrastructures.\r\n<span style=\"font-weight: bold;\">Security for the Cloud Era</span>\r\nSecurity paradigms are shifting—and securing your network perimeter is no longer good enough. In the cloud era, workloads happen everywhere, users are increasingly mobile, and potential attack surfaces are multiplying. Barracuda NextGen Firewall F-Series is purpose-built to deal with the challenges of securing widely distributed networks.\r\n<span style=\"font-weight: bold;\">Advanced Threat Protection</span>\r\nIn today's constantly evolving threat landscape, your organization faces zero-hour malware exploits and advanced persistent threats that routinely bypass traditional, signature-based IPS and antivirus engines. Barracuda Advanced Threat Protection gives your security infrastructure the ability to identify and block new, sophisticated threats-without affecting network performance and throughput.\r\n<span style=\"font-weight: bold;\">Secure SD-WAN..</span>\r\nBarracuda Cloud Era Firewalls include full next gen Security paired with all network optimization and management functionality today known as Secure SD-WAN. This includes true zero touch deployment (ZTD), dynamic bandwidth measurement, performance based transport selection, application specific routing and even data duplication and WAN optimization technology. VPN tunnels between sites can make use of multiple uplinks simultaneously and dynamically assign the best path for the application.\r\n<span style=\"font-weight: bold;\">This enables:</span>\r\n\r\n<ul> <li>Balancing of Internet traffic across multiple uplinks to minimize downtime and improve performance</li> <li>VPN across multiple broadband connections and MPLs replacement</li> <li>Up to 24 physical uplinks to create highly redundant VPN tunnels</li> <li>Replacing network backhauling central policy enforcement architectures with direct internet break outs</li> <li>Faster access to cloud applications like office365 by dynamically prioritizing them over non-critical traffic</li> <li>Guaranteed users' access to critical applications through granular policy controls</li> <li>Increased available bandwidth with built-in traffic compression and data deduplication</li> <li>Auto creation of VPN tunnels between spokes in a hub-and-spoke architecture to enhance connection quality for latency-sensitive traffic</li> </ul>\r\n<span style=\"font-weight: bold;\">Why Barracuda NextGen Firewall?</span> When selecting security technology, it is critical that your products are supported by people who take your data security as seriously as you do. The Barracuda NextGen Firewall is supported by our award-winning 24x7 technical support staffed by in-house security engineers with no phone trees. Help is always a phone call away. Hundreds of thousands of organizations around the globe rely on Barracuda to protect their applications, networks, and data. The Barracuda NextGen Firewall is part of a comprehensive line of data protection, network firewall, and security products and services designed for organizations seeking robust yet affordable protection from ever-increasing cyber threats.\r\n<span style=\"font-style: italic;\">Source: https://www.barracuda.com/products/nextgenfirewall_f</span>"},"eventUrl":"","translationId":1400,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-1","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":281,"title":"No IT security guidelines"},{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"}]}},"categories":[{"id":786,"title":"IaaS - computing","alias":"iaas-computing","description":"Cloud computing is the on demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. The term is generally used to describe data centers available to many users over the Internet. Large clouds, predominant today, often have functions distributed over multiple locations from central servers. If the connection to the user is relatively close, it may be designated an edge server.\r\nInfrastructure as a service (IaaS) are online services that provide high-level APIs used to dereference various low-level details of underlying network infrastructure like physical computing resources, location, data partitioning, scaling, security, backup etc. A hypervisor, such as Xen, Oracle VirtualBox, Oracle VM, KVM, VMware ESX/ESXi, or Hyper-V, LXD, runs the virtual machines as guests. Pools of hypervisors within the cloud operational system can support large numbers of virtual machines and the ability to scale services up and down according to customers' varying requirements.\r\nTypically IaaS involve the use of a cloud orchestration technology like Open Stack, Apache Cloudstack or Open Nebula. This manages the creation of a virtual machine and decides on which hypervisor (i.e. physical host) to start it, enables VM migration features between hosts, allocates storage volumes and attaches them to VMs, usage information for billing and lots more.\r\nAn alternative to hypervisors are Linux containers, which run in isolated partitions of a single Linux kernel running directly on the physical hardware. Linux cgroups and namespaces are the underlying Linux kernel technologies used to isolate, secure and manage the containers. Containerisation offers higher performance than virtualization, because there is no hypervisor overhead. Also, container capacity auto-scales dynamically with computing load, which eliminates the problem of over-provisioning and enables usage-based billing.\r\nIaaS clouds often offer additional resources such as a virtual-machine disk-image library, raw block storage, file or object storage, firewalls, load balancers, IP addresses, virtual local area networks (VLANs), and software bundles.\r\nThe NIST's definition of cloud computing defines Infrastructure as a Service as:\r\n<ul><li>The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications.</li><li>The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed applications; and possibly limited control of select networking components (e.g., host firewalls).</li></ul>\r\nAccording to the Internet Engineering Task Force (IETF), the most basic cloud-service model is that of providers offering IT infrastructure — virtual machines and other resources — as a service to subscribers.\r\nIaaS-cloud providers supply these resources on-demand from their large pools of equipment installed in data centers. For wide-area connectivity, customers can use either the Internet or carrier clouds (dedicated virtual private networks). To deploy their applications, cloud users install operating-system images and their application software on the cloud infrastructure. In this model, the cloud user patches and maintains the operating systems and the application software. Cloud providers typically bill IaaS services on a utility computing basis: cost reflects the amount of resources allocated and consumed.","materialsDescription":" <span style=\"font-weight: bold; \">Cloud Computing Basics</span>\r\nWhether you are running applications that share photos to millions of mobile users or you’re supporting the critical operations of your business, a cloud services platform provides rapid access to flexible and low cost IT resources. With cloud computing, you don’t need to make large upfront investments in hardware and spend a lot of time on the heavy lifting of managing that hardware. Instead, you can provision exactly the right type and size of computing resources you need to power your newest bright idea or operate your IT department. You can access as many resources as you need, almost instantly, and only pay for what you use.\r\n<span style=\"font-weight: bold; \">How Does Cloud Computing Work?</span>\r\nCloud computing provides a simple way to access servers, storage, databases and a broad set of application services over the Internet. A Cloud services platform such as Amazon Web Services owns and maintains the network-connected hardware required for these application services, while you provision and use what you need via a web application.\r\n<span style=\"font-weight: bold; \">Six Advantages and Benefits of Cloud Computing</span>\r\n<span style=\"font-weight: bold; \">Trade capital expense for variable expense</span>\r\nInstead of having to invest heavily in data centers and servers before you know how you’re going to use them, you can only pay when you consume computing resources, and only pay for how much you consume.\r\n<span style=\"font-weight: bold; \">Benefit from massive economies of scale</span>\r\nBy using cloud computing, you can achieve a lower variable cost than you can get on your own. Because usage from hundreds of thousands of customers are aggregated in the cloud, providers can achieve higher economies of scale which translates into lower pay as you go prices.\r\n<span style=\"font-weight: bold; \">Stop guessing capacity</span>\r\nEliminate guessing on your infrastructure capacity needs. When you make a capacity decision prior to deploying an application, you often either end up sitting on expensive idle resources or dealing with limited capacity. With cloud computing, these problems go away. You can access as much or as little as you need, and scale up and down as required with only a few minutes notice.\r\n<span style=\"font-weight: bold; \">Increase speed and agility</span>\r\nIn a cloud computing environment, new IT resources are only ever a click away, which means you reduce the time it takes to make those resources available to your developers from weeks to just minutes. This results in a dramatic increase in agility for the organization, since the cost and time it takes to experiment and develop is significantly lower.\r\n<span style=\"font-weight: bold; \">Stop spending money on running and maintaining data centers</span>\r\nFocus on projects that differentiate your business, not the infrastructure. Cloud computing lets you focus on your own customers, rather than on the heavy lifting of racking, stacking and powering servers.\r\n<span style=\"font-weight: bold; \">Go global in minutes</span>\r\nEasily deploy your application in multiple regions around the world with just a few clicks. This means you can provide a lower latency and better experience for your customers simply and at minimal cost.\r\n<span style=\"font-weight: bold;\">Types of Cloud Computing</span>\r\nCloud computing has three main types that are commonly referred to as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Selecting the right type of cloud computing for your needs can help you strike the right balance of control and the avoidance of undifferentiated heavy lifting.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_IaaS_computing.png"},{"id":689,"title":"Amazon Web Services","alias":"amazon-web-services","description":"Amazon Web Services (AWS) is a subsidiary of Amazon that provides on-demand cloud computing platforms to individuals, companies and governments, on a metered pay-as-you-go basis. In aggregate, these cloud computing web services provide a set of primitive, abstract technical infrastructure and distributed computing building blocks and tools. One of these services is Amazon Elastic Compute Cloud, which allows users to have at their disposal a virtual cluster of computers, available all the time, through the Internet. AWS's version of virtual computers emulate most of the attributes of a real computer including hardware (CPU(s) & GPU(s) for processing, local/RAM memory, hard-disk/SSD storage); a choice of operating systems; networking; and pre-loaded application software such as web servers, databases, CRM, etc.\r\nThe AWS technology is implemented at server farms throughout the world, and maintained by the Amazon subsidiary. Fees are based on a combination of usage, the hardware/OS/software/networking features chosen by the subscriber, required availability, redundancy, security, and service options. Subscribers can pay for a single virtual AWS computer, a dedicated physical computer, or clusters of either. As part of the subscription agreement, Amazon provides security for subscribers' system. AWS operates from many global geographical regions including 6 in North America.\r\nIn 2017, AWS comprised more than 90 services spanning a wide range including computing, storage, networking, database, analytics, application services, deployment, management, mobile, developer tools, and tools for the Internet of Things. The most popular include Amazon Elastic Compute Cloud (EC2) and Amazon Simple Storage Service (S3). Most services are not exposed directly to end users, but instead offer functionality through APIs for developers to use in their applications. Amazon Web Services' offerings are accessed over HTTP, using the REST architectural style and SOAP protocol.\r\nAmazon markets AWS to subscribers as a way of obtaining large scale computing capacity more quickly and cheaply than building an actual physical server farm. All services are billed based on usage, but each service measures usage in varying ways. As of 2017, AWS owns a dominant 34% of all cloud (IaaS, PaaS) while the next three competitors Microsoft, Google, and IBM have 11%, 8%, 6% respectively according to Synergy Group.","materialsDescription":"<span style=\"font-weight: bold;\">What is "Amazon Web Services" (AWS)?</span>\r\nWith Amazon Web Services (AWS), organizations can flexibly deploy storage space and computing capacity into Amazon's data centers without having to maintain their own hardware. A big advantage is that the infrastructure covers all dimensions for cloud computing. Whether it's video sharing, high-resolution photos, print data, or text documents, AWS can deliver IT resources on-demand, over the Internet, at a cost-per-use basis. The service exists since 2006 as a wholly owned subsidiary of Amazon Inc. The idea arose from the extensive experience with Amazon.com and the own need for platforms for web services in the cloud.\r\n<span style=\"font-weight: bold;\">What is Cloud Computing?</span>\r\nCloud Computing is a service that gives you access to expert-managed technology resources. The platform in the cloud provides the infrastructure (eg computing power, storage space) that does not have to be installed and configured in contrast to the hardware you have purchased yourself. Cloud computing only pays for the resources that are used. For example, a web shop can increase its computing power in the Christmas business and book less in "weak" months.\r\nAccess is via the Internet or VPN. There are no ongoing investment costs after the initial setup, but resources such as Virtual servers, databases or storage services are charged only after they have been used.\r\n<span style=\"font-weight: bold;\">Where is my data on Amazon AWS?</span>\r\nThere are currently eight Amazon Data Centers (AWS Regions) in different regions of the world. For each Amazon AWS resource, only the customer can decide where to use or store it. German customers typically use the data center in Ireland, which is governed by European law.\r\n<span style=\"font-weight: bold;\">How safe is my data on Amazon AWS?</span>\r\nThe customer data is stored in a highly secure infrastructure. Safety measures include, but are not limited to:\r\n<ul><li>Protection against DDos attacks (Distributed Denial of Service)</li><li>Defense against brute-force attacks on AWS accounts</li><li>Secure access: The access options are made via SSL.</li><li> Firewall: Output and access to the AWS data can be controlled.</li><li>Encrypted Data Storage: Data can be encrypted with Advanced Encryption Standard (AES) 256.</li><li>Certifications: Regular security review by independent certifications that AWS has undergone.</li></ul>\r\nEach Amazon data center (AWS region) consists of at least one Availability Zone. Availability Zones are stand-alone sub-sites that have been designed to be isolated from faults in other Availability Zones (independent power and data supply). Certain AWS resources, such as Database Services (RDS) or Storage Services (S3) automatically replicate your data within the AWS region to the different Availability Zones.\r\nAmazon AWS has appropriate certifications such as ISO27001 and has implemented a comprehensive security concept for the operation of its data center.\r\n<span style=\"font-weight: bold;\">Do I have to worry about hardware on Amazon AWS?</span>\r\nNo, all Amazon AWS resources are virtualized. Only Amazon takes care of the replacement and upgrade of hardware.\r\nNormally, you will not get anything out of defective hardware because defective storage media are exchanged by Amazon and since your data is stored multiple times redundantly, there is usually no problem either.\r\nIncidentally, if your chosen resources do not provide enough performance, you can easily get more CPU power from resources by just a few mouse clicks. You do not have to install anything new, just reboot your virtual machine or virtual database instance.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Amazon_Web_Services.png"},{"id":2,"title":"Virtual machine and cloud system software","alias":"virtual-machine-and-cloud-system-software","description":" A virtual machine (VM) is a software-based computer that exists within another computer’s operating system, often used for the purposes of testing, backing up data, or running SaaS applications. To fully grasp how VMs work, it’s important to first understand how computer software and hardware are typically integrated by an operating system.\r\n"The cloud" refers to servers that are accessed over the Internet, and the software and databases that run on those servers. Cloud servers are located in data centers all over the world. By using cloud computing, users and companies don't have to manage physical servers themselves or run software applications on their own machines.\r\nThe cloud enables users to access the same files and applications from almost any device, because the computing and storage take place on servers in a data center, instead of locally on the user device. This is why a user can log into their Instagram account on a new phone after their old phone breaks and still find their old account in place, with all their photos, videos, and conversation history. It works the same way with cloud email providers like Gmail or Microsoft Office 365, and with cloud storage providers like Dropbox or Google Drive.\r\nFor businesses, switching to cloud computing removes some IT costs and overhead: for instance, they no longer need to update and maintain their own servers, as the cloud vendor they are using will do that. This especially makes an impact on small businesses that may not have been able to afford their own internal infrastructure but can outsource their infrastructure needs affordably via the cloud. The cloud can also make it easier for companies to operate internationally because employees and customers can access the same files and applications from any location.\r\nSeveral cloud providers offer virtual machines to their customers. These virtual machines typically live on powerful servers that can act as a host to multiple VMs and can be used for a variety of reasons that wouldn’t be practical with a locally-hosted VM. These include:\r\n<ul><li>Running SaaS applications - Software-as-a-Service, or SaaS for short, is a cloud-based method of providing software to users. SaaS users subscribe to an application rather than purchasing it once and installing it. These applications are generally served to the user over the Internet. Often, it is virtual machines in the cloud that are doing the computation for SaaS applications as well as delivering them to users. If the cloud provider has a geographically distributed network edge, then the application will run closer to the user, resulting in faster performance.</li><li>Backing up data - Cloud-based VM services are very popular for backing up data because the data can be accessed from anywhere. Plus, cloud VMs provide better redundancy, require less maintenance, and generally scale better than physical data centers. (For example, it’s generally fairly easy to buy an extra gigabyte of storage space from a cloud VM provider, but much more difficult to build a new local data server for that extra gigabyte of data.)</li><li>Hosting services like email and access management - Hosting these services on cloud VMs is generally faster and more cost-effective, and helps minimize maintenance and offload security concerns as well.</li></ul>","materialsDescription":"What is an operating system?\r\nTraditional computers are built out of physical hardware, including hard disk drives, processor chips, RAM, etc. In order to utilize this hardware, computers rely on a type of software known as an operating system (OS). Some common examples of OSes are Mac OSX, Microsoft Windows, Linux, and Android.\r\nThe OS is what manages the computer’s hardware in ways that are useful to the user. For example, if the user wants to access the Internet, the OS directs the network interface card to make the connection. If the user wants to download a file, the OS will partition space on the hard drive for that file. The OS also runs and manages other pieces of software. For example, it can run a web browser and provide the browser with enough random access memory (RAM) to operate smoothly. Typically, operating systems exist within a physical computer at a one-to-one ratio; for each machine, there is a single OS managing its physical resources.\r\n<span style=\"font-weight: bold;\">Can you have two or more operating systems on one computer?</span>\r\nSome users want to be able to run multiple operating systems simultaneously on one computer, either for testing or one of the other reasons listed in the section below. This can be achieved through a process called virtualization. In virtualization, a piece of software behaves as if it were an independent computer. This piece of software is called a virtual machine, also known as a ‘guest’ computer. (The computer on which the VM is running is called the ‘host’.) The guest has an OS as well as its own virtual hardware.\r\n‘Virtual hardware’ may sound like a bit of an oxymoron, but it works by mapping to real hardware on the host computer. For example, the VM’s ‘hard drive’ is really just a file on the host computer’s hard drive. When the VM wants to save a new file, it actually has to communicate with the host OS, which will write this file to the host hard drive. Because virtual hardware must perform this added step of negotiating with the host to access hardware resources, virtual machines can’t run quite as fast as their host computers.\r\nWith virtualization, one computer can run two or more operating systems. The number of VMs that can run on one host is limited only by the host’s available resources. The user can run the OS of a VM in a window like any other program, or they can run it in fullscreen so that it looks and feels like a genuine host OS.\r\n <span style=\"font-weight: bold; \">What are virtual machines used for?</span>\r\nSome of the most popular reasons people run virtual machines include:\r\n<span style=\"font-weight: bold; \">Testing</span> - Oftentimes software developers want to be able to test their applications in different environments. They can use virtual machines to run their applications in various OSes on one computer. This is simpler and more cost-effective than having to test on several different physical machines.\r\n<span style=\"font-weight: bold; \">Running software designed for other OSes</span> - Although certain software applications are only available for a single platform, a VM can run software designed for a different OS. For example, a Mac user who wants to run software designed for Windows can run a Windows VM on their Mac host.\r\n<span style=\"font-weight: bold; \">Running outdated software</span> - Some pieces of older software can’t be run in modern OSes. Users who want to run these applications can run an old OS on a virtual machine.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Virtual_machine_and_cloud_system_software.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-1","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://www.barracuda.com/resources/Barracuda_Next_Gen_Firewall_AWS_CS_Club_Automation_US#top","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":438,"title":"Cisco ASA NGFW for Rio Summer Olympics 2016","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">All roads to the Olympics start with a dream. For the over 15,000 Olympic and Paralympic athletes from 205 countries who congregated in Rio de Janeiro in 2016, it’s the dream of competing at the highest level possible. It’s also about standing on the podium wearing a gold medal while their country’s flag rises and the national anthem plays. For Cisco, as a proud supporter of the 2016 Olympic and Paralympic Games in Rio, it also starts with a dream: that when we securely connect everything,</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">anything is possible.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Supporting a global event of this size is a monumental task that demands a network like no other. The Rio 2016 Games required connectivity, bandwidth, security, and support for:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 37 competition venues</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• More than 100 support venues</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 15,000 athletes</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 70,000 volunteers</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 9 million ticketholders</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 25,000 media personnel</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 123 network broadcasters from around the world</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">All this while delivering 170,000 hours of video content and providing infrastructure for 5 billion TV viewers – up from 4 billion viewers for the London Olympics in 2012.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">In short, if this network were competing in the Olympics, it would break world records.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">However, simply providing the infrastructure wasn’t enough. Cisco also had to provide effective security.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“The challenge we faced at Rio 2016 was making memorable Games, and one crucial aspect was to provide uninterrupted connectivity to our athletes, guests, media, and critical systems, all while keeping everything secure,” said Marcelo</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">Souza, Technology Systems General Manager of the Rio 2016 Organizing Committee for the Olympic Games. “We needed a vendor that could handle the traffic demands in a complex environment and deliver the security needed for such a monumental event.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Comparisons don’t come easy when we talk about a world stage event such as the Olympic Games. Securely connecting the Games required 60 tons of equipment and more than 60,000 hours of work. As the official networking and enterprise server supporter and supplier, Cisco deployed over 5,000 access points (a 400 percent increase from the London 2012 Games) and over 113,000 local area network (LAN) ports. Cisco also supplied 440 Cisco Unified Computing System™ (Cisco UCS®) servers, 480 vehicle routers, and 177 security devices. IIn addition, the Cisco network protected core activities such as accreditation, volunteers, sports entries and qualifications, and workforce management.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The network connected 183,044 unique devices of which 168,158 were wireless (92 percent of all devices). Cisco Identity Services Engine (ISE) and Cisco TrustSec technology were used to identify devices and segment accordingly. Any unrecognized device would connect to the guest network. Network traffic was extremely heavy – 2.144 petabytes of traffic over the course of the Games. To put that into perspective, it’s equivalent to 950,000 hours of HD video, which would take more than 110 years of nonstop streaming to watch.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">As a highly visible target for sophisticated threats from around the world, the Rio 2016 Games demanded a security architecture that is fundamentally integrated into the network. Cisco Talos, an industry-leading threat intelligence organization, reviewed the sheer number of threats mitigated on the network. During the first two weeks of the Games, there were 674 times the number of Trojans detected on the network compared to a typical large retail corporate environment during the same time.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“The network had to handle a substantially larger number of BYOD (Bring Your Own Device) technology than you would commonly see in a corporate environment. A larger percentage of these devices were infected with Trojans and various other malware families. This goes to show how important it is to have proper checks in place for corporate devices from both an external and internal network perspective,” said JJ Cummings of Cisco Talos.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">As the first line of defense, Cisco Umbrella (formerly OpenDNS) was deployed to prevent access to malicious sites. Umbrella found and blocked hundreds of Olympic-related fake domains. Over the course of the Rio 2016 Games, it protected on average 22 million DNS requests and blocked 23,000 suspicious sites daily.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">At the network edge, Cisco Firepower Next- Generation Firewall and NextGeneration Intrusion Prevention System appliances prevented close to 7 million security events during the Games. On the network, millions of devices were monitored for anomalous activity through Cisco Stealthwatch, and potentially vulnerable endpoints were identified and automatically segmented away from the rest of the network using Cisco ISE and Cisco TrustSec technology.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“The result was an amazing experience for everyone in Rio. Cisco provided us with the connectivity and security that allowed Rio 2016 to connect with the world,” remarked Souza.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">In a span of just 40 days, Cisco successfully secured and connected key networks that made the Olympic and Paralympic Games a resounding success. From London to Rio, to Tokyo and beyond, there has never been a better time to build an Olympic legacy.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Products and Services</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco ASA 5500-X with FirePOWER Services</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco FirePOWER Services in use:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• Cisco Advanced Malware Protection (AMP) for Networks</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• URL filtering</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• Application Visibility and Control (AVC)</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• Next-Generation IPS</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco FirePOWER Next-Generation Intrusion Prevention System</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Security Manager</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Identity Services Engine</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco TrustSec Technology</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Secure Access Control System</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Stealthwatch</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Umbrella</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Prime Network Registrar</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">At the Rio 2016 Olympic Games, Cisco:</span>\r\n<ul><li>Blocked an average of 23,000 suspicious sites daily using Cisco Umbrella</li><li>Delivered a secure network that handled over 2.144 PB of traffic</li><li>Provided secure access for attendees, staff, media, and athletes across 37 competition venues</li></ul>\r\n","alias":"cisco-asa-ngfw-for-rio-summer-olympics-2016","roi":0,"seo":{"title":"Cisco ASA NGFW for Rio Summer Olympics 2016","keywords":"Cisco, network, Games, 2016, that, from, were, Olympic","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">All roads to the Olympics start with a dream. For the over 15,000 Olympic and Paralympic athletes from 205 countries who congregated in Rio de Janeiro in 2016, it’s the dream of competing at the highest level possible. It’s also about standing on the podium wearing a gold medal while their country’s flag rises and the national anthem plays. For Cisco, as a proud supporter of the 2016 Olympic and Paralympic Games in Rio, it also starts with a dream: that when we securely connect everything,</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">anything is possible.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Supporting a global event of this size is a monumental task that demands a network like no other. The Rio 2016 Games required connectivity, bandwidth, security, and support for:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 37 competition venues</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• More than 100 support venues</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 15,000 athletes</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 70,000 volunteers</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 9 million ticketholders</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 25,000 media personnel</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 123 network broadcasters from around the world</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">All this while delivering 170,000 hours of video content and providing infrastructure for 5 billion TV viewers – up from 4 billion viewers for the London Olympics in 2012.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">In short, if this network were competing in the Olympics, it would break world records.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">However, simply providing the infrastructure wasn’t enough. Cisco also had to provide effective security.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“The challenge we faced at Rio 2016 was making memorable Games, and one crucial aspect was to provide uninterrupted connectivity to our athletes, guests, media, and critical systems, all while keeping everything secure,” said Marcelo</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">Souza, Technology Systems General Manager of the Rio 2016 Organizing Committee for the Olympic Games. “We needed a vendor that could handle the traffic demands in a complex environment and deliver the security needed for such a monumental event.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Comparisons don’t come easy when we talk about a world stage event such as the Olympic Games. Securely connecting the Games required 60 tons of equipment and more than 60,000 hours of work. As the official networking and enterprise server supporter and supplier, Cisco deployed over 5,000 access points (a 400 percent increase from the London 2012 Games) and over 113,000 local area network (LAN) ports. Cisco also supplied 440 Cisco Unified Computing System™ (Cisco UCS®) servers, 480 vehicle routers, and 177 security devices. IIn addition, the Cisco network protected core activities such as accreditation, volunteers, sports entries and qualifications, and workforce management.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The network connected 183,044 unique devices of which 168,158 were wireless (92 percent of all devices). Cisco Identity Services Engine (ISE) and Cisco TrustSec technology were used to identify devices and segment accordingly. Any unrecognized device would connect to the guest network. Network traffic was extremely heavy – 2.144 petabytes of traffic over the course of the Games. To put that into perspective, it’s equivalent to 950,000 hours of HD video, which would take more than 110 years of nonstop streaming to watch.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">As a highly visible target for sophisticated threats from around the world, the Rio 2016 Games demanded a security architecture that is fundamentally integrated into the network. Cisco Talos, an industry-leading threat intelligence organization, reviewed the sheer number of threats mitigated on the network. During the first two weeks of the Games, there were 674 times the number of Trojans detected on the network compared to a typical large retail corporate environment during the same time.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“The network had to handle a substantially larger number of BYOD (Bring Your Own Device) technology than you would commonly see in a corporate environment. A larger percentage of these devices were infected with Trojans and various other malware families. This goes to show how important it is to have proper checks in place for corporate devices from both an external and internal network perspective,” said JJ Cummings of Cisco Talos.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">As the first line of defense, Cisco Umbrella (formerly OpenDNS) was deployed to prevent access to malicious sites. Umbrella found and blocked hundreds of Olympic-related fake domains. Over the course of the Rio 2016 Games, it protected on average 22 million DNS requests and blocked 23,000 suspicious sites daily.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">At the network edge, Cisco Firepower Next- Generation Firewall and NextGeneration Intrusion Prevention System appliances prevented close to 7 million security events during the Games. On the network, millions of devices were monitored for anomalous activity through Cisco Stealthwatch, and potentially vulnerable endpoints were identified and automatically segmented away from the rest of the network using Cisco ISE and Cisco TrustSec technology.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“The result was an amazing experience for everyone in Rio. Cisco provided us with the connectivity and security that allowed Rio 2016 to connect with the world,” remarked Souza.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">In a span of just 40 days, Cisco successfully secured and connected key networks that made the Olympic and Paralympic Games a resounding success. From London to Rio, to Tokyo and beyond, there has never been a better time to build an Olympic legacy.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Products and Services</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco ASA 5500-X with FirePOWER Services</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco FirePOWER Services in use:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• Cisco Advanced Malware Protection (AMP) for Networks</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• URL filtering</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• Application Visibility and Control (AVC)</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• Next-Generation IPS</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco FirePOWER Next-Generation Intrusion Prevention System</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Security Manager</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Identity Services Engine</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco TrustSec Technology</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Secure Access Control System</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Stealthwatch</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Umbrella</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Prime Network Registrar</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">At the Rio 2016 Olympic Games, Cisco:</span>\r\n<ul><li>Blocked an average of 23,000 suspicious sites daily using Cisco Umbrella</li><li>Delivered a secure network that handled over 2.144 PB of traffic</li><li>Provided secure access for attendees, staff, media, and athletes across 37 competition venues</li></ul>\r\n","og:title":"Cisco ASA NGFW for Rio Summer Olympics 2016","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">All roads to the Olympics start with a dream. For the over 15,000 Olympic and Paralympic athletes from 205 countries who congregated in Rio de Janeiro in 2016, it’s the dream of competing at the highest level possible. It’s also about standing on the podium wearing a gold medal while their country’s flag rises and the national anthem plays. For Cisco, as a proud supporter of the 2016 Olympic and Paralympic Games in Rio, it also starts with a dream: that when we securely connect everything,</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">anything is possible.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Supporting a global event of this size is a monumental task that demands a network like no other. The Rio 2016 Games required connectivity, bandwidth, security, and support for:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 37 competition venues</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• More than 100 support venues</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 15,000 athletes</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 70,000 volunteers</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 9 million ticketholders</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 25,000 media personnel</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• 123 network broadcasters from around the world</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">All this while delivering 170,000 hours of video content and providing infrastructure for 5 billion TV viewers – up from 4 billion viewers for the London Olympics in 2012.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">In short, if this network were competing in the Olympics, it would break world records.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">However, simply providing the infrastructure wasn’t enough. Cisco also had to provide effective security.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“The challenge we faced at Rio 2016 was making memorable Games, and one crucial aspect was to provide uninterrupted connectivity to our athletes, guests, media, and critical systems, all while keeping everything secure,” said Marcelo</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">Souza, Technology Systems General Manager of the Rio 2016 Organizing Committee for the Olympic Games. “We needed a vendor that could handle the traffic demands in a complex environment and deliver the security needed for such a monumental event.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Comparisons don’t come easy when we talk about a world stage event such as the Olympic Games. Securely connecting the Games required 60 tons of equipment and more than 60,000 hours of work. As the official networking and enterprise server supporter and supplier, Cisco deployed over 5,000 access points (a 400 percent increase from the London 2012 Games) and over 113,000 local area network (LAN) ports. Cisco also supplied 440 Cisco Unified Computing System™ (Cisco UCS®) servers, 480 vehicle routers, and 177 security devices. IIn addition, the Cisco network protected core activities such as accreditation, volunteers, sports entries and qualifications, and workforce management.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The network connected 183,044 unique devices of which 168,158 were wireless (92 percent of all devices). Cisco Identity Services Engine (ISE) and Cisco TrustSec technology were used to identify devices and segment accordingly. Any unrecognized device would connect to the guest network. Network traffic was extremely heavy – 2.144 petabytes of traffic over the course of the Games. To put that into perspective, it’s equivalent to 950,000 hours of HD video, which would take more than 110 years of nonstop streaming to watch.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">As a highly visible target for sophisticated threats from around the world, the Rio 2016 Games demanded a security architecture that is fundamentally integrated into the network. Cisco Talos, an industry-leading threat intelligence organization, reviewed the sheer number of threats mitigated on the network. During the first two weeks of the Games, there were 674 times the number of Trojans detected on the network compared to a typical large retail corporate environment during the same time.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“The network had to handle a substantially larger number of BYOD (Bring Your Own Device) technology than you would commonly see in a corporate environment. A larger percentage of these devices were infected with Trojans and various other malware families. This goes to show how important it is to have proper checks in place for corporate devices from both an external and internal network perspective,” said JJ Cummings of Cisco Talos.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">As the first line of defense, Cisco Umbrella (formerly OpenDNS) was deployed to prevent access to malicious sites. Umbrella found and blocked hundreds of Olympic-related fake domains. Over the course of the Rio 2016 Games, it protected on average 22 million DNS requests and blocked 23,000 suspicious sites daily.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">At the network edge, Cisco Firepower Next- Generation Firewall and NextGeneration Intrusion Prevention System appliances prevented close to 7 million security events during the Games. On the network, millions of devices were monitored for anomalous activity through Cisco Stealthwatch, and potentially vulnerable endpoints were identified and automatically segmented away from the rest of the network using Cisco ISE and Cisco TrustSec technology.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“The result was an amazing experience for everyone in Rio. Cisco provided us with the connectivity and security that allowed Rio 2016 to connect with the world,” remarked Souza.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">In a span of just 40 days, Cisco successfully secured and connected key networks that made the Olympic and Paralympic Games a resounding success. From London to Rio, to Tokyo and beyond, there has never been a better time to build an Olympic legacy.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Products and Services</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco ASA 5500-X with FirePOWER Services</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco FirePOWER Services in use:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• Cisco Advanced Malware Protection (AMP) for Networks</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• URL filtering</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• Application Visibility and Control (AVC)</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">• Next-Generation IPS</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco FirePOWER Next-Generation Intrusion Prevention System</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Security Manager</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Identity Services Engine</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco TrustSec Technology</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Secure Access Control System</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Stealthwatch</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Umbrella</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Cisco Prime Network Registrar</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">At the Rio 2016 Olympic Games, Cisco:</span>\r\n<ul><li>Blocked an average of 23,000 suspicious sites daily using Cisco Umbrella</li><li>Delivered a secure network that handled over 2.144 PB of traffic</li><li>Provided secure access for attendees, staff, media, and athletes across 37 competition venues</li></ul>\r\n"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":170,"title":"Cisco","logoURL":"https://roi4cio.com/uploads/roi/company/cisco_logo.png","alias":"cisco","address":"","roles":[],"description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","companyTypes":[],"products":{},"vendoredProductsCount":31,"suppliedProductsCount":31,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":7,"vendorImplementationsCount":42,"vendorPartnersCount":0,"supplierPartnersCount":282,"b4r":0,"categories":{},"companyUrl":"www.cisco.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Cisco","keywords":"Index, networking, Cisco, company, Russell, 1000, June, Average","description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:title":"Cisco","og:description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:image":"https://roi4cio.com/uploads/roi/company/cisco_logo.png"},"eventUrl":""},"vendors":[{"id":170,"title":"Cisco","logoURL":"https://roi4cio.com/uploads/roi/company/cisco_logo.png","alias":"cisco","address":"","roles":[],"description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","companyTypes":[],"products":{},"vendoredProductsCount":31,"suppliedProductsCount":31,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":7,"vendorImplementationsCount":42,"vendorPartnersCount":0,"supplierPartnersCount":282,"b4r":0,"categories":{},"companyUrl":"www.cisco.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Cisco","keywords":"Index, networking, Cisco, company, Russell, 1000, June, Average","description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:title":"Cisco","og:description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:image":"https://roi4cio.com/uploads/roi/company/cisco_logo.png"},"eventUrl":""}],"products":[{"id":1439,"logo":false,"scheme":false,"title":"Cisco ASA NGFW (Adaptive Security Appliance Software)","vendorVerified":0,"rating":"2.00","implementationsCount":5,"suppliersCount":0,"alias":"cisco-asa-ngfw-adaptive-security-appliance-software","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Features and Capabilities</span>\r\nCisco Adaptive Security Appliance (ASA) Software is the core operating system for the Cisco ASA Family. It delivers enterprise-class firewall capabilities for ASA devices in an array of form factors - standalone appliances, blades, and virtual appliances - for any distributed network environment. ASA Software also integrates with other critical security technologies to deliver comprehensive solutions that meet continuously evolving security needs.\r\n<span style=\"font-weight: bold;\">Among its benefits, Cisco ASA Software:</span>\r\n<ul>\r\n<li>Offers integrated IPS, VPN, and Unified Communications capabilities</li>\r\n<li>Helps organizations increase capacity and improve performance through high-performance, multi-site, multi-node clustering</li>\r\n<li>Delivers high availability for high resiliency applications</li>\r\n<li>Provides collaboration between physical and virtual devices</li>\r\n<li>Meets the unique needs of both the network and the data center</li>\r\n<li>Provides context awareness with Cisco TrustSec security group tags and identity-based firewall technology</li>\r\n<li>Facilitates dynamic routing and site-to-site VPN on a per-context basis</li>\r\n</ul>\r\nCisco ASA software also supports next-generation encryption standards, including the Suite B set of cryptographic algorithms. It also integrates with the Cisco Cloud Web Security solution to provide world-class, web-based threat protection.","shortDescription":"The Cisco ASA Family of security devices protects corporate networks and data centers of all sizes. It provides users with highly secure access to data and network resources.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":4,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cisco ASA NGFW (Adaptive Security Appliance Software)","keywords":"","description":"<span style=\"font-weight: bold;\">Features and Capabilities</span>\r\nCisco Adaptive Security Appliance (ASA) Software is the core operating system for the Cisco ASA Family. It delivers enterprise-class firewall capabilities for ASA devices in an array of form factors - standalone appliances, blades, and virtual appliances - for any distributed network environment. ASA Software also integrates with other critical security technologies to deliver comprehensive solutions that meet continuously evolving security needs.\r\n<span style=\"font-weight: bold;\">Among its benefits, Cisco ASA Software:</span>\r\n<ul>\r\n<li>Offers integrated IPS, VPN, and Unified Communications capabilities</li>\r\n<li>Helps organizations increase capacity and improve performance through high-performance, multi-site, multi-node clustering</li>\r\n<li>Delivers high availability for high resiliency applications</li>\r\n<li>Provides collaboration between physical and virtual devices</li>\r\n<li>Meets the unique needs of both the network and the data center</li>\r\n<li>Provides context awareness with Cisco TrustSec security group tags and identity-based firewall technology</li>\r\n<li>Facilitates dynamic routing and site-to-site VPN on a per-context basis</li>\r\n</ul>\r\nCisco ASA software also supports next-generation encryption standards, including the Suite B set of cryptographic algorithms. It also integrates with the Cisco Cloud Web Security solution to provide world-class, web-based threat protection.","og:title":"Cisco ASA NGFW (Adaptive Security Appliance Software)","og:description":"<span style=\"font-weight: bold;\">Features and Capabilities</span>\r\nCisco Adaptive Security Appliance (ASA) Software is the core operating system for the Cisco ASA Family. It delivers enterprise-class firewall capabilities for ASA devices in an array of form factors - standalone appliances, blades, and virtual appliances - for any distributed network environment. ASA Software also integrates with other critical security technologies to deliver comprehensive solutions that meet continuously evolving security needs.\r\n<span style=\"font-weight: bold;\">Among its benefits, Cisco ASA Software:</span>\r\n<ul>\r\n<li>Offers integrated IPS, VPN, and Unified Communications capabilities</li>\r\n<li>Helps organizations increase capacity and improve performance through high-performance, multi-site, multi-node clustering</li>\r\n<li>Delivers high availability for high resiliency applications</li>\r\n<li>Provides collaboration between physical and virtual devices</li>\r\n<li>Meets the unique needs of both the network and the data center</li>\r\n<li>Provides context awareness with Cisco TrustSec security group tags and identity-based firewall technology</li>\r\n<li>Facilitates dynamic routing and site-to-site VPN on a per-context basis</li>\r\n</ul>\r\nCisco ASA software also supports next-generation encryption standards, including the Suite B set of cryptographic algorithms. It also integrates with the Cisco Cloud Web Security solution to provide world-class, web-based threat protection."},"eventUrl":"","translationId":1440,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-1","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":384,"title":"Risk of attacks by hackers"},{"id":384,"title":"Risk of attacks by hackers"},{"id":386,"title":"Risk of lost access to data and IT systems"}]}},"categories":[{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-1","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://www.cisco.com/c/dam/en/us/products/collateral/security/rio-case-study.pdf","title":"-"}},"comments":[],"referencesCount":0},{"id":535,"title":"TrapX Deception Grid for manufacturer of steel products","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The manufacturing case study focuses on one of the largest </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">manufacturers of steel products to include tubing, pipe and sheet. Assets </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">included a very large network for industrial control systems (ICS) and </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">the necessary supervisory control and data acquisition (SCADA) </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">components which run their manufacturing processes end to end. Prior </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">to our involvement, this manufacturer had routinely removed routine </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">threats but were unaware of sophisticated malware infection or advanced </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">persistent threats. The customer had a large industry suite of cyber </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">defense products which included a firewall, anti-virus suites, multiple </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">intrusion detection software products, endpoint security and other </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">software.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Immediately upon installation, the TrapX DeceptionGrid generated </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">ALERTS and identified malicious activity in two key locations. Both of </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">these were on SCADA processors which were central to the </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">manufacturing process. An attack in this area could severely disrupt </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">ongoing manufacturing processes causing both a shut-down and millions </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">of dollars in potential loss. Our analysis it was determined that both of </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">these malicious processes were communicating through TOR to their </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">attackers. In one case the malicious process was attempting to establish </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">a new command and control connection through TOR. In the other case </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">command and control was established and many types of malware were </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">resident on the station.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Broad Scale Attack Deployed Through One Entry Point</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">TrapX found several types of malware deployed in this SCADA processor. </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">TR-Dropper.Gen2.trojan allowed full access and control of the infected </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">end-point. It allows for the collection and exfiltration of confidential </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">data. Additionally we found Packed.Win32.Katusha.e malware stealing </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">passwords which was communicating back to attacker IP addresses </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">through TOR.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Over several additional weeks, DeceptionGrid detected lateral movement </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">by attackers that identified two additional command and control sites. </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">The customer coordinated with TrapX and SCADA component vendors to </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">determine the impact of the attack, to eliminate it and then to reprovision </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">the software in all of the effected components.</span>\r\n","alias":"trapx-deception-grid-for-manufacturer-of-steel-products","roi":0,"seo":{"title":"TrapX Deception Grid for manufacturer of steel products","keywords":"control, TrapX, malware, were, which, SCADA, products, this","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The manufacturing case study focuses on one of the largest </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">manufacturers of steel products to include tubing, pipe and sheet. Assets </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">included a very large network for industrial control systems (ICS) and </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">the necessary supervisory control and data acquisition (SCADA) </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">components which run their manufacturing processes end to end. Prior </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">to our involvement, this manufacturer had routinely removed routine </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">threats but were unaware of sophisticated malware infection or advanced </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">persistent threats. The customer had a large industry suite of cyber </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">defense products which included a firewall, anti-virus suites, multiple </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">intrusion detection software products, endpoint security and other </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">software.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Immediately upon installation, the TrapX DeceptionGrid generated </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">ALERTS and identified malicious activity in two key locations. Both of </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">these were on SCADA processors which were central to the </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">manufacturing process. An attack in this area could severely disrupt </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">ongoing manufacturing processes causing both a shut-down and millions </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">of dollars in potential loss. Our analysis it was determined that both of </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">these malicious processes were communicating through TOR to their </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">attackers. In one case the malicious process was attempting to establish </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">a new command and control connection through TOR. In the other case </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">command and control was established and many types of malware were </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">resident on the station.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Broad Scale Attack Deployed Through One Entry Point</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">TrapX found several types of malware deployed in this SCADA processor. </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">TR-Dropper.Gen2.trojan allowed full access and control of the infected </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">end-point. It allows for the collection and exfiltration of confidential </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">data. Additionally we found Packed.Win32.Katusha.e malware stealing </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">passwords which was communicating back to attacker IP addresses </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">through TOR.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Over several additional weeks, DeceptionGrid detected lateral movement </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">by attackers that identified two additional command and control sites. </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">The customer coordinated with TrapX and SCADA component vendors to </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">determine the impact of the attack, to eliminate it and then to reprovision </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">the software in all of the effected components.</span>\r\n","og:title":"TrapX Deception Grid for manufacturer of steel products","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The manufacturing case study focuses on one of the largest </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">manufacturers of steel products to include tubing, pipe and sheet. Assets </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">included a very large network for industrial control systems (ICS) and </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">the necessary supervisory control and data acquisition (SCADA) </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">components which run their manufacturing processes end to end. Prior </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">to our involvement, this manufacturer had routinely removed routine </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">threats but were unaware of sophisticated malware infection or advanced </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">persistent threats. The customer had a large industry suite of cyber </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">defense products which included a firewall, anti-virus suites, multiple </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">intrusion detection software products, endpoint security and other </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">software.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Immediately upon installation, the TrapX DeceptionGrid generated </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">ALERTS and identified malicious activity in two key locations. Both of </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">these were on SCADA processors which were central to the </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">manufacturing process. An attack in this area could severely disrupt </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">ongoing manufacturing processes causing both a shut-down and millions </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">of dollars in potential loss. Our analysis it was determined that both of </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">these malicious processes were communicating through TOR to their </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">attackers. In one case the malicious process was attempting to establish </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">a new command and control connection through TOR. In the other case </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">command and control was established and many types of malware were </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">resident on the station.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Broad Scale Attack Deployed Through One Entry Point</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">TrapX found several types of malware deployed in this SCADA processor. </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">TR-Dropper.Gen2.trojan allowed full access and control of the infected </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">end-point. It allows for the collection and exfiltration of confidential </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">data. Additionally we found Packed.Win32.Katusha.e malware stealing </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">passwords which was communicating back to attacker IP addresses </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">through TOR.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Over several additional weeks, DeceptionGrid detected lateral movement </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">by attackers that identified two additional command and control sites. </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">The customer coordinated with TrapX and SCADA component vendors to </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">determine the impact of the attack, to eliminate it and then to reprovision </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">the software in all of the effected components.</span>\r\n"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""},"vendors":[{"id":3890,"title":"TrapX","logoURL":"https://roi4cio.com/uploads/roi/company/TrapX.png","alias":"trapx","address":"","roles":[],"description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":5,"vendorImplementationsCount":5,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"https://trapx.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"TrapX","keywords":"with, TrapX, field, that, traps, little, creating, deployed","description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:title":"TrapX","og:description":"TrapX has created a new generation of deception technology that provides real-time breach detection and prevention. Our field proven solution deceives would-be attackers with turn-key decoys (traps) that “imitate” your true assets. Hundreds or thousands of traps can be deployed with little effort, creating a virtual mine field for cyberattacks, alerting you to any malicious activity with actionable intelligence immediately.","og:image":"https://roi4cio.com/uploads/roi/company/TrapX.png"},"eventUrl":""}],"products":[{"id":1724,"logo":false,"scheme":false,"title":"TrapX DeceptionGrid platform","vendorVerified":0,"rating":"3.30","implementationsCount":9,"suppliersCount":0,"alias":"trapx-deceptiongrid-platform","companyTypes":[],"description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","shortDescription":"The TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement, Advanced Persistent Threats (APTs) and sophisticated cybercriminals","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":10,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","keywords":"from, TrapX, DeceptionGrid, breach, attack, platform, intelligence, remediation, protects, assets, malicious insiders, lateral-movement, Advanced Persistent Threats (APTs), sophisticated cybercriminals, Console, Attack Visualization, security operations team, intrusion, Attacker ID, attack identification, human attacker, automated attack tools, security teams, Automated Provisioning, Deception Tokens, Active Traps, Emulated Traps, Medium Interaction Emulated Traps, FullOS Traps, High Interaction (Full Operating System) Traps","description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers.","og:title":"DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders, lateral-movement","og:description":"<div style=\"text-align: center;\"><b>DeceptionGrid</b>\r\n<div style=\"text-align: center;\">TrapX DeceptionGrid protects your valuable assets against a multitude of attacks including malicious insiders and sophisticated cybercriminals.\r\n<b>Deceive, Detect and Defeat Advanced Cyber Attackers. </b>\r\nDeceptionGrid, named the Best Deception Technology of 2018, deploys a shifting minefield of Traps (decoys) and Deception Tokens (lures) that appear identical to your real IT & IoT assets that no attacker can avoid.\r\n<b>Actionable Intelligence </b>\r\nJust one touch of a Trap by an attacker sets off a high-confidence alert. DeceptionGrid integrates with key elements of the network and security ecosystem to contain attacks and enable a return to normal operations.\r\n<b>The Deception Product of Choice </b>\r\nDeceptionGrid analyzes your network and automatically provisions hundreds-to-thousands of Traps and Lures. Each Trap is tailor-made to be identical to your native environment. Attackers can never tell what’s real and what’s fake because each Trap is designed to look and behave exactly like your real assets. In addition, Traps can also be camouflaged as any specialized IoT and OT devices.\r\n<b>Gain Access to a Powerful Community </b>\r\nFor the first time, defenders can collaborate and share deceptive counter-measures with each other. The DeceptionNet Community enables cyber-security teams to deceive cyber attackers by sharing deception strategies, new types of Traps, third-party connectors, best practices and more.\r\n<b>Deception Tokens </b>\r\nDeception Tokens (lures) appear as ordinary files, scripts and configurations, are embedded within real IT assets to bait and divert attackers away from real high value assets and into the traps.\r\n<b>Active Traps </b>\r\nActive Traps create a stream of false network traffic between deployed Traps to confuse and divert attackers that monitor the network traffic.\r\n<b><ins>Emulated Traps </ins></b>\r\n<b>Medium Interaction Emulated Traps </b>\r\nOur patented emulated traps can be deployed at the largest enterprise scale through automation. You can select from a wide variety of servers, databases, workstations, switches, routers and Traps tailor-made to your organization’s native environment. After a Trap is interacted with and the cyber-attack is thwarted, the Trap will change its shape and location, so the attacker will never learn if something is a Trap or a real asset.\r\n<b>Hundreds of New Industry Templates </b>\r\nThe DeceptionNet Community now offers hundreds of new industry templates (updated regularly) that are available for your use. In addition, our patented medium interaction traps also include expanded templates for specialized devices based on specific industries. These templates include, ATM and SWIFT assets for financial services, Point of Sale (PoS) devices for retail, as well as devices for medical, manufacturing and many more. This allows you to determine if attackers are targeting your specialized devices that are often vulnerable to attack.\r\n<b><ins>FullOS Traps </ins></b>\r\n<b>High Interaction (Full Operating System) Traps </b>\r\nDeceptionGrid enables the provision of full operating system (FullOS) Traps. Our medium interaction Traps automatically extend engaged attackers through our smart deception to our FullOS Traps for the deepest attacker diversion and engagement. FullOS Traps also enable you to clone existing assets – you can completely replicate actual production servers to further deceive attackers."},"eventUrl":"","translationId":1723,"dealDetails":{"avgPartnerDiscount":30,"dealProtection":1,"avgDealSize":30000,"dealSizeCurrency":"","avgDealClosing":3},"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"It is required to transfer the customer data to the vendor in order to receive a testing version for 30 days","categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":199,"title":"Deception Techniques and Honeypots","alias":"deception-techniques-and-honeypots","description":"Deception technology is an emerging category of cyber security defense. Deception technology products can detect, analyze and defend against zero-day and advanced attacks, often in real time. They are automated, accurate and provide insight into malicious activity within internal networks, which may be unseen by other types of cyber defense. Deception technology enables a more proactive security posture by seeking to deceive the attackers, detect them and then defeat them, allowing the enterprise to return to normal operations.\r\nDeception technology automates the creation of traps (decoys) and/or lures, which are mixed among and within existing IT resources to provide a layer of protection to stop attackers that have penetrated the network. Traps (decoys) are IT assets that either use real licensed operating system software, or are emulations of these devices.\r\nTraps (decoys) which use emulations can also imitate medical devices, automated teller machines (ATMs), retail point of sale systems, switches, routers and much more. Lures are generally real information technology resources (files of varying kinds) which are placed on actual IT assets.\r\nUpon penetrating the network, attackers seek to establish a backdoor and then use this to identify and exfiltrate data and intellectual property. They begin moving laterally through the internal VLANs and almost immediately will "look at" one of the traps (decoys). Interacting with one of these "decoys" will trigger an alert. These alerts are very high probability and almost always coincide to an ongoing attack. The deception is designed to lure the attacker in – the attacker may consider this a worthy asset and continue by injecting malware. Deception technology generally allows for automated static and dynamic analysis of this injected malware and provides these reports through automation to the security operations personnel. Deception technology may also identify, through indicators of compromise (IOC), suspect end-points that are part of the compromise cycle. Automation also allows for an automated memory analysis of the suspect end-point, and then automatically isolates the suspect end-point. Many partner integrations allow for a variety of implementation paths for existing enterprise and government customers.\r\nInternet of things (IoT) devices are not usually scanned by legacy defense in depth cyber defense and remain prime targets for attackers within the network. Deception technology can identify attackers moving laterally into the network from within these devices.\r\nIntegrated turnkey devices that utilize embedded operating systems, but do not allow these operating systems to be scanned or closely protected by embedded end-point or intrusion detection software are also well protected by a deception technology deployment in the same network. Examples include process control systems (SCADA) used in many manufacturing applications on a global basis. Deception technology has been associated with the discovery of Zombie Zero, an attack vector wherein deception technology identified an attacker utilizing malware embedded in barcode readers which were manufactured overseas.\r\nMedical devices are particular vulnerable to cyber attacks within the healthcare networks. As FDA-certified devices they are closed systems and not accessible to standard cyber defense software. Deception technology can surround and protect these devices and identify attackers using these for backdoor placement and data exfiltration. Recently documented cyber attacks on medical devices include x-ray machines, CT scanners, MRI scanners, blood gas analyzers, PACS systems and many more. Networks utilizing these devices can be protected by deception technology. This attack vector, called medical device hijack or medjack, is estimated to have penetrated many hospitals worldwide.\r\nSpecialized deception technology products are now capable of addressing the rise in ransomware. Select products can deceive ransomware into engaging in an attack on a decoy resource, while isolating the infection points and alerting the cyber defense software team.","materialsDescription":"<span style=\"font-weight: bold;\">Why Use Deception Technology?</span>\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Early Post-Breach Detection</span></span>\r\nNo security solution can stop all attacks from occurring on a network, but deception technology helps to give attackers a false sense of security by making them believe they have gained a foothold in your network. From here you can monitor and record their behavior, secure in the knowledge that they can do no damage to your decoy systems. The information you record about attacker behavior and techniques can be used to further secure your network from attack.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Reduced False Positives and Risk</span></span>\r\nDead ends, false positives and alert fatigue can all hamper security efforts and put a drain on resources, if they are even analyzed at all. Too much noise can result in IT teams becoming complacent and ignoring what could potentially be a legitimate threat. Deception technology reduces the noise with fewer false positives and high fidelity alerts packed full of useful data.\r\nDeception technology is also a low risk as it has no risk to data or impact on resources or operations. When a hacker accesses or attempts to use part of the deception layer, a real and accurate alert is generated that tells admins they need to take action.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Scale and Automate at Will</span></span>\r\nWhile the threat to corporate networks and data is a daily growing concern, security teams rarely get an increase in their budget to handle the deluge of new threats. For this reason, deception technology can be a very welcome solution. Automated alerts eliminate the need for manual effort and intervention while the design of the technology allows it to be scaled easily as the organization and threat level grows.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">From Legacy to IoT</span></span>\r\nDeception technology can be used to provide breadcrumbs for a vast range of different devices, including legacy environments, industry-specific environments and even IoT devices.<br /><br />"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://share.trapx.com/dl/s1mqPwZmMA","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":542,"title":"McAfee Endpoint Security for global software company","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Integrating McAfee® Advanced Threat Defense and the Bro open-source network </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">security platform widens the scope of threat detection to include unmanaged devices</span>\r\n<span style=\"font-weight: bold; \">Multinational Software Company</span>\r\n<ul><li>Large global software company</li><li>Industry: Technology</li><li>Environment: Fluid environment with up to 150,000 endpoints at any given time, many of them virtual, across 20 countries</li></ul>\r\n<span style=\"font-weight: bold; \">Challenges</span>\r\n<ul><li>Protect against zero-day threats across extended global enterprise</li><li>Shrink detection to remediation gap</li></ul>\r\n<span style=\"font-weight: bold; \">McAfee solution</span>\r\n<ul><li>McAfee® Advanced Threat Defense</li><li>McAfee® Complete Endpoint Threat Protection</li><li>McAfee® ePolicy Orchestrator®</li><li>McAfee® Threat Intelligence Exchange</li></ul>\r\n<span style=\"font-weight: bold; \">Results</span>\r\n<ul><li>Accelerates time to protection, thanks to automation</li><li>Augments threat reputation information shared across</li><li>McAfee ePO softwaremanaged devices with information gleaned from incidents involving unmanaged devices</li><li>Facilitates endpoint incident forensics and accelerates response</li><li>Saves security operations time and hassle</li></ul>\r\nAutomated submission of threat information to McAfee Advanced Threat Defense and automated sharing of that information across the enterprise improves protection while saving security operations time and hassle.\r\nThis large global software company with more than 20,000 employees in 20 countries has implemented an IT infrastructure that is highly virtual and fluid. Systems come and go daily on the company’s network. For instance, in a recent week, 45,000 systems, including virtual machines, connected to the corporate network. However, during peak periods, up to 150,000 endpoints can be connected. For the company’s senior manager of security engineering, who oversees the team responsible for deployment of all security tools across the global enterprise, this environment poses distinct challenges.\r\n<span style=\"font-weight: bold; \">Challenge: Close Gaps to Block Zero-Day Attacks</span>\r\nAlthough the company employs the McAfee Complete Endpoint Threat Protection suite on all its high-risk physical and virtual endpoints, it also has many virtual endpoints connecting to its network that do not have a McAfee agent installed and are therefore not updated with the latest threat protection via the McAfee ePolicy Orchestrator (McAfee® ePO™) management console. The company’s more important virtual machines host a McAfee agent but many “low-risk” systems do not. Until recently, if one of these unmanaged endpoints downloaded a malicious file, the McAfee ePO softwaremanaged endpoints would be at risk because they had no way of knowing of the existence of that threat within the environment.\r\n<span style=\"font-style: italic; \">“Zero-day threats are our biggest concern,” remarks the senior manager of security engineering. “If any of our endpoints—managed or unmanaged—downloads a zero-day threat, we want our whole environment to know about it, and we want to be able to react appropriately as fast as possible.”</span>\r\nIn addition, if a managed endpoint became infected, security analysts would receive an alert, but, because of the fluidity of systems coming on and off the network, by the time an analyst has logged in and has attempted to find the suspicious payload, the system could easily have moved offline, essentially removing the information needed to understand what had transpired. As a result, security operations center (SOC) engineers found that they had to spend extra time tracking down infected systems and remediating them.\r\n<span style=\"font-weight: bold; \">Hunting and Blocking Zero-Day Threats with McAfee Advanced Threat Defense</span>\r\nAlong with McAfee Complete Endpoint Threat Protection, the company had implemented the Data Exchange Layer (DXL) communication fabric and McAfee Threat Intelligence Exchange. DXL connects and optimizes security actions across multiple vendor products, as well as internally developed and open source solutions, and McAfee Threat Intelligence Exchange leverages DXL to bi-directionally share threat information across all DXL-connected systems. To this automated threat reputation-sharing framework, the company added McAfee Advanced Threat Defense for “zero-day hunting,” as the senior manager of security engineering describes the appliance’s main role. \r\n<span style=\"font-style: italic;\">“If an unknown or suspicious file comes across one of</span><span style=\"font-style: italic;\">our endpoints protected by McAfee Endpoint Security, </span><span style=\"font-style: italic;\">the file is automatically sent to McAfee Advanced Threat</span><span style=\"font-style: italic;\">Defense for sophisticated static and dynamic behavioral</span><span style=\"font-style: italic;\">analysis,” explains the senior manager of security</span><span style=\"font-style: italic;\">engineering. “If McAfee Advanced Threat Defense</span><span style=\"font-style: italic;\">deems the file to be malicious, its reputation is then</span><span style=\"font-style: italic;\">automatically broadcast via McAfee Threat Intelligence</span><span style=\"font-style: italic;\">Exchange to all the endpoints connected to DXL. This</span><span style=\"font-style: italic;\">automatic distribution of threat reputation information</span><span style=\"font-style: italic;\">helps us block zero-day threats before they can harm</span><span style=\"font-style: italic;\">our environment.”</span>\r\n<span style=\"font-weight: bold;\">Enhancing Intrusion Detection with Bro</span>\r\nBut what about threats entering the environment through the company’s many unmanaged endpoints? To extend detection to these systems, the company turned to the open-source Bro network security monitoring platform. Bro ingests the company’s network traffic off a span or inline tap and converts the traffic data into logs and metadata in binary format. In a typical week, Bro submits approximately 6,000 files to McAfee Advanced Threat Defense for analysis. Of those, approximately 10% to 20% end up in the McAfee Threat Intelligence Exchange threat reputation database and are subsequently shared throughout the enterprise.\r\n<span style=\"font-style: italic;\">“Bro gives us the ability to retain network traffic in a searchable format, which is extremely useful,” the senior manager of security engineering explains. “For instance, using Bro, we can search for source or distributed IP so we can easily conduct lightweight investigations— discover who or what connected to a specific IP address, what the payload looks like, determine the packet size, and so on.”</span>\r\nThe information captured by Bro supplements the threat information delivered via the McAfee Global Threat Intelligence cloud and disseminated via McAfee Threat Intelligence Exchange. With the Bro script and advice provided by McAfee (now available as a deployment kit), the senior manager of security engineering’s team integrated Bro with McAfee Advanced Threat Defense so that the Bro traffic data is automatically submitted to McAfee Advanced Threat Defense, just as suspicious files from McAfee Endpoint Security are automatically submitted through McAfee Threat Intelligence Exchange.\r\nSince the team was already very familiar with Bro, the integration was straightforward. \r\n<span style=\"font-weight: bold;\">Automatic Immunization Against Threats that Hit Unmanaged Endpoints</span>\r\n<span style=\"font-style: italic;\">“If one of our unmanaged endpoints downloads a malicious file, Bro will capture that event among the </span><span style=\"font-style: italic;\">network traffic and submit it to McAfee Advanced</span><span style=\"font-style: italic;\">Threat Defense for analysis,” notes the senior manager</span><span style=\"font-style: italic;\">of security engineering. “If McAfee Advanced Threat</span><span style=\"font-style: italic;\">Defense determines the file is malicious, then that</span><span style=\"font-style: italic;\">malicious reputation will be shared automatically with</span><span style=\"font-style: italic;\">every McAfee ePO software-managed system in our</span><span style=\"font-style: italic;\">entire enterprise—in other words, with all the systems</span><span style=\"font-style: italic;\">we care about. Put another way, if one of our unmanaged</span><span style=\"font-style: italic;\">virtual machines downloads a malicious file, all of our</span><span style=\"font-style: italic;\">managed devices automatically receive an immune shot.”</span>\r\n<span style=\"font-weight: bold;\">Facilitating and Accelerating Incident Response</span>\r\nWith the McAfee Advanced Threat Defense/Bro integration and threat reputation information automatically disseminated across endpoints via McAfee Threat Intelligence Exchange, inoculation of endpoints happens much faster than it did before. Consequently, there is a much greater likelihood that a system will “receive the immune shot” before it goes offline. In addition, because the actual event and surrounding intelligence is captured by Bro, even if the system goes offline, McAfee Advanced Threat Defense, as well as security analysts, have a great deal more information to help determine appropriate action, and, if necessary, to remediate more quickly.\r\n<span style=\"font-style: italic;\">“With the McAfee automated threat framework and supporting intelligence from the Bro integration, plus automated remediation that we have also set up, our SOC very rarely needs to pay attention to endpoint incidents,” points out the senior manager of security engineering. “The Bro integration and all that automation save a ton of time.”</span>\r\nTo fortify its defenses further, the company continues to build upon its DXL-based integrated security framework. For instance, the company is currently in the process of adding McAfee DLP Monitor to gather, track, and report on data in motion across its entire network and augment its McAfee DLP Endpoint host-based data protection.\r\n<span style=\"font-style: italic;\">“The more we can integrate our systems and automate </span><span style=\"font-style: italic;\">responses, the safer we will be,” says the senior manager</span><span style=\"font-style: italic;\">of security engineering.</span>","alias":"mcafee-endpoint-security-for-global-software-company","roi":0,"seo":{"title":"McAfee Endpoint Security for global software company","keywords":"","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Integrating McAfee® Advanced Threat Defense and the Bro open-source network </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">security platform widens the scope of threat detection to include unmanaged devices</span>\r\n<span style=\"font-weight: bold; \">Multinational Software Company</span>\r\n<ul><li>Large global software company</li><li>Industry: Technology</li><li>Environment: Fluid environment with up to 150,000 endpoints at any given time, many of them virtual, across 20 countries</li></ul>\r\n<span style=\"font-weight: bold; \">Challenges</span>\r\n<ul><li>Protect against zero-day threats across extended global enterprise</li><li>Shrink detection to remediation gap</li></ul>\r\n<span style=\"font-weight: bold; \">McAfee solution</span>\r\n<ul><li>McAfee® Advanced Threat Defense</li><li>McAfee® Complete Endpoint Threat Protection</li><li>McAfee® ePolicy Orchestrator®</li><li>McAfee® Threat Intelligence Exchange</li></ul>\r\n<span style=\"font-weight: bold; \">Results</span>\r\n<ul><li>Accelerates time to protection, thanks to automation</li><li>Augments threat reputation information shared across</li><li>McAfee ePO softwaremanaged devices with information gleaned from incidents involving unmanaged devices</li><li>Facilitates endpoint incident forensics and accelerates response</li><li>Saves security operations time and hassle</li></ul>\r\nAutomated submission of threat information to McAfee Advanced Threat Defense and automated sharing of that information across the enterprise improves protection while saving security operations time and hassle.\r\nThis large global software company with more than 20,000 employees in 20 countries has implemented an IT infrastructure that is highly virtual and fluid. Systems come and go daily on the company’s network. For instance, in a recent week, 45,000 systems, including virtual machines, connected to the corporate network. However, during peak periods, up to 150,000 endpoints can be connected. For the company’s senior manager of security engineering, who oversees the team responsible for deployment of all security tools across the global enterprise, this environment poses distinct challenges.\r\n<span style=\"font-weight: bold; \">Challenge: Close Gaps to Block Zero-Day Attacks</span>\r\nAlthough the company employs the McAfee Complete Endpoint Threat Protection suite on all its high-risk physical and virtual endpoints, it also has many virtual endpoints connecting to its network that do not have a McAfee agent installed and are therefore not updated with the latest threat protection via the McAfee ePolicy Orchestrator (McAfee® ePO™) management console. The company’s more important virtual machines host a McAfee agent but many “low-risk” systems do not. Until recently, if one of these unmanaged endpoints downloaded a malicious file, the McAfee ePO softwaremanaged endpoints would be at risk because they had no way of knowing of the existence of that threat within the environment.\r\n<span style=\"font-style: italic; \">“Zero-day threats are our biggest concern,” remarks the senior manager of security engineering. “If any of our endpoints—managed or unmanaged—downloads a zero-day threat, we want our whole environment to know about it, and we want to be able to react appropriately as fast as possible.”</span>\r\nIn addition, if a managed endpoint became infected, security analysts would receive an alert, but, because of the fluidity of systems coming on and off the network, by the time an analyst has logged in and has attempted to find the suspicious payload, the system could easily have moved offline, essentially removing the information needed to understand what had transpired. As a result, security operations center (SOC) engineers found that they had to spend extra time tracking down infected systems and remediating them.\r\n<span style=\"font-weight: bold; \">Hunting and Blocking Zero-Day Threats with McAfee Advanced Threat Defense</span>\r\nAlong with McAfee Complete Endpoint Threat Protection, the company had implemented the Data Exchange Layer (DXL) communication fabric and McAfee Threat Intelligence Exchange. DXL connects and optimizes security actions across multiple vendor products, as well as internally developed and open source solutions, and McAfee Threat Intelligence Exchange leverages DXL to bi-directionally share threat information across all DXL-connected systems. To this automated threat reputation-sharing framework, the company added McAfee Advanced Threat Defense for “zero-day hunting,” as the senior manager of security engineering describes the appliance’s main role. \r\n<span style=\"font-style: italic;\">“If an unknown or suspicious file comes across one of</span><span style=\"font-style: italic;\">our endpoints protected by McAfee Endpoint Security, </span><span style=\"font-style: italic;\">the file is automatically sent to McAfee Advanced Threat</span><span style=\"font-style: italic;\">Defense for sophisticated static and dynamic behavioral</span><span style=\"font-style: italic;\">analysis,” explains the senior manager of security</span><span style=\"font-style: italic;\">engineering. “If McAfee Advanced Threat Defense</span><span style=\"font-style: italic;\">deems the file to be malicious, its reputation is then</span><span style=\"font-style: italic;\">automatically broadcast via McAfee Threat Intelligence</span><span style=\"font-style: italic;\">Exchange to all the endpoints connected to DXL. This</span><span style=\"font-style: italic;\">automatic distribution of threat reputation information</span><span style=\"font-style: italic;\">helps us block zero-day threats before they can harm</span><span style=\"font-style: italic;\">our environment.”</span>\r\n<span style=\"font-weight: bold;\">Enhancing Intrusion Detection with Bro</span>\r\nBut what about threats entering the environment through the company’s many unmanaged endpoints? To extend detection to these systems, the company turned to the open-source Bro network security monitoring platform. Bro ingests the company’s network traffic off a span or inline tap and converts the traffic data into logs and metadata in binary format. In a typical week, Bro submits approximately 6,000 files to McAfee Advanced Threat Defense for analysis. Of those, approximately 10% to 20% end up in the McAfee Threat Intelligence Exchange threat reputation database and are subsequently shared throughout the enterprise.\r\n<span style=\"font-style: italic;\">“Bro gives us the ability to retain network traffic in a searchable format, which is extremely useful,” the senior manager of security engineering explains. “For instance, using Bro, we can search for source or distributed IP so we can easily conduct lightweight investigations— discover who or what connected to a specific IP address, what the payload looks like, determine the packet size, and so on.”</span>\r\nThe information captured by Bro supplements the threat information delivered via the McAfee Global Threat Intelligence cloud and disseminated via McAfee Threat Intelligence Exchange. With the Bro script and advice provided by McAfee (now available as a deployment kit), the senior manager of security engineering’s team integrated Bro with McAfee Advanced Threat Defense so that the Bro traffic data is automatically submitted to McAfee Advanced Threat Defense, just as suspicious files from McAfee Endpoint Security are automatically submitted through McAfee Threat Intelligence Exchange.\r\nSince the team was already very familiar with Bro, the integration was straightforward. \r\n<span style=\"font-weight: bold;\">Automatic Immunization Against Threats that Hit Unmanaged Endpoints</span>\r\n<span style=\"font-style: italic;\">“If one of our unmanaged endpoints downloads a malicious file, Bro will capture that event among the </span><span style=\"font-style: italic;\">network traffic and submit it to McAfee Advanced</span><span style=\"font-style: italic;\">Threat Defense for analysis,” notes the senior manager</span><span style=\"font-style: italic;\">of security engineering. “If McAfee Advanced Threat</span><span style=\"font-style: italic;\">Defense determines the file is malicious, then that</span><span style=\"font-style: italic;\">malicious reputation will be shared automatically with</span><span style=\"font-style: italic;\">every McAfee ePO software-managed system in our</span><span style=\"font-style: italic;\">entire enterprise—in other words, with all the systems</span><span style=\"font-style: italic;\">we care about. Put another way, if one of our unmanaged</span><span style=\"font-style: italic;\">virtual machines downloads a malicious file, all of our</span><span style=\"font-style: italic;\">managed devices automatically receive an immune shot.”</span>\r\n<span style=\"font-weight: bold;\">Facilitating and Accelerating Incident Response</span>\r\nWith the McAfee Advanced Threat Defense/Bro integration and threat reputation information automatically disseminated across endpoints via McAfee Threat Intelligence Exchange, inoculation of endpoints happens much faster than it did before. Consequently, there is a much greater likelihood that a system will “receive the immune shot” before it goes offline. In addition, because the actual event and surrounding intelligence is captured by Bro, even if the system goes offline, McAfee Advanced Threat Defense, as well as security analysts, have a great deal more information to help determine appropriate action, and, if necessary, to remediate more quickly.\r\n<span style=\"font-style: italic;\">“With the McAfee automated threat framework and supporting intelligence from the Bro integration, plus automated remediation that we have also set up, our SOC very rarely needs to pay attention to endpoint incidents,” points out the senior manager of security engineering. “The Bro integration and all that automation save a ton of time.”</span>\r\nTo fortify its defenses further, the company continues to build upon its DXL-based integrated security framework. For instance, the company is currently in the process of adding McAfee DLP Monitor to gather, track, and report on data in motion across its entire network and augment its McAfee DLP Endpoint host-based data protection.\r\n<span style=\"font-style: italic;\">“The more we can integrate our systems and automate </span><span style=\"font-style: italic;\">responses, the safer we will be,” says the senior manager</span><span style=\"font-style: italic;\">of security engineering.</span>","og:title":"McAfee Endpoint Security for global software company","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Integrating McAfee® Advanced Threat Defense and the Bro open-source network </span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">security platform widens the scope of threat detection to include unmanaged devices</span>\r\n<span style=\"font-weight: bold; \">Multinational Software Company</span>\r\n<ul><li>Large global software company</li><li>Industry: Technology</li><li>Environment: Fluid environment with up to 150,000 endpoints at any given time, many of them virtual, across 20 countries</li></ul>\r\n<span style=\"font-weight: bold; \">Challenges</span>\r\n<ul><li>Protect against zero-day threats across extended global enterprise</li><li>Shrink detection to remediation gap</li></ul>\r\n<span style=\"font-weight: bold; \">McAfee solution</span>\r\n<ul><li>McAfee® Advanced Threat Defense</li><li>McAfee® Complete Endpoint Threat Protection</li><li>McAfee® ePolicy Orchestrator®</li><li>McAfee® Threat Intelligence Exchange</li></ul>\r\n<span style=\"font-weight: bold; \">Results</span>\r\n<ul><li>Accelerates time to protection, thanks to automation</li><li>Augments threat reputation information shared across</li><li>McAfee ePO softwaremanaged devices with information gleaned from incidents involving unmanaged devices</li><li>Facilitates endpoint incident forensics and accelerates response</li><li>Saves security operations time and hassle</li></ul>\r\nAutomated submission of threat information to McAfee Advanced Threat Defense and automated sharing of that information across the enterprise improves protection while saving security operations time and hassle.\r\nThis large global software company with more than 20,000 employees in 20 countries has implemented an IT infrastructure that is highly virtual and fluid. Systems come and go daily on the company’s network. For instance, in a recent week, 45,000 systems, including virtual machines, connected to the corporate network. However, during peak periods, up to 150,000 endpoints can be connected. For the company’s senior manager of security engineering, who oversees the team responsible for deployment of all security tools across the global enterprise, this environment poses distinct challenges.\r\n<span style=\"font-weight: bold; \">Challenge: Close Gaps to Block Zero-Day Attacks</span>\r\nAlthough the company employs the McAfee Complete Endpoint Threat Protection suite on all its high-risk physical and virtual endpoints, it also has many virtual endpoints connecting to its network that do not have a McAfee agent installed and are therefore not updated with the latest threat protection via the McAfee ePolicy Orchestrator (McAfee® ePO™) management console. The company’s more important virtual machines host a McAfee agent but many “low-risk” systems do not. Until recently, if one of these unmanaged endpoints downloaded a malicious file, the McAfee ePO softwaremanaged endpoints would be at risk because they had no way of knowing of the existence of that threat within the environment.\r\n<span style=\"font-style: italic; \">“Zero-day threats are our biggest concern,” remarks the senior manager of security engineering. “If any of our endpoints—managed or unmanaged—downloads a zero-day threat, we want our whole environment to know about it, and we want to be able to react appropriately as fast as possible.”</span>\r\nIn addition, if a managed endpoint became infected, security analysts would receive an alert, but, because of the fluidity of systems coming on and off the network, by the time an analyst has logged in and has attempted to find the suspicious payload, the system could easily have moved offline, essentially removing the information needed to understand what had transpired. As a result, security operations center (SOC) engineers found that they had to spend extra time tracking down infected systems and remediating them.\r\n<span style=\"font-weight: bold; \">Hunting and Blocking Zero-Day Threats with McAfee Advanced Threat Defense</span>\r\nAlong with McAfee Complete Endpoint Threat Protection, the company had implemented the Data Exchange Layer (DXL) communication fabric and McAfee Threat Intelligence Exchange. DXL connects and optimizes security actions across multiple vendor products, as well as internally developed and open source solutions, and McAfee Threat Intelligence Exchange leverages DXL to bi-directionally share threat information across all DXL-connected systems. To this automated threat reputation-sharing framework, the company added McAfee Advanced Threat Defense for “zero-day hunting,” as the senior manager of security engineering describes the appliance’s main role. \r\n<span style=\"font-style: italic;\">“If an unknown or suspicious file comes across one of</span><span style=\"font-style: italic;\">our endpoints protected by McAfee Endpoint Security, </span><span style=\"font-style: italic;\">the file is automatically sent to McAfee Advanced Threat</span><span style=\"font-style: italic;\">Defense for sophisticated static and dynamic behavioral</span><span style=\"font-style: italic;\">analysis,” explains the senior manager of security</span><span style=\"font-style: italic;\">engineering. “If McAfee Advanced Threat Defense</span><span style=\"font-style: italic;\">deems the file to be malicious, its reputation is then</span><span style=\"font-style: italic;\">automatically broadcast via McAfee Threat Intelligence</span><span style=\"font-style: italic;\">Exchange to all the endpoints connected to DXL. This</span><span style=\"font-style: italic;\">automatic distribution of threat reputation information</span><span style=\"font-style: italic;\">helps us block zero-day threats before they can harm</span><span style=\"font-style: italic;\">our environment.”</span>\r\n<span style=\"font-weight: bold;\">Enhancing Intrusion Detection with Bro</span>\r\nBut what about threats entering the environment through the company’s many unmanaged endpoints? To extend detection to these systems, the company turned to the open-source Bro network security monitoring platform. Bro ingests the company’s network traffic off a span or inline tap and converts the traffic data into logs and metadata in binary format. In a typical week, Bro submits approximately 6,000 files to McAfee Advanced Threat Defense for analysis. Of those, approximately 10% to 20% end up in the McAfee Threat Intelligence Exchange threat reputation database and are subsequently shared throughout the enterprise.\r\n<span style=\"font-style: italic;\">“Bro gives us the ability to retain network traffic in a searchable format, which is extremely useful,” the senior manager of security engineering explains. “For instance, using Bro, we can search for source or distributed IP so we can easily conduct lightweight investigations— discover who or what connected to a specific IP address, what the payload looks like, determine the packet size, and so on.”</span>\r\nThe information captured by Bro supplements the threat information delivered via the McAfee Global Threat Intelligence cloud and disseminated via McAfee Threat Intelligence Exchange. With the Bro script and advice provided by McAfee (now available as a deployment kit), the senior manager of security engineering’s team integrated Bro with McAfee Advanced Threat Defense so that the Bro traffic data is automatically submitted to McAfee Advanced Threat Defense, just as suspicious files from McAfee Endpoint Security are automatically submitted through McAfee Threat Intelligence Exchange.\r\nSince the team was already very familiar with Bro, the integration was straightforward. \r\n<span style=\"font-weight: bold;\">Automatic Immunization Against Threats that Hit Unmanaged Endpoints</span>\r\n<span style=\"font-style: italic;\">“If one of our unmanaged endpoints downloads a malicious file, Bro will capture that event among the </span><span style=\"font-style: italic;\">network traffic and submit it to McAfee Advanced</span><span style=\"font-style: italic;\">Threat Defense for analysis,” notes the senior manager</span><span style=\"font-style: italic;\">of security engineering. “If McAfee Advanced Threat</span><span style=\"font-style: italic;\">Defense determines the file is malicious, then that</span><span style=\"font-style: italic;\">malicious reputation will be shared automatically with</span><span style=\"font-style: italic;\">every McAfee ePO software-managed system in our</span><span style=\"font-style: italic;\">entire enterprise—in other words, with all the systems</span><span style=\"font-style: italic;\">we care about. Put another way, if one of our unmanaged</span><span style=\"font-style: italic;\">virtual machines downloads a malicious file, all of our</span><span style=\"font-style: italic;\">managed devices automatically receive an immune shot.”</span>\r\n<span style=\"font-weight: bold;\">Facilitating and Accelerating Incident Response</span>\r\nWith the McAfee Advanced Threat Defense/Bro integration and threat reputation information automatically disseminated across endpoints via McAfee Threat Intelligence Exchange, inoculation of endpoints happens much faster than it did before. Consequently, there is a much greater likelihood that a system will “receive the immune shot” before it goes offline. In addition, because the actual event and surrounding intelligence is captured by Bro, even if the system goes offline, McAfee Advanced Threat Defense, as well as security analysts, have a great deal more information to help determine appropriate action, and, if necessary, to remediate more quickly.\r\n<span style=\"font-style: italic;\">“With the McAfee automated threat framework and supporting intelligence from the Bro integration, plus automated remediation that we have also set up, our SOC very rarely needs to pay attention to endpoint incidents,” points out the senior manager of security engineering. “The Bro integration and all that automation save a ton of time.”</span>\r\nTo fortify its defenses further, the company continues to build upon its DXL-based integrated security framework. For instance, the company is currently in the process of adding McAfee DLP Monitor to gather, track, and report on data in motion across its entire network and augment its McAfee DLP Endpoint host-based data protection.\r\n<span style=\"font-style: italic;\">“The more we can integrate our systems and automate </span><span style=\"font-style: italic;\">responses, the safer we will be,” says the senior manager</span><span style=\"font-style: italic;\">of security engineering.</span>"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":8760,"title":"Hidden supplier","logoURL":"https://roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg","alias":"skrytyi-postavshchik","address":"","roles":[],"description":" Supplier Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":70,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden supplier","keywords":"","description":" Supplier Information is confidential ","og:title":"Hidden supplier","og:description":" Supplier Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg"},"eventUrl":""},"vendors":[{"id":184,"title":"McAfee","logoURL":"https://roi4cio.com/uploads/roi/company/McAfee.png","alias":"mcafee","address":"","roles":[],"description":"<span style=\"color: rgb(97, 97, 97); \">McAfee is a global organization with a 30-year history and a brand known the world over for innovation, collaboration and trust. The company was founded in 1987 as McAfee Associates, named for its founder John McAfee, who resigned from the company in 1994.<br /></span>\r\n<span style=\"color: rgb(97, 97, 97); \">As a leading-edge cybersecurity company, McAfee provides advanced security solutions to consumers, small and large businesses, enterprises, and governments. Security technologies from McAfee use a unique, predictive capability that is powered by McAfee Global Threat Intelligence, which enables home users and businesses to stay one step ahead of the next wave of fileless attacks, viruses, malware, and other online threats.</span>\r\nMcAfee is:\r\n■ 622 million total endpoints<br />■ 97 million enterprise endpoints<br />■ 525 million consumer endpoints<br />■ 69,000 enterprise customers<br />■ 7,000 employees<br />■ 189 countries<br />■ 151 Security Innovation Alliance partners<br />■ 80% of Fortune 100 firms<br />■ 75% of Fortune 500 firms<br />■ 64% of Global 2000 firms<br />■ 87% of world’s largest banks<br />■ 54% of Top 50 retailers<br />■ 1,550+ security patents worldwide ","companyTypes":[],"products":{},"vendoredProductsCount":17,"suppliedProductsCount":17,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":13,"vendorPartnersCount":0,"supplierPartnersCount":272,"b4r":0,"categories":{},"companyUrl":"https://www.mcafee.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"McAfee","keywords":"Intel, Security, company, Capital, McAfee, security, with, between","description":"<span style=\"color: rgb(97, 97, 97); \">McAfee is a global organization with a 30-year history and a brand known the world over for innovation, collaboration and trust. The company was founded in 1987 as McAfee Associates, named for its founder John McAfee, who resigned from the company in 1994.<br /></span>\r\n<span style=\"color: rgb(97, 97, 97); \">As a leading-edge cybersecurity company, McAfee provides advanced security solutions to consumers, small and large businesses, enterprises, and governments. Security technologies from McAfee use a unique, predictive capability that is powered by McAfee Global Threat Intelligence, which enables home users and businesses to stay one step ahead of the next wave of fileless attacks, viruses, malware, and other online threats.</span>\r\nMcAfee is:\r\n■ 622 million total endpoints<br />■ 97 million enterprise endpoints<br />■ 525 million consumer endpoints<br />■ 69,000 enterprise customers<br />■ 7,000 employees<br />■ 189 countries<br />■ 151 Security Innovation Alliance partners<br />■ 80% of Fortune 100 firms<br />■ 75% of Fortune 500 firms<br />■ 64% of Global 2000 firms<br />■ 87% of world’s largest banks<br />■ 54% of Top 50 retailers<br />■ 1,550+ security patents worldwide ","og:title":"McAfee","og:description":"<span style=\"color: rgb(97, 97, 97); \">McAfee is a global organization with a 30-year history and a brand known the world over for innovation, collaboration and trust. The company was founded in 1987 as McAfee Associates, named for its founder John McAfee, who resigned from the company in 1994.<br /></span>\r\n<span style=\"color: rgb(97, 97, 97); \">As a leading-edge cybersecurity company, McAfee provides advanced security solutions to consumers, small and large businesses, enterprises, and governments. Security technologies from McAfee use a unique, predictive capability that is powered by McAfee Global Threat Intelligence, which enables home users and businesses to stay one step ahead of the next wave of fileless attacks, viruses, malware, and other online threats.</span>\r\nMcAfee is:\r\n■ 622 million total endpoints<br />■ 97 million enterprise endpoints<br />■ 525 million consumer endpoints<br />■ 69,000 enterprise customers<br />■ 7,000 employees<br />■ 189 countries<br />■ 151 Security Innovation Alliance partners<br />■ 80% of Fortune 100 firms<br />■ 75% of Fortune 500 firms<br />■ 64% of Global 2000 firms<br />■ 87% of world’s largest banks<br />■ 54% of Top 50 retailers<br />■ 1,550+ security patents worldwide ","og:image":"https://roi4cio.com/uploads/roi/company/McAfee.png"},"eventUrl":""}],"products":[{"id":429,"logo":false,"scheme":false,"title":"McAfee ePolicy Orchestrator (McAfee ePO)","vendorVerified":1,"rating":"2.70","implementationsCount":7,"suppliersCount":0,"alias":"mcafee-epolicy-orchestrator-mcafee-epo","companyTypes":[],"description":"A single console for all your security management\r\nMcAfee ePolicy Orchestrator (McAfee ePO) is the most advanced, extensible, and scalable centralized security management software in the industry.\r\n\r\nGet a unified view of your security posture with drag-and-drop dashboards that provide security intelligence across endpoints, data, mobile and networks. \r\nSimplify security operations with streamlined workflows for proven efficiencies.\r\nFlexible security management options allow you to select either a traditional premises-based or a cloud-based management version of McAfee ePO.\r\nLeverage your existing third-party IT infrastructure from a single security management console with our extensible architecture.\r\n\r\nQuick deployment for maximum efficiency\r\n\r\nDeploy quickly and easily\r\nEnsure broad-based security and risk management solutions work together to reduce security gaps and complexity. Single agent deployment and customizable policy enforcement secure your environment quickly.\r\n\r\nGain efficiencies\r\nStreamline security and compliance workflows with automations and a personalized workspace. McAfee ePO offers an enterprise-class security management architecture that scales for organizations of all sizes, significantly reducing the number of servers to deploy.\r\n\r\nFuture-proof your security infrastructure\r\nProtect your organization from today’s—and tomorrow’s—threats. Real-time threat intelligence from McAfee Labs proactively guards your infrastructure. The open platform facilitates rapid adoption of security innovations as new threat categories emerge.","shortDescription":"McAfee ePolicy Orchestrator (McAfee ePO) is the most advanced, extensible, and scalable centralized security management software in the industry.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":3,"sellingCount":11,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee ePolicy Orchestrator (McAfee ePO)","keywords":"security, your, management, McAfee, with, from, infrastructure, threat","description":"A single console for all your security management\r\nMcAfee ePolicy Orchestrator (McAfee ePO) is the most advanced, extensible, and scalable centralized security management software in the industry.\r\n\r\nGet a unified view of your security posture with drag-and-drop dashboards that provide security intelligence across endpoints, data, mobile and networks. \r\nSimplify security operations with streamlined workflows for proven efficiencies.\r\nFlexible security management options allow you to select either a traditional premises-based or a cloud-based management version of McAfee ePO.\r\nLeverage your existing third-party IT infrastructure from a single security management console with our extensible architecture.\r\n\r\nQuick deployment for maximum efficiency\r\n\r\nDeploy quickly and easily\r\nEnsure broad-based security and risk management solutions work together to reduce security gaps and complexity. Single agent deployment and customizable policy enforcement secure your environment quickly.\r\n\r\nGain efficiencies\r\nStreamline security and compliance workflows with automations and a personalized workspace. McAfee ePO offers an enterprise-class security management architecture that scales for organizations of all sizes, significantly reducing the number of servers to deploy.\r\n\r\nFuture-proof your security infrastructure\r\nProtect your organization from today’s—and tomorrow’s—threats. Real-time threat intelligence from McAfee Labs proactively guards your infrastructure. The open platform facilitates rapid adoption of security innovations as new threat categories emerge.","og:title":"McAfee ePolicy Orchestrator (McAfee ePO)","og:description":"A single console for all your security management\r\nMcAfee ePolicy Orchestrator (McAfee ePO) is the most advanced, extensible, and scalable centralized security management software in the industry.\r\n\r\nGet a unified view of your security posture with drag-and-drop dashboards that provide security intelligence across endpoints, data, mobile and networks. \r\nSimplify security operations with streamlined workflows for proven efficiencies.\r\nFlexible security management options allow you to select either a traditional premises-based or a cloud-based management version of McAfee ePO.\r\nLeverage your existing third-party IT infrastructure from a single security management console with our extensible architecture.\r\n\r\nQuick deployment for maximum efficiency\r\n\r\nDeploy quickly and easily\r\nEnsure broad-based security and risk management solutions work together to reduce security gaps and complexity. Single agent deployment and customizable policy enforcement secure your environment quickly.\r\n\r\nGain efficiencies\r\nStreamline security and compliance workflows with automations and a personalized workspace. McAfee ePO offers an enterprise-class security management architecture that scales for organizations of all sizes, significantly reducing the number of servers to deploy.\r\n\r\nFuture-proof your security infrastructure\r\nProtect your organization from today’s—and tomorrow’s—threats. Real-time threat intelligence from McAfee Labs proactively guards your infrastructure. The open platform facilitates rapid adoption of security innovations as new threat categories emerge."},"eventUrl":"","translationId":430,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":45,"title":"SIEM - Security Information and Event Management","alias":"siem-security-information-and-event-management","description":"<span style=\"font-weight: bold; \">Security information and event management (SIEM)</span> is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system. \r\n The underlying principles of every SIEM system is to aggregate relevant data from multiple sources, identify deviations from the norm and take appropriate action. At the most basic level, a SIEM system can be rules-based or employ a statistical correlation engine to establish relationships between event log entries. Advanced SIEM products have evolved to include user and entity behavior analytics (UEBA) and security orchestration and automated response (SOAR). \r\nThe acronyms SEM, SIM and SIEM have sometimes been used interchangeably, but generally refer to the different primary focus of products:\r\n<ul><li><span style=\"font-weight: bold;\">Log management:</span> Focus on simple collection and storage of log messages and audit trails.</li><li><span style=\"font-weight: bold;\">Security information management (SIM):</span> Long-term storage as well as analysis and reporting of log data.</li><li><span style=\"font-weight: bold;\">Security event manager (SEM):</span> Real-time monitoring, correlation of events, notifications and console views.</li><li><span style=\"font-weight: bold;\">Security information event management (SIEM):</span> Combines SIM and SEM and provides real-time analysis of security alerts generated by network hardware and applications.</li><li><span style=\"font-weight: bold;\">Managed Security Service (MSS) or Managed Security Service Provider (MSSP):</span> The most common managed services appear to evolve around connectivity and bandwidth, network monitoring, security, virtualization, and disaster recovery.</li><li><span style=\"font-weight: bold;\">Security as a service (SECaaS):</span> These security services often include authentication, anti-virus, anti-malware/spyware, intrusion detection, Penetration testing and security event management, among others.</li></ul>\r\nToday, most of SIEM technology works by deploying multiple collection agents in a hierarchical manner to gather security-related events from end-user devices, servers, network equipment, as well as specialized security equipment like firewalls, antivirus or intrusion prevention systems. The collectors forward events to a centralized management console where security analysts sift through the noise, connecting the dots and prioritizing security incidents.\r\nSome of the most important features to review when evaluating Security Information and Event Management software are:\r\n<ol><li><span style=\"font-weight: bold; \">Integration with other controls:</span> Can the system give commands to other enterprise security controls to prevent or stop attacks in progress?</li><li><span style=\"font-weight: bold; \">Artificial intelligence:</span> Can the system improve its own accuracy by through machine and deep learning?</li><li><span style=\"font-weight: bold; \">Threat intelligence feeds:</span> Can the system support threat intelligence feeds of the organization's choosing or is it mandated to use a particular feed?</li><li><span style=\"font-weight: bold; \">Robust compliance reporting:</span> Does the system include built-in reports for common compliance needs and the provide the organization with the ability to customize or create new compliance reports?</li><li><span style=\"font-weight: bold; \">Forensics capabilities:</span> Can the system capture additional information about security events by recording the headers and contents of packets of interest? </li></ol>\r\n\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> Why is SIEM Important?</h1>\r\nSIEM has become a core security component of modern organizations. The main reason is that every user or tracker leaves behind a virtual trail in a network’s log data. SIEM software is designed to use this log data in order to generate insight into past attacks and events. A SIEM solution not only identifies that an attack has happened, but allows you to see how and why it happened as well.\r\nAs organizations update and upscale to increasingly complex IT infrastructures, SIEM has become even more important in recent years. Contrary to popular belief, firewalls and antivirus packages are not enough to protect a network in its entirety. Zero-day attacks can still penetrate a system’s defenses even with these security measures in place.\r\nSIEM addresses this problem by detecting attack activity and assessing it against past behavior on the network. A security event monitoring has the ability to distinguish between legitimate use and a malicious attack. This helps to increase a system’s incident protection and avoid damage to systems and virtual property.\r\nThe use of SIEM also helps companies to comply with a variety of industry cyber management regulations. Log management is the industry standard method of auditing activity on an IT network. SIEM management provides the best way to meet this regulatory requirement and provide transparency over logs in order to generate clear insights and improvements.\r\n<h1 class=\"align-center\">Evaluation criteria for security information and event management software:</h1>\r\n<ul><li>Threat identification: Raw log form vs. descriptive.</li><li>Threat tracking: Ability to track through the various events, from source to destination.</li><li>Policy enforcement: Ability to enforce defined polices.</li><li>Application analysis: Ability to analyze application at Layer 7 if necessary.</li><li>Business relevance of events: Ability to assign business risk to events and have weighted threat levels.</li><li>Measuring changes and improvements: Ability to track configuration changes to devices.</li><li>Asset-based information: Ability to gather information on devices on the network.</li><li>Anomalous behavior (server): Ability to trend and see changes in how it communicates to others.</li><li>Anomalous behavior (network): Ability to trend and see how communications pass throughout the network.</li><li>Anomalous behavior (application): Ability to trend and see changes in how it communicates to others.</li><li>User monitoring: User activity, logging in, applications usage, etc.</li></ul>\r\n\r\n","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_SIEM.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":538,"logo":false,"scheme":false,"title":"McAfee Complete Endpoint Threat Protection","vendorVerified":1,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"alias":"mcafee-complete-endpoint-threat-protection","companyTypes":[],"description":"<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">McAfee Complete Endpoint Threat Protection provides advanced defenses that investigate, contain, and provide actionable insights to combat zero-day threats and sophisticated attacks.</p>\r\n<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">Core endpoint protection, including anti-malware, firewall, device control, email and web security works together with machine learning and dynamic application containment to detect zero-day threats in near real time, and classify and halt them before they can execute on your systems. Actionable forensic data and easy-to-read reports keep you informed and help you make the move from responding to outbreaks, to investigating and hardening your defenses. And, because McAfee Complete Endpoint Threat Protection is built using an extensible framework, you can add other advanced threat defenses with ease as your security needs and the threat landscape evolve.</p>","shortDescription":"McAfee Complete Endpoint Threat Protection provides advanced defenses that investigate, contain, and provide actionable insights to combat zero-day threats and sophisticated attacks.\r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":14,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee Complete Endpoint Threat Protection","keywords":"McAfee, Complete, defenses, your, Threat, Endpoint, Protection, zero-day","description":"<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">McAfee Complete Endpoint Threat Protection provides advanced defenses that investigate, contain, and provide actionable insights to combat zero-day threats and sophisticated attacks.</p>\r\n<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">Core endpoint protection, including anti-malware, firewall, device control, email and web security works together with machine learning and dynamic application containment to detect zero-day threats in near real time, and classify and halt them before they can execute on your systems. Actionable forensic data and easy-to-read reports keep you informed and help you make the move from responding to outbreaks, to investigating and hardening your defenses. And, because McAfee Complete Endpoint Threat Protection is built using an extensible framework, you can add other advanced threat defenses with ease as your security needs and the threat landscape evolve.</p>","og:title":"McAfee Complete Endpoint Threat Protection","og:description":"<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">McAfee Complete Endpoint Threat Protection provides advanced defenses that investigate, contain, and provide actionable insights to combat zero-day threats and sophisticated attacks.</p>\r\n<p style=\"margin: 0px 10px 15px 0px; padding: 0px; border: 0px; outline: 0px; color: #53565a; font-family: intel_clear_wregular, Tahoma, Arial, Helvetica, sans-serif; font-size: 14px;\">Core endpoint protection, including anti-malware, firewall, device control, email and web security works together with machine learning and dynamic application containment to detect zero-day threats in near real time, and classify and halt them before they can execute on your systems. Actionable forensic data and easy-to-read reports keep you informed and help you make the move from responding to outbreaks, to investigating and hardening your defenses. And, because McAfee Complete Endpoint Threat Protection is built using an extensible framework, you can add other advanced threat defenses with ease as your security needs and the threat landscape evolve.</p>"},"eventUrl":"","translationId":595,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":41,"title":"Antispam","alias":"antispam","description":"In each system, which involves the communication of users, there is always the problem of spam, or the mass mailing of unsolicited emails, which is solved using the antispam system. An antispam system is installed to catch and filter spam at different levels. Spam monitoring and identification are relevant on corporate servers that support corporate email, here the antispam system filters spam on the server before it reaches the mailbox. There are many programs that help to cope with this task, but not all of them are equally useful. The main objective of such programs is to stop sending unsolicited letters, however, the methods of assessing and suppressing such actions can be not only beneficial but also detrimental to your organization. So, depending on the rules and policies of mail servers, your server, or even a domain, may be blacklisted and the transfer of letters will be limited through it, and you may not even be warned about it.\r\nThe main types of installation and use of anti-spam systems:\r\n<ul><li>installation of specialized equipment, a gateway that filters mail before it reaches the server;</li><li>use of external antispam systems for analyzing emails and content;</li><li>setting up an antispam system with the ability to learn on the mail server itself;</li><li>installation of spam filtering software on the client’s computer.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Anti-spam technologies:</span>\r\n<span style=\"font-weight: bold;\">Heuristic analysis</span>\r\nExtremely complex, highly intelligent technology for empirical analysis of all parts of a message: header fields, message bodies, etc. Not only the message itself is analyzed. The heuristic analyzer is constantly being improved, new rules are continuously added to it. It works “ahead of the curve” and makes it possible to recognize still unknown varieties of spam of a new generation before the release of available updates.\r\n<span style=\"font-weight: bold;\">Filtering counteraction</span>\r\nThis is one of the most advanced and effective anti-spam technologies. It is to recognize the tricks resorted to by spammers to bypass anti-spam filters.\r\n<span style=\"font-weight: bold;\">HTML based analysis</span>\r\nHTML code comparable to samples of HTML signatures in antispam. Such a comparison, using the available data on the size of typical spam images, protects users from spam messages using HTML-code, which are often included in the online image.\r\n<span style=\"font-weight: bold;\">Spam detection technology for message envelopes</span>\r\nDetection of fakes in the "stamps" of SMTP-servers and in other elements of the e-mail header is the newest direction in the development of anti-spam methods. Email addresses can not be trusted. Fake emails contain more than just spam. For example, anonymous and even threats. Technologies of various anti-spam systems allow you to send such messages. Thus, it provides not only the economic movement, but also the protection of employees.\r\n<span style=\"font-weight: bold;\">Semantic analysis</span>\r\nMeaning in words and phrases is compared with typical spam vocabulary. Comparison of provisions for a special dictionary, for expression and symbols.\r\n<span style=\"font-weight: bold;\">Anti-camming technology</span>\r\nScamming is probably the most dangerous type of spam. All of them have the so-called "Nigerian letters", reports of winnings in the lottery, casino, fake letters and credit services.\r\n<span style=\"font-weight: bold;\">Technical spam filtering</span>\r\nAutomatic notification of e-mail - bounce-messages - to inform users about the malfunction of the postal system (for example, non-delivery of address letters). Attackers can use similar messages. Under the guise of a technical notification, computer service or ordinary spam can penetrate the computer.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Antispam.png"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":25,"title":"Web filtering","alias":"web-filtering","description":" <span style=\"font-weight: bold; \">Web filtering</span> is a technology that stops users from viewing certain URLs or websites by preventing their browsers from loading pages from these sites. Web filters are made in different ways and deliver various solutions for individual, family, institutional or enterprise use.\r\nIn general, Web filters work in two distinct ways. They can <span style=\"font-weight: bold; \">block content</span> as determined by quality of the site, by consulting known lists which document and categorize popular pages across all genres of content. Or, they can <span style=\"font-weight: bold; \">evaluate the content</span> of the page live and block it accordingly. Many Web filter tools work off of a constantly updated URL database that shows which websites and domains are associated with hosting malware, phishing, viruses or other tools for harmful activities.\r\n<span style=\"font-weight: bold;\">Web Filtering Types.</span> <span style=\"font-style: italic;\">Blacklist & Whitelist Filters:</span>when using blacklists, an administrator (which might be a parent) manually enters all websites that are deemed inappropriate into the program, and those sites are subsequently blocked. Whitelists are used in exactly the same way, only in reverse – i.e. URLs are manually entered onto a whitelist, and all other websites are then off-limits.\r\n<span style=\"font-style: italic; \">Keyword And Content Filters: </span>this type of filtering is in many ways similar to black and whitelist filtering, though with a slightly broader scope. Keyword and content filters will filter out websites that contain specific keywords or predefined content (such as pornography, for example).\r\nSome website filtering software also provides reporting so that the installer can see what kind of traffic is being filtered and who has requested it. Some products provide soft blocking (in which a warning page is sent to the user instead of the requested page while still allowing access to the page) and an override capability that allows an administrator to unlock a page. \r\n<span style=\"font-weight: bold; \">Web Filtering Software for Business.</span> Most organizations have moved to cloud based-applications, making browsers a tool that employees use on a daily basis to access work. Browsers have become a conduit to not only the cloud, but also to immeasurable malware and distractions hosted on the web. In order to ensure that browsers do not bring in malicious traffic, web filtering software becomes necessary.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">What is Enterprise Web Filtering Software?</h1>\r\nAntivirus and antimalware software are required to detect malicious programs that has been downloaded, but it is now important for enterprise web filtering software to be installed. Content filtering software is an invaluable protection against a wide range of web-borne threats. Rather than allowing malware and ransomware to be downloaded, it prevents end users from visiting websites that contain these malicious threats.\r\nInternet filtering software is also one of the most effective ways to neutralize the threat from phishing. Phishing is a technique used by cybercriminals to gain access to sensitive user information. Phishers trick end users into revealing login credentials or downloading malicious software onto their computers.\r\nPhishing involves sophisticated social engineering techniques to fool end users into visiting malicious websites. If employees can be convinced to reveal sensitive information or download ransomware or malware, cybercriminals can easily bypass even the most sophisticated of cybersecurity defenses.\r\n<h1 class=\"align-center\">What is URL Filtering?</h1>\r\nURL filtering is a type of network filtering software that helps businesses control their users’ and guests’ ability to access certain content on the web. If you’ve ever gotten a “block” page while surfing the internet at the office, then your company is using web filtering.\r\nSome employers may only be concerned about blocking access to websites that are known to spread malware or steal information. Other businesses may block content they find inappropriate, such as adult websites or sites that promote violence, or content that violates compliance regulations. They may also choose to activate web protection software to block social media or video streaming sites to minimize drains on productivity and network bandwidth.\r\nTypically, URL filtering software is provided by a cybersecurity service, firewall, or router. Each of these may use a variety of threat intelligence sources to determine which websites fit into their chosen acceptable and unacceptable categories. That’s where highly reliable web reputation services are most valuable. Sources that have extensive web histories and real-time active crawling services will provide the most accurate content determinations.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Web_filtering.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1732,"logo":false,"scheme":false,"title":"McAfee Endpoint Security","vendorVerified":1,"rating":"2.00","implementationsCount":5,"suppliersCount":0,"alias":"mcafee-endpoint-security","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Advanced, consolidated endpoint defense</span> McAfee Endpoint Security delivers industry-leading protection and operational simplicity for your diverse endpoint environment. <span style=\"font-weight: bold;\">Core threat prevention</span> Essential anti-virus, exploit prevention, firewall, and web control communicate with each other. <span style=\"font-weight: bold;\">Machine learning</span> State-of-the art techniques identify malicious code based on appearance and behavior. <span style=\"font-weight: bold;\">Application containment</span> Limit the impact of suspicious files and zero-day malware by blocking behaviors and containing them before they can infect or spread in your environment. <span style=\"font-weight: bold;\">Endpoint detection and response</span> Our integrated, automated, and adaptable endpoint detection and response (EDR) technology is easy to use and makes incident response as simple as a single click. <span style=\"font-weight: bold;\">Product features</span>\r\n<ul> <li>Centralized management. The McAfee ePolicy Orchestrator management console can be deployed on premises or in the cloud. It provides greater visibility, simplifies operations, boosts IT productivity, unifies security, and reduces costs.</li> <li>Advanced anti-malware protection. Our anti-malware engine is continually updated by McAfee Global Threat Intelligence and works efficiently across multiple operating systems.</li> <li>Machine learning analysis. Detect zero-day threats in near real time by examining how they look and behave to halt threats designed to evade detection.</li> <li>Dynamic application containment. Defend against ransomware and greyware by securing endpoints that are leveraged as entry points for attacks.</li> <li>Proactive web security. Ensure safe browsing with web protection and filtering for endpoints.</li> <li>Actionable threat forensics. Quickly see where infections are, why they are occurring, and the length of exposure to understand the threat and react more quickly.</li> </ul>","shortDescription":"McAfee Endpoint Security is an integrated, centrally managed, advanced defenses","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":11,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee Endpoint Security","keywords":"","description":"<span style=\"font-weight: bold;\">Advanced, consolidated endpoint defense</span> McAfee Endpoint Security delivers industry-leading protection and operational simplicity for your diverse endpoint environment. <span style=\"font-weight: bold;\">Core threat prevention</span> Essential anti-virus, exploit prevention, firewall, and web control communicate with each other. <span style=\"font-weight: bold;\">Machine learning</span> State-of-the art techniques identify malicious code based on appearance and behavior. <span style=\"font-weight: bold;\">Application containment</span> Limit the impact of suspicious files and zero-day malware by blocking behaviors and containing them before they can infect or spread in your environment. <span style=\"font-weight: bold;\">Endpoint detection and response</span> Our integrated, automated, and adaptable endpoint detection and response (EDR) technology is easy to use and makes incident response as simple as a single click. <span style=\"font-weight: bold;\">Product features</span>\r\n<ul> <li>Centralized management. The McAfee ePolicy Orchestrator management console can be deployed on premises or in the cloud. It provides greater visibility, simplifies operations, boosts IT productivity, unifies security, and reduces costs.</li> <li>Advanced anti-malware protection. Our anti-malware engine is continually updated by McAfee Global Threat Intelligence and works efficiently across multiple operating systems.</li> <li>Machine learning analysis. Detect zero-day threats in near real time by examining how they look and behave to halt threats designed to evade detection.</li> <li>Dynamic application containment. Defend against ransomware and greyware by securing endpoints that are leveraged as entry points for attacks.</li> <li>Proactive web security. Ensure safe browsing with web protection and filtering for endpoints.</li> <li>Actionable threat forensics. Quickly see where infections are, why they are occurring, and the length of exposure to understand the threat and react more quickly.</li> </ul>","og:title":"McAfee Endpoint Security","og:description":"<span style=\"font-weight: bold;\">Advanced, consolidated endpoint defense</span> McAfee Endpoint Security delivers industry-leading protection and operational simplicity for your diverse endpoint environment. <span style=\"font-weight: bold;\">Core threat prevention</span> Essential anti-virus, exploit prevention, firewall, and web control communicate with each other. <span style=\"font-weight: bold;\">Machine learning</span> State-of-the art techniques identify malicious code based on appearance and behavior. <span style=\"font-weight: bold;\">Application containment</span> Limit the impact of suspicious files and zero-day malware by blocking behaviors and containing them before they can infect or spread in your environment. <span style=\"font-weight: bold;\">Endpoint detection and response</span> Our integrated, automated, and adaptable endpoint detection and response (EDR) technology is easy to use and makes incident response as simple as a single click. <span style=\"font-weight: bold;\">Product features</span>\r\n<ul> <li>Centralized management. The McAfee ePolicy Orchestrator management console can be deployed on premises or in the cloud. It provides greater visibility, simplifies operations, boosts IT productivity, unifies security, and reduces costs.</li> <li>Advanced anti-malware protection. Our anti-malware engine is continually updated by McAfee Global Threat Intelligence and works efficiently across multiple operating systems.</li> <li>Machine learning analysis. Detect zero-day threats in near real time by examining how they look and behave to halt threats designed to evade detection.</li> <li>Dynamic application containment. Defend against ransomware and greyware by securing endpoints that are leveraged as entry points for attacks.</li> <li>Proactive web security. Ensure safe browsing with web protection and filtering for endpoints.</li> <li>Actionable threat forensics. Quickly see where infections are, why they are occurring, and the length of exposure to understand the threat and react more quickly.</li> </ul>"},"eventUrl":"","translationId":1733,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":2160,"logo":false,"scheme":false,"title":"McAfee Advanced Threat Defense","vendorVerified":1,"rating":"2.00","implementationsCount":5,"suppliersCount":0,"alias":"mcafee-advanced-threat-defense","companyTypes":[],"description":"McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection and exposeevasive threats. Tight integration between security solutions — from network and endpoint to investigation — enables instant sharing of threat information across the environment, enhancing protection and investigation. Flexible deployment options support every network.\r\nMcAfee Advanced Threat Defense detects today’s stealthy, zero-day malware with an innovative, layered approach. It combines low-touch analysis engines such as antivirus signatures, reputation, and real-time emulation with dynamic analysis (sandboxing) to analyze actual behavior. Investigation continues with in-depth static code analysis that inspects file attributes and instruction sets to determine intended or evasive behavior and assesses similarity with known malware families. A final step in the analysis, McAfee Advanced Threat Defense specifically looks for malicious indicators that have been identified through machine learning via a deep neural network. Combined, this represents the strongest advanced malware security protection on the market and effectively balances the need for both in-depth inspection and performance. While lower analytical intensity methods such as signatures and real-time emulation benefit performance by catching more easily identified malware, the addition of in-depth static code analysis and insights gained through machine learning to sandboxing broadens detection of highly camouflaged, evasive threats. Malicious indicators that may not execute in a dynamic environment can be identified through unpacking, in-depth static code analysis, and machine learning insights.\r\nAdvanced capabilities support investigation McAfee Advanced Threat Defense offers numerous, advanced capabilities including:\r\n<ul> <li>Configurable operating system and application support: Tailor analysis images with select environment variables to validate threats and support investigation.</li> <li>User interactive mode: Enables analysts to interact directly with malware samples.</li> <li>Extensive unpacking capabilities: Reduces investigation time from days to minutes.</li> <li>Full logic path: Enables deeper sample analysis by forcing execution of additional logic paths that remain dormant in typical sandbox environments.</li> <li>Sample submission to multiple virtual environments: Speeds investigation by determining which environment variables are needed for file execution.</li> <li>Detailed reports: Provide critical information for investigation including MITRE ATT&CK mapping, disassembly output, memory dumps, graphical function call diagrams, embedded or dropped file information, user API logs, and PCAP information. Threat time lines help visualize attack execution steps.</li> <li>Bro Network Security Monitor integration: Deploy Bro sensor to a suspected network segment to monitor and capture traffic and forward files to McAfee Advance Threat Defense for inspection.</li> </ul>\r\nFlexible advanced threat analysis deployment options support every network. McAfee Advanced Threat Defense is available as an on-premises appliance or a virtual form factor, with support for both private and public cloud with availability in the Azure Marketplace.","shortDescription":"McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee Advanced Threat Defense","keywords":"","description":"McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection and exposeevasive threats. Tight integration between security solutions — from network and endpoint to investigation — enables instant sharing of threat information across the environment, enhancing protection and investigation. Flexible deployment options support every network.\r\nMcAfee Advanced Threat Defense detects today’s stealthy, zero-day malware with an innovative, layered approach. It combines low-touch analysis engines such as antivirus signatures, reputation, and real-time emulation with dynamic analysis (sandboxing) to analyze actual behavior. Investigation continues with in-depth static code analysis that inspects file attributes and instruction sets to determine intended or evasive behavior and assesses similarity with known malware families. A final step in the analysis, McAfee Advanced Threat Defense specifically looks for malicious indicators that have been identified through machine learning via a deep neural network. Combined, this represents the strongest advanced malware security protection on the market and effectively balances the need for both in-depth inspection and performance. While lower analytical intensity methods such as signatures and real-time emulation benefit performance by catching more easily identified malware, the addition of in-depth static code analysis and insights gained through machine learning to sandboxing broadens detection of highly camouflaged, evasive threats. Malicious indicators that may not execute in a dynamic environment can be identified through unpacking, in-depth static code analysis, and machine learning insights.\r\nAdvanced capabilities support investigation McAfee Advanced Threat Defense offers numerous, advanced capabilities including:\r\n<ul> <li>Configurable operating system and application support: Tailor analysis images with select environment variables to validate threats and support investigation.</li> <li>User interactive mode: Enables analysts to interact directly with malware samples.</li> <li>Extensive unpacking capabilities: Reduces investigation time from days to minutes.</li> <li>Full logic path: Enables deeper sample analysis by forcing execution of additional logic paths that remain dormant in typical sandbox environments.</li> <li>Sample submission to multiple virtual environments: Speeds investigation by determining which environment variables are needed for file execution.</li> <li>Detailed reports: Provide critical information for investigation including MITRE ATT&CK mapping, disassembly output, memory dumps, graphical function call diagrams, embedded or dropped file information, user API logs, and PCAP information. Threat time lines help visualize attack execution steps.</li> <li>Bro Network Security Monitor integration: Deploy Bro sensor to a suspected network segment to monitor and capture traffic and forward files to McAfee Advance Threat Defense for inspection.</li> </ul>\r\nFlexible advanced threat analysis deployment options support every network. McAfee Advanced Threat Defense is available as an on-premises appliance or a virtual form factor, with support for both private and public cloud with availability in the Azure Marketplace.","og:title":"McAfee Advanced Threat Defense","og:description":"McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection and exposeevasive threats. Tight integration between security solutions — from network and endpoint to investigation — enables instant sharing of threat information across the environment, enhancing protection and investigation. Flexible deployment options support every network.\r\nMcAfee Advanced Threat Defense detects today’s stealthy, zero-day malware with an innovative, layered approach. It combines low-touch analysis engines such as antivirus signatures, reputation, and real-time emulation with dynamic analysis (sandboxing) to analyze actual behavior. Investigation continues with in-depth static code analysis that inspects file attributes and instruction sets to determine intended or evasive behavior and assesses similarity with known malware families. A final step in the analysis, McAfee Advanced Threat Defense specifically looks for malicious indicators that have been identified through machine learning via a deep neural network. Combined, this represents the strongest advanced malware security protection on the market and effectively balances the need for both in-depth inspection and performance. While lower analytical intensity methods such as signatures and real-time emulation benefit performance by catching more easily identified malware, the addition of in-depth static code analysis and insights gained through machine learning to sandboxing broadens detection of highly camouflaged, evasive threats. Malicious indicators that may not execute in a dynamic environment can be identified through unpacking, in-depth static code analysis, and machine learning insights.\r\nAdvanced capabilities support investigation McAfee Advanced Threat Defense offers numerous, advanced capabilities including:\r\n<ul> <li>Configurable operating system and application support: Tailor analysis images with select environment variables to validate threats and support investigation.</li> <li>User interactive mode: Enables analysts to interact directly with malware samples.</li> <li>Extensive unpacking capabilities: Reduces investigation time from days to minutes.</li> <li>Full logic path: Enables deeper sample analysis by forcing execution of additional logic paths that remain dormant in typical sandbox environments.</li> <li>Sample submission to multiple virtual environments: Speeds investigation by determining which environment variables are needed for file execution.</li> <li>Detailed reports: Provide critical information for investigation including MITRE ATT&CK mapping, disassembly output, memory dumps, graphical function call diagrams, embedded or dropped file information, user API logs, and PCAP information. Threat time lines help visualize attack execution steps.</li> <li>Bro Network Security Monitor integration: Deploy Bro sensor to a suspected network segment to monitor and capture traffic and forward files to McAfee Advance Threat Defense for inspection.</li> </ul>\r\nFlexible advanced threat analysis deployment options support every network. McAfee Advanced Threat Defense is available as an on-premises appliance or a virtual form factor, with support for both private and public cloud with availability in the Azure Marketplace."},"eventUrl":"","translationId":2161,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":826,"title":"Sandbox","alias":"sandbox","description":" In computer security, a "sandbox" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.\r\nIn the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code, without allowing the software to harm the host device.","materialsDescription":" <span style=\"font-weight: bold;\">What is the sandbox?</span>\r\nThe sandbox is like a ''virtual machine'', which runs on the device. It is a section of the device, for which a user account has been set in the system. In this section, programs can be started, data can be collected and services can be provided, which are not available within the system of the router. Inside the sandbox, the environment is like it is inside a Linux PC. The sandbox is an area separate from the router part of the system, which ensures that the router can fulfill its task without interference from the sandbox.\r\n<span style=\"font-weight: bold;\">What is the use of the sandbox?</span>\r\nBesides its actual tasks, the device can fulfill additional tasks via sandbox. Without the sandbox, these tasks would have to be carried out by an additional industrial computer.\r\nNot having to install and run the computer saves space inside the switching cabinet, money, as additional hardware is not required, and energy, which also reduces industrial waste heat. The device establishes the connection into the internet or to the control center. The programs in the sandbox use this connection. The configuration of the connection to the internet or to the control center can be set comfortably via the web interface.\r\n<span style=\"font-weight: bold;\">Which things can you NOT do with the sandbox?</span>\r\nAll the things that do require root permissions on the device.\r\nIt is not possible to execute commands or programs, which require root rights. Examples for such commands or programs are the raw connections (like ICMP - "ping"). This ensures that the device doesn't interfere with its tasks.\r\n<span style=\"font-weight: bold;\">Which hardware interfaces are available in the sandbox?</span>\r\nSerial interface, Ethernet of the LAN connection (4-port-switch), WAN connection depending on the make of the device (LAN, GPRS, EDGE, UMTS, PSTN and ISDN).\r\nVia the web interface, you can assign the serial interface to be used by applications in the sandbox. If assigned to the sandbox, the serial interface is not available for the device. In this case, neither serial-Ethernet-gateway nor the connection of a further, redundant communication device will be possible. The LAN, as well as the WAN connection, can be used in the way they are configured for the device. Network settings can be configured via the web interface and not via the sandbox. Depending on the configuration and the type of the device also the sandbox can communicate in various ways via LAN, GPRS, EDGE, UMTS, PSTN or ISDN.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon-sandbox.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":397,"title":"Insufficient risk management"}]}},"categories":[{"id":45,"title":"SIEM - Security Information and Event Management","alias":"siem-security-information-and-event-management","description":"<span style=\"font-weight: bold; \">Security information and event management (SIEM)</span> is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system. \r\n The underlying principles of every SIEM system is to aggregate relevant data from multiple sources, identify deviations from the norm and take appropriate action. At the most basic level, a SIEM system can be rules-based or employ a statistical correlation engine to establish relationships between event log entries. Advanced SIEM products have evolved to include user and entity behavior analytics (UEBA) and security orchestration and automated response (SOAR). \r\nThe acronyms SEM, SIM and SIEM have sometimes been used interchangeably, but generally refer to the different primary focus of products:\r\n<ul><li><span style=\"font-weight: bold;\">Log management:</span> Focus on simple collection and storage of log messages and audit trails.</li><li><span style=\"font-weight: bold;\">Security information management (SIM):</span> Long-term storage as well as analysis and reporting of log data.</li><li><span style=\"font-weight: bold;\">Security event manager (SEM):</span> Real-time monitoring, correlation of events, notifications and console views.</li><li><span style=\"font-weight: bold;\">Security information event management (SIEM):</span> Combines SIM and SEM and provides real-time analysis of security alerts generated by network hardware and applications.</li><li><span style=\"font-weight: bold;\">Managed Security Service (MSS) or Managed Security Service Provider (MSSP):</span> The most common managed services appear to evolve around connectivity and bandwidth, network monitoring, security, virtualization, and disaster recovery.</li><li><span style=\"font-weight: bold;\">Security as a service (SECaaS):</span> These security services often include authentication, anti-virus, anti-malware/spyware, intrusion detection, Penetration testing and security event management, among others.</li></ul>\r\nToday, most of SIEM technology works by deploying multiple collection agents in a hierarchical manner to gather security-related events from end-user devices, servers, network equipment, as well as specialized security equipment like firewalls, antivirus or intrusion prevention systems. The collectors forward events to a centralized management console where security analysts sift through the noise, connecting the dots and prioritizing security incidents.\r\nSome of the most important features to review when evaluating Security Information and Event Management software are:\r\n<ol><li><span style=\"font-weight: bold; \">Integration with other controls:</span> Can the system give commands to other enterprise security controls to prevent or stop attacks in progress?</li><li><span style=\"font-weight: bold; \">Artificial intelligence:</span> Can the system improve its own accuracy by through machine and deep learning?</li><li><span style=\"font-weight: bold; \">Threat intelligence feeds:</span> Can the system support threat intelligence feeds of the organization's choosing or is it mandated to use a particular feed?</li><li><span style=\"font-weight: bold; \">Robust compliance reporting:</span> Does the system include built-in reports for common compliance needs and the provide the organization with the ability to customize or create new compliance reports?</li><li><span style=\"font-weight: bold; \">Forensics capabilities:</span> Can the system capture additional information about security events by recording the headers and contents of packets of interest? </li></ol>\r\n\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> Why is SIEM Important?</h1>\r\nSIEM has become a core security component of modern organizations. The main reason is that every user or tracker leaves behind a virtual trail in a network’s log data. SIEM software is designed to use this log data in order to generate insight into past attacks and events. A SIEM solution not only identifies that an attack has happened, but allows you to see how and why it happened as well.\r\nAs organizations update and upscale to increasingly complex IT infrastructures, SIEM has become even more important in recent years. Contrary to popular belief, firewalls and antivirus packages are not enough to protect a network in its entirety. Zero-day attacks can still penetrate a system’s defenses even with these security measures in place.\r\nSIEM addresses this problem by detecting attack activity and assessing it against past behavior on the network. A security event monitoring has the ability to distinguish between legitimate use and a malicious attack. This helps to increase a system’s incident protection and avoid damage to systems and virtual property.\r\nThe use of SIEM also helps companies to comply with a variety of industry cyber management regulations. Log management is the industry standard method of auditing activity on an IT network. SIEM management provides the best way to meet this regulatory requirement and provide transparency over logs in order to generate clear insights and improvements.\r\n<h1 class=\"align-center\">Evaluation criteria for security information and event management software:</h1>\r\n<ul><li>Threat identification: Raw log form vs. descriptive.</li><li>Threat tracking: Ability to track through the various events, from source to destination.</li><li>Policy enforcement: Ability to enforce defined polices.</li><li>Application analysis: Ability to analyze application at Layer 7 if necessary.</li><li>Business relevance of events: Ability to assign business risk to events and have weighted threat levels.</li><li>Measuring changes and improvements: Ability to track configuration changes to devices.</li><li>Asset-based information: Ability to gather information on devices on the network.</li><li>Anomalous behavior (server): Ability to trend and see changes in how it communicates to others.</li><li>Anomalous behavior (network): Ability to trend and see how communications pass throughout the network.</li><li>Anomalous behavior (application): Ability to trend and see changes in how it communicates to others.</li><li>User monitoring: User activity, logging in, applications usage, etc.</li></ul>\r\n\r\n","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_SIEM.png"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"},{"id":41,"title":"Antispam","alias":"antispam","description":"In each system, which involves the communication of users, there is always the problem of spam, or the mass mailing of unsolicited emails, which is solved using the antispam system. An antispam system is installed to catch and filter spam at different levels. Spam monitoring and identification are relevant on corporate servers that support corporate email, here the antispam system filters spam on the server before it reaches the mailbox. There are many programs that help to cope with this task, but not all of them are equally useful. The main objective of such programs is to stop sending unsolicited letters, however, the methods of assessing and suppressing such actions can be not only beneficial but also detrimental to your organization. So, depending on the rules and policies of mail servers, your server, or even a domain, may be blacklisted and the transfer of letters will be limited through it, and you may not even be warned about it.\r\nThe main types of installation and use of anti-spam systems:\r\n<ul><li>installation of specialized equipment, a gateway that filters mail before it reaches the server;</li><li>use of external antispam systems for analyzing emails and content;</li><li>setting up an antispam system with the ability to learn on the mail server itself;</li><li>installation of spam filtering software on the client’s computer.</li></ul>","materialsDescription":" <span style=\"font-weight: bold;\">Anti-spam technologies:</span>\r\n<span style=\"font-weight: bold;\">Heuristic analysis</span>\r\nExtremely complex, highly intelligent technology for empirical analysis of all parts of a message: header fields, message bodies, etc. Not only the message itself is analyzed. The heuristic analyzer is constantly being improved, new rules are continuously added to it. It works “ahead of the curve” and makes it possible to recognize still unknown varieties of spam of a new generation before the release of available updates.\r\n<span style=\"font-weight: bold;\">Filtering counteraction</span>\r\nThis is one of the most advanced and effective anti-spam technologies. It is to recognize the tricks resorted to by spammers to bypass anti-spam filters.\r\n<span style=\"font-weight: bold;\">HTML based analysis</span>\r\nHTML code comparable to samples of HTML signatures in antispam. Such a comparison, using the available data on the size of typical spam images, protects users from spam messages using HTML-code, which are often included in the online image.\r\n<span style=\"font-weight: bold;\">Spam detection technology for message envelopes</span>\r\nDetection of fakes in the "stamps" of SMTP-servers and in other elements of the e-mail header is the newest direction in the development of anti-spam methods. Email addresses can not be trusted. Fake emails contain more than just spam. For example, anonymous and even threats. Technologies of various anti-spam systems allow you to send such messages. Thus, it provides not only the economic movement, but also the protection of employees.\r\n<span style=\"font-weight: bold;\">Semantic analysis</span>\r\nMeaning in words and phrases is compared with typical spam vocabulary. Comparison of provisions for a special dictionary, for expression and symbols.\r\n<span style=\"font-weight: bold;\">Anti-camming technology</span>\r\nScamming is probably the most dangerous type of spam. All of them have the so-called "Nigerian letters", reports of winnings in the lottery, casino, fake letters and credit services.\r\n<span style=\"font-weight: bold;\">Technical spam filtering</span>\r\nAutomatic notification of e-mail - bounce-messages - to inform users about the malfunction of the postal system (for example, non-delivery of address letters). Attackers can use similar messages. Under the guise of a technical notification, computer service or ordinary spam can penetrate the computer.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Antispam.png"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":25,"title":"Web filtering","alias":"web-filtering","description":" <span style=\"font-weight: bold; \">Web filtering</span> is a technology that stops users from viewing certain URLs or websites by preventing their browsers from loading pages from these sites. Web filters are made in different ways and deliver various solutions for individual, family, institutional or enterprise use.\r\nIn general, Web filters work in two distinct ways. They can <span style=\"font-weight: bold; \">block content</span> as determined by quality of the site, by consulting known lists which document and categorize popular pages across all genres of content. Or, they can <span style=\"font-weight: bold; \">evaluate the content</span> of the page live and block it accordingly. Many Web filter tools work off of a constantly updated URL database that shows which websites and domains are associated with hosting malware, phishing, viruses or other tools for harmful activities.\r\n<span style=\"font-weight: bold;\">Web Filtering Types.</span> <span style=\"font-style: italic;\">Blacklist & Whitelist Filters:</span>when using blacklists, an administrator (which might be a parent) manually enters all websites that are deemed inappropriate into the program, and those sites are subsequently blocked. Whitelists are used in exactly the same way, only in reverse – i.e. URLs are manually entered onto a whitelist, and all other websites are then off-limits.\r\n<span style=\"font-style: italic; \">Keyword And Content Filters: </span>this type of filtering is in many ways similar to black and whitelist filtering, though with a slightly broader scope. Keyword and content filters will filter out websites that contain specific keywords or predefined content (such as pornography, for example).\r\nSome website filtering software also provides reporting so that the installer can see what kind of traffic is being filtered and who has requested it. Some products provide soft blocking (in which a warning page is sent to the user instead of the requested page while still allowing access to the page) and an override capability that allows an administrator to unlock a page. \r\n<span style=\"font-weight: bold; \">Web Filtering Software for Business.</span> Most organizations have moved to cloud based-applications, making browsers a tool that employees use on a daily basis to access work. Browsers have become a conduit to not only the cloud, but also to immeasurable malware and distractions hosted on the web. In order to ensure that browsers do not bring in malicious traffic, web filtering software becomes necessary.\r\n\r\n","materialsDescription":"<h1 class=\"align-center\">What is Enterprise Web Filtering Software?</h1>\r\nAntivirus and antimalware software are required to detect malicious programs that has been downloaded, but it is now important for enterprise web filtering software to be installed. Content filtering software is an invaluable protection against a wide range of web-borne threats. Rather than allowing malware and ransomware to be downloaded, it prevents end users from visiting websites that contain these malicious threats.\r\nInternet filtering software is also one of the most effective ways to neutralize the threat from phishing. Phishing is a technique used by cybercriminals to gain access to sensitive user information. Phishers trick end users into revealing login credentials or downloading malicious software onto their computers.\r\nPhishing involves sophisticated social engineering techniques to fool end users into visiting malicious websites. If employees can be convinced to reveal sensitive information or download ransomware or malware, cybercriminals can easily bypass even the most sophisticated of cybersecurity defenses.\r\n<h1 class=\"align-center\">What is URL Filtering?</h1>\r\nURL filtering is a type of network filtering software that helps businesses control their users’ and guests’ ability to access certain content on the web. If you’ve ever gotten a “block” page while surfing the internet at the office, then your company is using web filtering.\r\nSome employers may only be concerned about blocking access to websites that are known to spread malware or steal information. Other businesses may block content they find inappropriate, such as adult websites or sites that promote violence, or content that violates compliance regulations. They may also choose to activate web protection software to block social media or video streaming sites to minimize drains on productivity and network bandwidth.\r\nTypically, URL filtering software is provided by a cybersecurity service, firewall, or router. Each of these may use a variety of threat intelligence sources to determine which websites fit into their chosen acceptable and unacceptable categories. That’s where highly reliable web reputation services are most valuable. Sources that have extensive web histories and real-time active crawling services will provide the most accurate content determinations.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Web_filtering.png"},{"id":826,"title":"Sandbox","alias":"sandbox","description":" In computer security, a "sandbox" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.\r\nIn the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code, without allowing the software to harm the host device.","materialsDescription":" <span style=\"font-weight: bold;\">What is the sandbox?</span>\r\nThe sandbox is like a ''virtual machine'', which runs on the device. It is a section of the device, for which a user account has been set in the system. In this section, programs can be started, data can be collected and services can be provided, which are not available within the system of the router. Inside the sandbox, the environment is like it is inside a Linux PC. The sandbox is an area separate from the router part of the system, which ensures that the router can fulfill its task without interference from the sandbox.\r\n<span style=\"font-weight: bold;\">What is the use of the sandbox?</span>\r\nBesides its actual tasks, the device can fulfill additional tasks via sandbox. Without the sandbox, these tasks would have to be carried out by an additional industrial computer.\r\nNot having to install and run the computer saves space inside the switching cabinet, money, as additional hardware is not required, and energy, which also reduces industrial waste heat. The device establishes the connection into the internet or to the control center. The programs in the sandbox use this connection. The configuration of the connection to the internet or to the control center can be set comfortably via the web interface.\r\n<span style=\"font-weight: bold;\">Which things can you NOT do with the sandbox?</span>\r\nAll the things that do require root permissions on the device.\r\nIt is not possible to execute commands or programs, which require root rights. Examples for such commands or programs are the raw connections (like ICMP - "ping"). This ensures that the device doesn't interfere with its tasks.\r\n<span style=\"font-weight: bold;\">Which hardware interfaces are available in the sandbox?</span>\r\nSerial interface, Ethernet of the LAN connection (4-port-switch), WAN connection depending on the make of the device (LAN, GPRS, EDGE, UMTS, PSTN and ISDN).\r\nVia the web interface, you can assign the serial interface to be used by applications in the sandbox. If assigned to the sandbox, the serial interface is not available for the device. In this case, neither serial-Ethernet-gateway nor the connection of a further, redundant communication device will be possible. The LAN, as well as the WAN connection, can be used in the way they are configured for the device. Network settings can be configured via the web interface and not via the sandbox. Depending on the configuration and the type of the device also the sandbox can communicate in various ways via LAN, GPRS, EDGE, UMTS, PSTN or ISDN.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon-sandbox.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://www.mcafee.com/enterprise/en-us/assets/case-studies/cs-multinational-software-company.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":553,"title":"Cisco Email Security for Insurance company","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">This case study of a small business insurance company is based on a June 2018 survey of Cisco Email Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“Cisco Email Security allows us to get insight and control spam/malicious email. It also allows us to better track all email.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Challenges</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Evaluated the following vendors prior to choosing Cisco Email Security:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">None. Our 3rd party vendor offered no alternatives.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Use Case</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">The key features and functionalities of Cisco Email Security that the surveyed company uses:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<ul><li>Purchased Advanced Malware Protection (AMP) after purchasing Cisco Email Security.</li><li>Using the following Cisco products in addition to Cisco Email Security:</li><li>Identity Services Engine (ISE)</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Results</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The surveyed company achieved the following results with Cisco Email Security:</span>\r\n<ul><li>Protected users from threats in incoming email to prevent breaches</li><li>Act as a Spam and Graymail filter</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Company Profile</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The company featured in this case study asked to have its name publicly blinded because publicly endorsing vendors is against their policies.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">TechValidate stands behind the authenticity of this data.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Company Size:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Small Business</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Industry:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Insurance</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">About Cisco Email Security</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Defend against ransomware, business email compromise, spoofing, phishing, and spam while protecting sensitive data with data loss prevention (DLP) and encryption.</span>","alias":"cisco-email-security-for-insurance-company","roi":0,"seo":{"title":"Cisco Email Security for Insurance company","keywords":"","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">This case study of a small business insurance company is based on a June 2018 survey of Cisco Email Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“Cisco Email Security allows us to get insight and control spam/malicious email. It also allows us to better track all email.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Challenges</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Evaluated the following vendors prior to choosing Cisco Email Security:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">None. Our 3rd party vendor offered no alternatives.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Use Case</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">The key features and functionalities of Cisco Email Security that the surveyed company uses:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<ul><li>Purchased Advanced Malware Protection (AMP) after purchasing Cisco Email Security.</li><li>Using the following Cisco products in addition to Cisco Email Security:</li><li>Identity Services Engine (ISE)</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Results</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The surveyed company achieved the following results with Cisco Email Security:</span>\r\n<ul><li>Protected users from threats in incoming email to prevent breaches</li><li>Act as a Spam and Graymail filter</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Company Profile</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The company featured in this case study asked to have its name publicly blinded because publicly endorsing vendors is against their policies.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">TechValidate stands behind the authenticity of this data.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Company Size:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Small Business</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Industry:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Insurance</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">About Cisco Email Security</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Defend against ransomware, business email compromise, spoofing, phishing, and spam while protecting sensitive data with data loss prevention (DLP) and encryption.</span>","og:title":"Cisco Email Security for Insurance company","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">This case study of a small business insurance company is based on a June 2018 survey of Cisco Email Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“Cisco Email Security allows us to get insight and control spam/malicious email. It also allows us to better track all email.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Challenges</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Evaluated the following vendors prior to choosing Cisco Email Security:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">None. Our 3rd party vendor offered no alternatives.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Use Case</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">The key features and functionalities of Cisco Email Security that the surveyed company uses:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<ul><li>Purchased Advanced Malware Protection (AMP) after purchasing Cisco Email Security.</li><li>Using the following Cisco products in addition to Cisco Email Security:</li><li>Identity Services Engine (ISE)</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Results</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The surveyed company achieved the following results with Cisco Email Security:</span>\r\n<ul><li>Protected users from threats in incoming email to prevent breaches</li><li>Act as a Spam and Graymail filter</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Company Profile</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The company featured in this case study asked to have its name publicly blinded because publicly endorsing vendors is against their policies.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">TechValidate stands behind the authenticity of this data.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Company Size:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Small Business</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Industry:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Insurance</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">About Cisco Email Security</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Defend against ransomware, business email compromise, spoofing, phishing, and spam while protecting sensitive data with data loss prevention (DLP) and encryption.</span>"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":170,"title":"Cisco","logoURL":"https://roi4cio.com/uploads/roi/company/cisco_logo.png","alias":"cisco","address":"","roles":[],"description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","companyTypes":[],"products":{},"vendoredProductsCount":31,"suppliedProductsCount":31,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":7,"vendorImplementationsCount":42,"vendorPartnersCount":0,"supplierPartnersCount":282,"b4r":0,"categories":{},"companyUrl":"www.cisco.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Cisco","keywords":"Index, networking, Cisco, company, Russell, 1000, June, Average","description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:title":"Cisco","og:description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:image":"https://roi4cio.com/uploads/roi/company/cisco_logo.png"},"eventUrl":""},"vendors":[{"id":170,"title":"Cisco","logoURL":"https://roi4cio.com/uploads/roi/company/cisco_logo.png","alias":"cisco","address":"","roles":[],"description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","companyTypes":[],"products":{},"vendoredProductsCount":31,"suppliedProductsCount":31,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":7,"vendorImplementationsCount":42,"vendorPartnersCount":0,"supplierPartnersCount":282,"b4r":0,"categories":{},"companyUrl":"www.cisco.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Cisco","keywords":"Index, networking, Cisco, company, Russell, 1000, June, Average","description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:title":"Cisco","og:description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:image":"https://roi4cio.com/uploads/roi/company/cisco_logo.png"},"eventUrl":""}],"products":[{"id":1741,"logo":false,"scheme":false,"title":"Cisco Email Security","vendorVerified":0,"rating":"2.00","implementationsCount":2,"suppliersCount":0,"alias":"cisco-email-security","companyTypes":[],"description":"<span style=\"font-weight: bold;\">New capabilities to protect your users and brand</span>\r\nTwo new capabilities help block phishing emails from reaching your users and safeguard your company’s domain. Gain additional layers of protection against business email compromise (BEC).\r\n<span style=\"font-weight: bold;\">Cisco Advanced Phishing Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Gain a real-time understanding of senders, learn and authenticate email identities and behavioral relationships to protect against BEC attacks\r\n• Remove malicious emails from users’ inboxes to prevent wire fraud or other advanced attacks\r\n• Get detailed visibility into email attack activity, including total messages secured and attacks prevented\r\n• Augment phishing and BEC detection and blocking capabilities offered in Cisco Email Security\r\n<span style=\"font-weight: bold;\">Cisco Domain Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Prevent brand abuse through impersonation of your company domain\r\n• Gain visibility into your internal and third-party senders who use your domain to send email on your behalf\r\n• Automate the Domain-based Message Authentication, Reporting, and Conformance (DMARC) authentication and enforcement process to identify illegitimate senders\r\n• Block unauthorized senders and set up DMARC protection to reduce illegitimate emails from your domain\r\n• Increase outbound email marketing effectiveness\r\n<span style=\"font-weight: bold;\">Advanced email security protection</span>\r\nAttackers rely primarily on email to distribute spam, malware, and other threats. To prevent breaches, you need a powerful email security solution. Cisco Email Security is your defense against phishing, business email compromise, and ransomware. Get threat intelligence updates every three to five minutes through Cisco Talos for the most up-to-date protection. Cisco Advanced Malware Protection protects against stealthy malware in attachments, and industry-leading URL intelligence combats malicious links. Cisco Email Security also enhances Office 365 email security. Protecting outgoing email is important too. Cisco Email Security has robust data loss prevention and content encryption capabilities to safeguard sensitive information. This helps you comply with government and industry regulations.","shortDescription":"Cisco Email Security is an Secure E-mail Gateway. Stops phishing, business email compromise, ransomware, spam, and enhances Office 365 email security. ","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":6,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cisco Email Security","keywords":"","description":"<span style=\"font-weight: bold;\">New capabilities to protect your users and brand</span>\r\nTwo new capabilities help block phishing emails from reaching your users and safeguard your company’s domain. Gain additional layers of protection against business email compromise (BEC).\r\n<span style=\"font-weight: bold;\">Cisco Advanced Phishing Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Gain a real-time understanding of senders, learn and authenticate email identities and behavioral relationships to protect against BEC attacks\r\n• Remove malicious emails from users’ inboxes to prevent wire fraud or other advanced attacks\r\n• Get detailed visibility into email attack activity, including total messages secured and attacks prevented\r\n• Augment phishing and BEC detection and blocking capabilities offered in Cisco Email Security\r\n<span style=\"font-weight: bold;\">Cisco Domain Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Prevent brand abuse through impersonation of your company domain\r\n• Gain visibility into your internal and third-party senders who use your domain to send email on your behalf\r\n• Automate the Domain-based Message Authentication, Reporting, and Conformance (DMARC) authentication and enforcement process to identify illegitimate senders\r\n• Block unauthorized senders and set up DMARC protection to reduce illegitimate emails from your domain\r\n• Increase outbound email marketing effectiveness\r\n<span style=\"font-weight: bold;\">Advanced email security protection</span>\r\nAttackers rely primarily on email to distribute spam, malware, and other threats. To prevent breaches, you need a powerful email security solution. Cisco Email Security is your defense against phishing, business email compromise, and ransomware. Get threat intelligence updates every three to five minutes through Cisco Talos for the most up-to-date protection. Cisco Advanced Malware Protection protects against stealthy malware in attachments, and industry-leading URL intelligence combats malicious links. Cisco Email Security also enhances Office 365 email security. Protecting outgoing email is important too. Cisco Email Security has robust data loss prevention and content encryption capabilities to safeguard sensitive information. This helps you comply with government and industry regulations.","og:title":"Cisco Email Security","og:description":"<span style=\"font-weight: bold;\">New capabilities to protect your users and brand</span>\r\nTwo new capabilities help block phishing emails from reaching your users and safeguard your company’s domain. Gain additional layers of protection against business email compromise (BEC).\r\n<span style=\"font-weight: bold;\">Cisco Advanced Phishing Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Gain a real-time understanding of senders, learn and authenticate email identities and behavioral relationships to protect against BEC attacks\r\n• Remove malicious emails from users’ inboxes to prevent wire fraud or other advanced attacks\r\n• Get detailed visibility into email attack activity, including total messages secured and attacks prevented\r\n• Augment phishing and BEC detection and blocking capabilities offered in Cisco Email Security\r\n<span style=\"font-weight: bold;\">Cisco Domain Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Prevent brand abuse through impersonation of your company domain\r\n• Gain visibility into your internal and third-party senders who use your domain to send email on your behalf\r\n• Automate the Domain-based Message Authentication, Reporting, and Conformance (DMARC) authentication and enforcement process to identify illegitimate senders\r\n• Block unauthorized senders and set up DMARC protection to reduce illegitimate emails from your domain\r\n• Increase outbound email marketing effectiveness\r\n<span style=\"font-weight: bold;\">Advanced email security protection</span>\r\nAttackers rely primarily on email to distribute spam, malware, and other threats. To prevent breaches, you need a powerful email security solution. Cisco Email Security is your defense against phishing, business email compromise, and ransomware. Get threat intelligence updates every three to five minutes through Cisco Talos for the most up-to-date protection. Cisco Advanced Malware Protection protects against stealthy malware in attachments, and industry-leading URL intelligence combats malicious links. Cisco Email Security also enhances Office 365 email security. Protecting outgoing email is important too. Cisco Email Security has robust data loss prevention and content encryption capabilities to safeguard sensitive information. This helps you comply with government and industry regulations."},"eventUrl":"","translationId":1742,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":336,"title":"Risk or Leaks of confidential information"},{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":400,"title":"High costs"}]}},"categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://www.techvalidate.com/product-research/cisco-email-security/case-studies/B13-D2B-381","title":"Media"}},"comments":[],"referencesCount":0},{"id":554,"title":"Cisco Email Security for Computer Software company","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Large Enterprise Computer Software Company</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">This case study of a large enterprise computer software company is based on a May 2018 survey of Cisco Email Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“We have been able to make extensive use of Cisco Email Security’s ability to create custom content filters. We have relied on those to better protect against BEC emails, W2 and payroll fraud, and other phishing emails.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“I appreciate the ability to customize the way the platform works, specifically with regards to the content filters – they can be powerful.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Challenges</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The business challenges that led the profiled company to evaluate and ultimately select Cisco Email Security:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Chose Cisco Email Security to protect their Office 365 email because Cisco has:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Stronger protection from advanced email threats (business email compromise (BEC), advanced malware and/or phishing)</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Protects sensitive information in outgoing emails with:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Microsoft Office 365 built-in tools</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Evaluated the following vendors prior to choosing Cisco Email Security:</span>\r\n<ul><li>Proofpoint</li><li>Symantec</li><li>Mimecast</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Use Case</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The key features and functionalities of Cisco Email Security that the surveyed company uses:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Purchased Advanced Malware Protection (AMP) and Cisco Email Security at the same time.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Using the following Cisco products in addition to Cisco Email Security:</span>\r\n<ul><li>AMP for Endpoints or AMP on another product</li><li>AnyConnect</li><li>Identity Services Engine (ISE)</li><li>Next-Generation Intrusion Prevention System</li><li>Umbrella</li><li>Cisco Web Security (CWS)</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Results</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The surveyed company achieved the following results with Cisco Email Security:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Protecting users from threats in incoming email to prevent breaches</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Company Profile</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The company featured in this case study asked to have its name publicly blinded because publicly endorsing vendors is against their policies.</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">TechValidate stands behind the authenticity of this data.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Company Size:</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">Large Enterprise</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Industry:</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">Computer Software</span>\r\n\r\n","alias":"cisco-email-security-for-computer-software-company","roi":0,"seo":{"title":"Cisco Email Security for Computer Software company","keywords":"","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Large Enterprise Computer Software Company</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">This case study of a large enterprise computer software company is based on a May 2018 survey of Cisco Email Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“We have been able to make extensive use of Cisco Email Security’s ability to create custom content filters. We have relied on those to better protect against BEC emails, W2 and payroll fraud, and other phishing emails.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“I appreciate the ability to customize the way the platform works, specifically with regards to the content filters – they can be powerful.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Challenges</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The business challenges that led the profiled company to evaluate and ultimately select Cisco Email Security:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Chose Cisco Email Security to protect their Office 365 email because Cisco has:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Stronger protection from advanced email threats (business email compromise (BEC), advanced malware and/or phishing)</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Protects sensitive information in outgoing emails with:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Microsoft Office 365 built-in tools</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Evaluated the following vendors prior to choosing Cisco Email Security:</span>\r\n<ul><li>Proofpoint</li><li>Symantec</li><li>Mimecast</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Use Case</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The key features and functionalities of Cisco Email Security that the surveyed company uses:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Purchased Advanced Malware Protection (AMP) and Cisco Email Security at the same time.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Using the following Cisco products in addition to Cisco Email Security:</span>\r\n<ul><li>AMP for Endpoints or AMP on another product</li><li>AnyConnect</li><li>Identity Services Engine (ISE)</li><li>Next-Generation Intrusion Prevention System</li><li>Umbrella</li><li>Cisco Web Security (CWS)</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Results</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The surveyed company achieved the following results with Cisco Email Security:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Protecting users from threats in incoming email to prevent breaches</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Company Profile</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The company featured in this case study asked to have its name publicly blinded because publicly endorsing vendors is against their policies.</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">TechValidate stands behind the authenticity of this data.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Company Size:</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">Large Enterprise</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Industry:</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">Computer Software</span>\r\n\r\n","og:title":"Cisco Email Security for Computer Software company","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Large Enterprise Computer Software Company</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">This case study of a large enterprise computer software company is based on a May 2018 survey of Cisco Email Security customers by TechValidate, a 3rd-party research service. The profiled company asked to have their name blinded to protect their confidentiality.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“We have been able to make extensive use of Cisco Email Security’s ability to create custom content filters. We have relied on those to better protect against BEC emails, W2 and payroll fraud, and other phishing emails.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-style: italic;\">“I appreciate the ability to customize the way the platform works, specifically with regards to the content filters – they can be powerful.”</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Challenges</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The business challenges that led the profiled company to evaluate and ultimately select Cisco Email Security:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Chose Cisco Email Security to protect their Office 365 email because Cisco has:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Stronger protection from advanced email threats (business email compromise (BEC), advanced malware and/or phishing)</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Protects sensitive information in outgoing emails with:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Microsoft Office 365 built-in tools</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Evaluated the following vendors prior to choosing Cisco Email Security:</span>\r\n<ul><li>Proofpoint</li><li>Symantec</li><li>Mimecast</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Use Case</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The key features and functionalities of Cisco Email Security that the surveyed company uses:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Purchased Advanced Malware Protection (AMP) and Cisco Email Security at the same time.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Using the following Cisco products in addition to Cisco Email Security:</span>\r\n<ul><li>AMP for Endpoints or AMP on another product</li><li>AnyConnect</li><li>Identity Services Engine (ISE)</li><li>Next-Generation Intrusion Prevention System</li><li>Umbrella</li><li>Cisco Web Security (CWS)</li></ul>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Results</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The surveyed company achieved the following results with Cisco Email Security:</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Protecting users from threats in incoming email to prevent breaches</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; font-weight: bold;\">Company Profile</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">The company featured in this case study asked to have its name publicly blinded because publicly endorsing vendors is against their policies.</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">TechValidate stands behind the authenticity of this data.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Company Size:</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">Large Enterprise</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Industry:</span><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px;\">Computer Software</span>\r\n\r\n"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":170,"title":"Cisco","logoURL":"https://roi4cio.com/uploads/roi/company/cisco_logo.png","alias":"cisco","address":"","roles":[],"description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","companyTypes":[],"products":{},"vendoredProductsCount":31,"suppliedProductsCount":31,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":7,"vendorImplementationsCount":42,"vendorPartnersCount":0,"supplierPartnersCount":282,"b4r":0,"categories":{},"companyUrl":"www.cisco.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Cisco","keywords":"Index, networking, Cisco, company, Russell, 1000, June, Average","description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:title":"Cisco","og:description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:image":"https://roi4cio.com/uploads/roi/company/cisco_logo.png"},"eventUrl":""},"vendors":[{"id":170,"title":"Cisco","logoURL":"https://roi4cio.com/uploads/roi/company/cisco_logo.png","alias":"cisco","address":"","roles":[],"description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","companyTypes":[],"products":{},"vendoredProductsCount":31,"suppliedProductsCount":31,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":7,"vendorImplementationsCount":42,"vendorPartnersCount":0,"supplierPartnersCount":282,"b4r":0,"categories":{},"companyUrl":"www.cisco.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Cisco","keywords":"Index, networking, Cisco, company, Russell, 1000, June, Average","description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:title":"Cisco","og:description":"Cisco Systems, Inc. is an American multinational corporation technology company headquartered in San Jose, California, that designs, manufactures and sells networking equipment worldwide. It is the largest networking company in the world. The stock was added to the Dow Jones Industrial Average on June 8, 2009, and is also included in the S&P 500 Index, the Russell 1000 Index, NASDAQ-100 Index and the Russell 1000 Growth Stock Index.","og:image":"https://roi4cio.com/uploads/roi/company/cisco_logo.png"},"eventUrl":""}],"products":[{"id":1741,"logo":false,"scheme":false,"title":"Cisco Email Security","vendorVerified":0,"rating":"2.00","implementationsCount":2,"suppliersCount":0,"alias":"cisco-email-security","companyTypes":[],"description":"<span style=\"font-weight: bold;\">New capabilities to protect your users and brand</span>\r\nTwo new capabilities help block phishing emails from reaching your users and safeguard your company’s domain. Gain additional layers of protection against business email compromise (BEC).\r\n<span style=\"font-weight: bold;\">Cisco Advanced Phishing Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Gain a real-time understanding of senders, learn and authenticate email identities and behavioral relationships to protect against BEC attacks\r\n• Remove malicious emails from users’ inboxes to prevent wire fraud or other advanced attacks\r\n• Get detailed visibility into email attack activity, including total messages secured and attacks prevented\r\n• Augment phishing and BEC detection and blocking capabilities offered in Cisco Email Security\r\n<span style=\"font-weight: bold;\">Cisco Domain Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Prevent brand abuse through impersonation of your company domain\r\n• Gain visibility into your internal and third-party senders who use your domain to send email on your behalf\r\n• Automate the Domain-based Message Authentication, Reporting, and Conformance (DMARC) authentication and enforcement process to identify illegitimate senders\r\n• Block unauthorized senders and set up DMARC protection to reduce illegitimate emails from your domain\r\n• Increase outbound email marketing effectiveness\r\n<span style=\"font-weight: bold;\">Advanced email security protection</span>\r\nAttackers rely primarily on email to distribute spam, malware, and other threats. To prevent breaches, you need a powerful email security solution. Cisco Email Security is your defense against phishing, business email compromise, and ransomware. Get threat intelligence updates every three to five minutes through Cisco Talos for the most up-to-date protection. Cisco Advanced Malware Protection protects against stealthy malware in attachments, and industry-leading URL intelligence combats malicious links. Cisco Email Security also enhances Office 365 email security. Protecting outgoing email is important too. Cisco Email Security has robust data loss prevention and content encryption capabilities to safeguard sensitive information. This helps you comply with government and industry regulations.","shortDescription":"Cisco Email Security is an Secure E-mail Gateway. Stops phishing, business email compromise, ransomware, spam, and enhances Office 365 email security. ","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":6,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cisco Email Security","keywords":"","description":"<span style=\"font-weight: bold;\">New capabilities to protect your users and brand</span>\r\nTwo new capabilities help block phishing emails from reaching your users and safeguard your company’s domain. Gain additional layers of protection against business email compromise (BEC).\r\n<span style=\"font-weight: bold;\">Cisco Advanced Phishing Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Gain a real-time understanding of senders, learn and authenticate email identities and behavioral relationships to protect against BEC attacks\r\n• Remove malicious emails from users’ inboxes to prevent wire fraud or other advanced attacks\r\n• Get detailed visibility into email attack activity, including total messages secured and attacks prevented\r\n• Augment phishing and BEC detection and blocking capabilities offered in Cisco Email Security\r\n<span style=\"font-weight: bold;\">Cisco Domain Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Prevent brand abuse through impersonation of your company domain\r\n• Gain visibility into your internal and third-party senders who use your domain to send email on your behalf\r\n• Automate the Domain-based Message Authentication, Reporting, and Conformance (DMARC) authentication and enforcement process to identify illegitimate senders\r\n• Block unauthorized senders and set up DMARC protection to reduce illegitimate emails from your domain\r\n• Increase outbound email marketing effectiveness\r\n<span style=\"font-weight: bold;\">Advanced email security protection</span>\r\nAttackers rely primarily on email to distribute spam, malware, and other threats. To prevent breaches, you need a powerful email security solution. Cisco Email Security is your defense against phishing, business email compromise, and ransomware. Get threat intelligence updates every three to five minutes through Cisco Talos for the most up-to-date protection. Cisco Advanced Malware Protection protects against stealthy malware in attachments, and industry-leading URL intelligence combats malicious links. Cisco Email Security also enhances Office 365 email security. Protecting outgoing email is important too. Cisco Email Security has robust data loss prevention and content encryption capabilities to safeguard sensitive information. This helps you comply with government and industry regulations.","og:title":"Cisco Email Security","og:description":"<span style=\"font-weight: bold;\">New capabilities to protect your users and brand</span>\r\nTwo new capabilities help block phishing emails from reaching your users and safeguard your company’s domain. Gain additional layers of protection against business email compromise (BEC).\r\n<span style=\"font-weight: bold;\">Cisco Advanced Phishing Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Gain a real-time understanding of senders, learn and authenticate email identities and behavioral relationships to protect against BEC attacks\r\n• Remove malicious emails from users’ inboxes to prevent wire fraud or other advanced attacks\r\n• Get detailed visibility into email attack activity, including total messages secured and attacks prevented\r\n• Augment phishing and BEC detection and blocking capabilities offered in Cisco Email Security\r\n<span style=\"font-weight: bold;\">Cisco Domain Protection</span>\r\n<span style=\"font-weight: bold;\">Benefits:</span>\r\n• Prevent brand abuse through impersonation of your company domain\r\n• Gain visibility into your internal and third-party senders who use your domain to send email on your behalf\r\n• Automate the Domain-based Message Authentication, Reporting, and Conformance (DMARC) authentication and enforcement process to identify illegitimate senders\r\n• Block unauthorized senders and set up DMARC protection to reduce illegitimate emails from your domain\r\n• Increase outbound email marketing effectiveness\r\n<span style=\"font-weight: bold;\">Advanced email security protection</span>\r\nAttackers rely primarily on email to distribute spam, malware, and other threats. To prevent breaches, you need a powerful email security solution. Cisco Email Security is your defense against phishing, business email compromise, and ransomware. Get threat intelligence updates every three to five minutes through Cisco Talos for the most up-to-date protection. Cisco Advanced Malware Protection protects against stealthy malware in attachments, and industry-leading URL intelligence combats malicious links. Cisco Email Security also enhances Office 365 email security. Protecting outgoing email is important too. Cisco Email Security has robust data loss prevention and content encryption capabilities to safeguard sensitive information. This helps you comply with government and industry regulations."},"eventUrl":"","translationId":1742,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":336,"title":"Risk or Leaks of confidential information"},{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":400,"title":"High costs"}]}},"categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://www.techvalidate.com/product-research/cisco-email-security/case-studies/57C-583-FB1","title":"Media"}},"comments":[],"referencesCount":0},{"id":611,"title":"Portnox Clear for bank","description":"<span style=\"font-weight: 700; \">The Objective and the Challenge</span>\r\n<span style=\"font-weight: 700; \"><br /></span>\r\n<ul><li>Preserving their customer’s trust by protecting their privacy on the network</li><li>Providing customers required and expected access while maintaining full compliance</li><li>Immediate awareness and control the instant devices attempt to access the network regardless of entry port, access point or VPN.</li><li>Management, visibility and control from HQ for all branches and other bank offices.</li><li>Assurance that customer wireless or other access is limited to specific established and appropriate VLAN(s)</li></ul>\r\n<span style=\"font-weight: 700; \">The Solution:</span>\r\n<span style=\"font-weight: 700; \"><br /></span>\r\nThe Bank selected and deployed Portnox for its ability to deliver constant and real-time control of all devices actively connected to any part of the network from a single centrally deployed location. In addition, with limited availability of IT staff at remote branch locations, Portnox was able to provide remote branch networks access and use of HQ guest network, quarantine and other VLANs with no local configuration or IT resources.","alias":"portnox-clear-for-bank","roi":0,"seo":{"title":"Portnox Clear for bank","keywords":"","description":"<span style=\"font-weight: 700; \">The Objective and the Challenge</span>\r\n<span style=\"font-weight: 700; \"><br /></span>\r\n<ul><li>Preserving their customer’s trust by protecting their privacy on the network</li><li>Providing customers required and expected access while maintaining full compliance</li><li>Immediate awareness and control the instant devices attempt to access the network regardless of entry port, access point or VPN.</li><li>Management, visibility and control from HQ for all branches and other bank offices.</li><li>Assurance that customer wireless or other access is limited to specific established and appropriate VLAN(s)</li></ul>\r\n<span style=\"font-weight: 700; \">The Solution:</span>\r\n<span style=\"font-weight: 700; \"><br /></span>\r\nThe Bank selected and deployed Portnox for its ability to deliver constant and real-time control of all devices actively connected to any part of the network from a single centrally deployed location. In addition, with limited availability of IT staff at remote branch locations, Portnox was able to provide remote branch networks access and use of HQ guest network, quarantine and other VLANs with no local configuration or IT resources.","og:title":"Portnox Clear for bank","og:description":"<span style=\"font-weight: 700; \">The Objective and the Challenge</span>\r\n<span style=\"font-weight: 700; \"><br /></span>\r\n<ul><li>Preserving their customer’s trust by protecting their privacy on the network</li><li>Providing customers required and expected access while maintaining full compliance</li><li>Immediate awareness and control the instant devices attempt to access the network regardless of entry port, access point or VPN.</li><li>Management, visibility and control from HQ for all branches and other bank offices.</li><li>Assurance that customer wireless or other access is limited to specific established and appropriate VLAN(s)</li></ul>\r\n<span style=\"font-weight: 700; \">The Solution:</span>\r\n<span style=\"font-weight: 700; \"><br /></span>\r\nThe Bank selected and deployed Portnox for its ability to deliver constant and real-time control of all devices actively connected to any part of the network from a single centrally deployed location. In addition, with limited availability of IT staff at remote branch locations, Portnox was able to provide remote branch networks access and use of HQ guest network, quarantine and other VLANs with no local configuration or IT resources."},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":2818,"title":"Portnox","logoURL":"https://roi4cio.com/uploads/roi/company/Portnox.png","alias":"portnox","address":"","roles":[],"description":"Founded in 2007, Portnox is a market leader for network access control and management solutions that scale from small to medium businesses through to large-scale government and enterprise organizations. By spanning the diversity of network technologies and devices in-use today, Portnox platforms allow companies to grow, optimize and evolve their infrastructure while ensuring security and compliance.\r\n\r\nProducts include Portnox NAC, an on premises solution that scales to accommodate an increasing number and variety of devices, locations and environments; Portnox CLEAR, a SaaS cloud platform that delivers continuous, off and on premises risk monitoring of all of enterprise endpoints.\r\n\r\nSource: linkedin","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":2,"vendorImplementationsCount":2,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.portnox.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Portnox","keywords":"Portnox, that, network, devices, premises, enterprise, solution, scales","description":"Founded in 2007, Portnox is a market leader for network access control and management solutions that scale from small to medium businesses through to large-scale government and enterprise organizations. By spanning the diversity of network technologies and devices in-use today, Portnox platforms allow companies to grow, optimize and evolve their infrastructure while ensuring security and compliance.\r\n\r\nProducts include Portnox NAC, an on premises solution that scales to accommodate an increasing number and variety of devices, locations and environments; Portnox CLEAR, a SaaS cloud platform that delivers continuous, off and on premises risk monitoring of all of enterprise endpoints.\r\n\r\nSource: linkedin","og:title":"Portnox","og:description":"Founded in 2007, Portnox is a market leader for network access control and management solutions that scale from small to medium businesses through to large-scale government and enterprise organizations. By spanning the diversity of network technologies and devices in-use today, Portnox platforms allow companies to grow, optimize and evolve their infrastructure while ensuring security and compliance.\r\n\r\nProducts include Portnox NAC, an on premises solution that scales to accommodate an increasing number and variety of devices, locations and environments; Portnox CLEAR, a SaaS cloud platform that delivers continuous, off and on premises risk monitoring of all of enterprise endpoints.\r\n\r\nSource: linkedin","og:image":"https://roi4cio.com/uploads/roi/company/Portnox.png"},"eventUrl":""},"vendors":[{"id":2818,"title":"Portnox","logoURL":"https://roi4cio.com/uploads/roi/company/Portnox.png","alias":"portnox","address":"","roles":[],"description":"Founded in 2007, Portnox is a market leader for network access control and management solutions that scale from small to medium businesses through to large-scale government and enterprise organizations. By spanning the diversity of network technologies and devices in-use today, Portnox platforms allow companies to grow, optimize and evolve their infrastructure while ensuring security and compliance.\r\n\r\nProducts include Portnox NAC, an on premises solution that scales to accommodate an increasing number and variety of devices, locations and environments; Portnox CLEAR, a SaaS cloud platform that delivers continuous, off and on premises risk monitoring of all of enterprise endpoints.\r\n\r\nSource: linkedin","companyTypes":[],"products":{},"vendoredProductsCount":2,"suppliedProductsCount":2,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":2,"vendorImplementationsCount":2,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.portnox.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"seo":{"title":"Portnox","keywords":"Portnox, that, network, devices, premises, enterprise, solution, scales","description":"Founded in 2007, Portnox is a market leader for network access control and management solutions that scale from small to medium businesses through to large-scale government and enterprise organizations. By spanning the diversity of network technologies and devices in-use today, Portnox platforms allow companies to grow, optimize and evolve their infrastructure while ensuring security and compliance.\r\n\r\nProducts include Portnox NAC, an on premises solution that scales to accommodate an increasing number and variety of devices, locations and environments; Portnox CLEAR, a SaaS cloud platform that delivers continuous, off and on premises risk monitoring of all of enterprise endpoints.\r\n\r\nSource: linkedin","og:title":"Portnox","og:description":"Founded in 2007, Portnox is a market leader for network access control and management solutions that scale from small to medium businesses through to large-scale government and enterprise organizations. By spanning the diversity of network technologies and devices in-use today, Portnox platforms allow companies to grow, optimize and evolve their infrastructure while ensuring security and compliance.\r\n\r\nProducts include Portnox NAC, an on premises solution that scales to accommodate an increasing number and variety of devices, locations and environments; Portnox CLEAR, a SaaS cloud platform that delivers continuous, off and on premises risk monitoring of all of enterprise endpoints.\r\n\r\nSource: linkedin","og:image":"https://roi4cio.com/uploads/roi/company/Portnox.png"},"eventUrl":""}],"products":[{"id":1395,"logo":false,"scheme":false,"title":"Portnox CLEAR","vendorVerified":0,"rating":"1.00","implementationsCount":1,"suppliersCount":0,"alias":"portnox-clear","companyTypes":[],"description":"With a flexible pay-as-you-go pricing model, CLEAR delivers continuous, off and on premises risk monitoring of all network endpoints across wired, wireless and virtual networks. CLEAR’s goal is to bring accessible and easy to implement Network Access Control and Management (NAC/NAM) capabilities to every enterprise and mid-market organization, no matter their budget or size. The solution provides complete visibility and control into the state of the network and grants access based on a device’s risk profile – generated from information about the device itself, the network connection and the user’s identity. \r\n<span style=\"font-weight: bold;\">FEATURES AND BENEFITS</span>\r\n<ul> <li>Single-pane-of-glass visibility for endpoints in use in all locations and at all times</li> <li>Protects the network from vulnerabilities arising from the mobile workforce, BYOD, IoT</li> <li>Easy to deploy, with a pre-set infrastructure that requires no prior training</li> <li>Cloud-based and fully scalable, requiring absolutely no hardware</li> <li>Flexible subscription-based pay-as-you-go model to fit the needs of the growing enterprise</li> <li>Secure of all access layers–wired, wireless, and virtual</li> <li>Multi-factor authentication over the VPN based on user identity and device risk score</li> <li>Continuous risk monitoring that identifies vulnerable end points and takes automated actions</li> </ul>\r\nSource: https://www.portnox.com/portnox-clear/","shortDescription":"Portnox CLEAR is cloud-based network access control solution that simplifies the management of emerging cyber risks in enterprise.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":19,"sellingCount":13,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Portnox CLEAR","keywords":"","description":"With a flexible pay-as-you-go pricing model, CLEAR delivers continuous, off and on premises risk monitoring of all network endpoints across wired, wireless and virtual networks. CLEAR’s goal is to bring accessible and easy to implement Network Access Control and Management (NAC/NAM) capabilities to every enterprise and mid-market organization, no matter their budget or size. The solution provides complete visibility and control into the state of the network and grants access based on a device’s risk profile – generated from information about the device itself, the network connection and the user’s identity. \r\n<span style=\"font-weight: bold;\">FEATURES AND BENEFITS</span>\r\n<ul> <li>Single-pane-of-glass visibility for endpoints in use in all locations and at all times</li> <li>Protects the network from vulnerabilities arising from the mobile workforce, BYOD, IoT</li> <li>Easy to deploy, with a pre-set infrastructure that requires no prior training</li> <li>Cloud-based and fully scalable, requiring absolutely no hardware</li> <li>Flexible subscription-based pay-as-you-go model to fit the needs of the growing enterprise</li> <li>Secure of all access layers–wired, wireless, and virtual</li> <li>Multi-factor authentication over the VPN based on user identity and device risk score</li> <li>Continuous risk monitoring that identifies vulnerable end points and takes automated actions</li> </ul>\r\nSource: https://www.portnox.com/portnox-clear/","og:title":"Portnox CLEAR","og:description":"With a flexible pay-as-you-go pricing model, CLEAR delivers continuous, off and on premises risk monitoring of all network endpoints across wired, wireless and virtual networks. CLEAR’s goal is to bring accessible and easy to implement Network Access Control and Management (NAC/NAM) capabilities to every enterprise and mid-market organization, no matter their budget or size. The solution provides complete visibility and control into the state of the network and grants access based on a device’s risk profile – generated from information about the device itself, the network connection and the user’s identity. \r\n<span style=\"font-weight: bold;\">FEATURES AND BENEFITS</span>\r\n<ul> <li>Single-pane-of-glass visibility for endpoints in use in all locations and at all times</li> <li>Protects the network from vulnerabilities arising from the mobile workforce, BYOD, IoT</li> <li>Easy to deploy, with a pre-set infrastructure that requires no prior training</li> <li>Cloud-based and fully scalable, requiring absolutely no hardware</li> <li>Flexible subscription-based pay-as-you-go model to fit the needs of the growing enterprise</li> <li>Secure of all access layers–wired, wireless, and virtual</li> <li>Multi-factor authentication over the VPN based on user identity and device risk score</li> <li>Continuous risk monitoring that identifies vulnerable end points and takes automated actions</li> </ul>\r\nSource: https://www.portnox.com/portnox-clear/"},"eventUrl":"","translationId":1396,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":205,"title":"NAC - Network Access Control","alias":"nac-network-access-control","description":"<span style=\"font-weight: bold; \">Network Access Control (NAC)</span> is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement. NAC solutions have become an extremely valuable tool in recent years, as mobile devices and the Internet of Things (IoT) have surged to prominence in various industries across the world. These new pieces of emerging technology come with their own set of vulnerabilities, which poses a challenge to IT security experts. \r\nNAC systems are put into place to make sure that anyone who enters the system, both in terms of users and devices, is authorized. After being routed the efforts at connection, the network access control system confirms privileges using an identity and access management (IAM, a program that checks users for appropriate permissions to access data materials, as indicated by internal policies). With the information from the IAM, along with a pre-established list of rules, the NAC software is able to smartly accept or deny access requests.\r\nFortunately, NAC products are designed to handle large enterprise networks that have a range of device types trying to connect at all times. Without a NAC in place, companies take on a huge amount of risk by adopting a bring-your-own-device (BYOD) policy, which allows employees and vendors to use their own smartphones and tablets on the local network. Network access control software and hardware require an upfront investment but prove their worth in the long run.","materialsDescription":"<h1 class=\"align-center\"> How a NAC solution works?</h1>\r\nWhen you adopt a network access control solution, the first thing it will do is find all devices currently accessing the system; identify what kind of device they are; and determine whether to validate them and how to treat them using preestablished protocols designed by the company’s security personnel. A network access control system has rules related to a wide spectrum of devices, along with finely grained settings to help you determine permissions. A unified administrative system houses these rules and applies them as needed.\r\nMany companies will utilize NAC as their staff grows and they have an increasing number of devices to manage. These solutions are also helpful for achieving data protection across a variety of different branch locations. The difficulty of securing an organization and managing access has become especially overwhelming in an era when widespread incorporation of IOT devices is becoming more common throughout business; NAC is the fix. The general issue with bring your own device (BYOD), though, is what drew many businesses to this service.\r\n<h1 class=\"align-center\">How to Choose a Network Access Control Solution</h1>\r\nTo help narrow down your search for NAC products, you should first focus on tools that offer native integration with your enterprise’s existing software. You don’t want to have to change your infrastructure or network design in order to bring the NAC solution online. If you are heavily dependent on a cloud architecture, then look for solutions that are fully supported by your hosting provider.\r\nNext, think about what kind of proactive tools come included with the NAC suite. Some vendors offer all-in-one packages that feature a full virus scanning utility and firewall mechanism alongside everything else in the NAC. If your IT security strategy is not very mature, this kind of suite may be very helpful.\r\nOf course, one key factor when looking at NAC options is the price point. Some vendors will sell their products at a flat rate, while others are quickly going the route of Software as a Service (SaaS) subscription, an increasingly-popular business model that requires a monthly payment and ongoing contract. Think about the state of your IT budget while remembering that the