{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"company":{"role-vendor":{"en":"Vendor","ru":"Производитель","_type":"localeString"},"role-supplier":{"ru":"Поставщик","_type":"localeString","en":"Supplier"},"products-popover":{"de":"die produkte","ru":"Продукты","_type":"localeString","en":"Products"},"introduction-popover":{"en":"introduction","ru":"внедрения","_type":"localeString"},"partners-popover":{"ru":"партнеры","_type":"localeString","en":"partners"},"update-profile-button":{"ru":"Обновить профиль","_type":"localeString","en":"Update profile"},"read-more-button":{"en":"Show more","ru":"Показать ещё","_type":"localeString"},"hide-button":{"en":"Hide","ru":"Скрыть","_type":"localeString"},"user-implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"categories":{"en":"Categories","ru":"Компетенции","_type":"localeString"},"description":{"ru":"Описание","_type":"localeString","en":"Description"},"role-user":{"en":"User","ru":"Пользователь","_type":"localeString"},"partnership-vendors":{"en":"Partnership with vendors","ru":"Партнерство с производителями","_type":"localeString"},"partnership-suppliers":{"en":"Partnership with suppliers","ru":"Партнерство с поставщиками","_type":"localeString"},"reference-bonus":{"_type":"localeString","en":"Bonus 4 reference","ru":"Бонус за референс"},"partner-status":{"_type":"localeString","en":"Partner status","ru":"Статус партнёра"},"country":{"ru":"Страна","_type":"localeString","en":"Country"},"partner-types":{"ru":"Типы партнеров","_type":"localeString","en":"Partner types"},"branch-popover":{"ru":"область деятельности","_type":"localeString","en":"branch"},"employees-popover":{"ru":"количество сотрудников","_type":"localeString","en":"number of employees"},"partnership-programme":{"en":"Partnership program","ru":"Партнерская программа","_type":"localeString"},"partner-discounts":{"ru":"Партнерские скидки","_type":"localeString","en":"Partner discounts"},"registered-discounts":{"ru":"Дополнительные преимущества за регистрацию сделки","_type":"localeString","en":"Additional benefits for registering a deal"},"additional-advantages":{"ru":"Дополнительные преимущества","_type":"localeString","en":"Additional Benefits"},"additional-requirements":{"ru":"Требования к уровню партнера","_type":"localeString","en":"Partner level requirements"},"certifications":{"en":"Certification of technical specialists","ru":"Сертификация технических специалистов","_type":"localeString"},"sales-plan":{"_type":"localeString","en":"Annual Sales Plan","ru":"Годовой план продаж"},"partners-vendors":{"en":"Partners-vendors","ru":"Партнеры-производители","_type":"localeString"},"partners-suppliers":{"en":"Partners-suppliers","ru":"Партнеры-поставщики","_type":"localeString"},"all-countries":{"ru":"Все страны","_type":"localeString","en":"All countries"},"supplied-products":{"ru":"Поставляемые продукты","_type":"localeString","en":"Supplied products"},"vendored-products":{"ru":"Производимые продукты","_type":"localeString","en":"Produced products"},"vendor-implementations":{"ru":"Производимые внедрения","_type":"localeString","en":"Produced deployments"},"supplier-implementations":{"ru":"Поставляемые внедрения","_type":"localeString","en":"Supplied deployments"},"show-all":{"ru":"Показать все","_type":"localeString","en":"Show all"},"not-yet-converted":{"en":"Data is moderated and will be published soon. Please, try again later.","ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время.","_type":"localeString"},"schedule-event":{"_type":"localeString","en":"Events schedule","ru":"Pасписание событий"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"register":{"ru":"Регистрация ","_type":"localeString","en":"Register"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"auth-message":{"en":"To view company events please log in or register on the sit.","ru":"Для просмотра ивентов компании авторизируйтесь или зарегистрируйтесь на сайт.","_type":"localeString"},"company-presentation":{"_type":"localeString","en":"Company presentation","ru":"Презентация компании"}},"header":{"help":{"en":"Help","de":"Hilfe","ru":"Помощь","_type":"localeString"},"how":{"de":"Wie funktioniert es","ru":"Как это работает","_type":"localeString","en":"How does it works"},"login":{"en":"Log in","de":"Einloggen","ru":"Вход","_type":"localeString"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"_type":"localeString","en":"FAQ","de":"FAQ","ru":"FAQ"},"references":{"_type":"localeString","en":"Requests","de":"References","ru":"Мои запросы"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find-it-product":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"en":"ROI calculators","ru":"ROI калькуляторы","_type":"localeString"},"b4r":{"en":"Bonus for reference","ru":"Бонус за референс","_type":"localeString"},"business-booster":{"en":"Business boosting","ru":"Развитие бизнеса","_type":"localeString"},"catalogs":{"_type":"localeString","en":"Catalogs","ru":"Каталоги"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"ru":"Категории","_type":"localeString","en":"Categories"},"for-suppliers":{"ru":"Поставщикам","_type":"localeString","en":"For suppliers"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"_type":"localeString","en":"Deals","ru":"Сделки"},"my-account":{"en":"My account","ru":"Мой кабинет","_type":"localeString"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"ru":"Удаление","_type":"localeString","en":"Deletion"},"comparison-confirm":{"ru":"Подтвердите удаление","_type":"localeString","en":"Are you sure you want to delete"},"search-placeholder":{"ru":"Введите поисковый запрос","_type":"localeString","en":"Enter your search term"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"en":"About Us","_type":"localeString"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"en":"Make online presentations","_type":"localeString"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"en":"Learn implementation reviews","_type":"localeString"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"_type":"localeString","en":"Explore IT products by category"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"ru":"Все права защищены","_type":"localeString","en":"All rights reserved","de":"Alle rechte vorbehalten"},"company":{"_type":"localeString","en":"My Company","de":"Über die Firma","ru":"О компании"},"about":{"en":"About us","de":"Über uns","ru":"О нас","_type":"localeString"},"infocenter":{"ru":"Инфоцентр","_type":"localeString","en":"Infocenter","de":"Infocenter"},"tariffs":{"de":"Tarife","ru":"Тарифы","_type":"localeString","en":"Subscriptions"},"contact":{"_type":"localeString","en":"Contact us","de":"Kontaktiere uns","ru":"Связаться с нами"},"marketplace":{"en":"Marketplace","de":"Marketplace","ru":"Marketplace","_type":"localeString"},"products":{"ru":"Продукты","_type":"localeString","en":"Products","de":"Produkte"},"compare":{"_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche","ru":"Подобрать и сравнить"},"calculate":{"ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost","de":"Kosten berechnen"},"get_bonus":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt"},"salestools":{"ru":"Salestools","_type":"localeString","en":"Salestools","de":"Salestools"},"automatization":{"de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation"},"roi_calcs":{"de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"matrix":{"de":"Vergleichsmatrix","ru":"Матрица сравнения","_type":"localeString","en":"Comparison matrix"},"b4r":{"en":"Rebate 4 Reference","de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку","_type":"localeString"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"_type":"localeString","en":"Privacy Policy","ru":"Политика конфиденциальности"},"user_agreement":{"en":"Agreement","ru":"Пользовательское соглашение ","_type":"localeString"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"quote":{"ru":"Калькулятор цены","_type":"localeString","en":"Price calculator"},"boosting":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"_type":"localeString","en":"blog","ru":"блог"},"pay4content":{"ru":"платим за контент","_type":"localeString","en":"we pay for content"},"categories":{"en":"categories","ru":"категории","_type":"localeString"},"showForm":{"_type":"localeString","en":"Show form","ru":"Показать форму"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"ru":"Email","_type":"localeString","en":"Email"},"subscribe__name-label":{"en":"Name","ru":"Имя","_type":"localeString"},"subscribe__required-message":{"ru":"Это поле обязательное","_type":"localeString","en":"This field is required"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data","ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*"},"subscribe__submit-label":{"ru":"Подписаться","_type":"localeString","en":"Subscribe"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"_type":"localeString","en":"Last, first name","ru":"Имя Фамилия"},"subscribe__success":{"_type":"localeString","en":"You are successfully subscribed! Check you mailbox.","ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик."},"subscribe__error":{"ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString","en":"Subscription is unsuccessful. Please, try again later."},"roi4presenter":{"en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter","_type":"localeString"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"ru":"Главная","_type":"localeString","en":"Home"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"registration":{"ru":"Регистрация","_type":"localeString","en":"Registration"},"b2b-platform":{"ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers"}},"comment-form":{"title":{"_type":"localeString","en":"Leave comment","ru":"Оставить комментарий"},"firstname":{"en":"First name","ru":"Имя","_type":"localeString"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"_type":"localeString","en":"Actual cost","ru":"Фактическая стоимость"},"received-roi":{"en":"Received ROI","ru":"Полученный ROI","_type":"localeString"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"_type":"localeString","en":"Comment","ru":"Комментарий"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"_type":"localeString","en":"I agree","ru":"Я согласен"},"terms-of-use":{"ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString","en":"With user agreement and privacy policy"},"send":{"_type":"localeString","en":"Send","ru":"Отправить"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"ru":"На сайте проводятся технические работы","_type":"localeString","en":"Site under maintenance"},"message":{"ru":"Спасибо за ваше понимание","_type":"localeString","en":"Thank you for your understanding"}}},"translationsStatus":{"company":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"company":{"title":{"ru":"ROI4CIO: Компания","_type":"localeString","en":"ROI4CIO: Company"},"meta":[{"content":"https://roi4cio.com/fileadmin/templates/roi4cio/image/roi4cio-logobig.jpg","name":"og:image"},{"content":"website","name":"og:type"}],"translatable_meta":[{"translations":{"ru":"Компания","_type":"localeString","en":"Company"},"name":"title"},{"name":"description","translations":{"en":"Company description","ru":"Описание компании","_type":"localeString"}},{"translations":{"en":"Company keywords","ru":"Ключевые слова для компании","_type":"localeString"},"name":"keywords"}]}},"pageMetaDataStatus":{"company":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{"f5-networks":{"id":2749,"title":"F5 Networks","logoURL":"https://old.roi4cio.com/uploads/roi/company/f5.png","alias":"f5-networks","address":"","roles":[{"id":3,"type":"vendor"}],"description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, and other network resources. F5 is headquartered in Seattle, Washington, and has development, manufacturing, and sales/marketing offices worldwide. F5 originally manufactured and sold some of the industry's first load balancing products. In 2010 and 2011, F5 Networks was on Fortune's list of 100 Fastest-Growing Companies worldwide. The company was also rated one of the top ten best-performing stocks by S&P 500 in 2010.\r\n\r\nSource: https://en.wikipedia.org/wiki/F5_Networks","companyTypes":["vendor"],"products":{},"vendoredProductsCount":6,"suppliedProductsCount":6,"supplierImplementations":[],"vendorImplementations":[{"id":271,"title":"BIG-IP Local Traffic Manager (LTM) for Ukrainian retail leader","description":"Description is not ready yet","alias":"big-ip-local-traffic-manager-ltm-for-ukrainian-retail-leader","roi":0,"seo":{"title":"BIG-IP Local Traffic Manager (LTM) for Ukrainian retail leader","keywords":"","description":"Description is not ready yet","og:title":"BIG-IP Local Traffic Manager (LTM) for Ukrainian retail leader","og:description":"Description is not ready yet"},"deal_info":"","user":{"id":596,"title":"FOZZY GROUP","logoURL":"https://old.roi4cio.com/uploads/roi/company/FOZZY_GROUP.png","alias":"fozzy-group","address":"","roles":[],"description":"FOZZY GROUP, THE GROUP OF COMPANIES\r\nFozzy Group is one of the largest trade industrial groups in Ukraine and one of the leading Ukrainian retailers, with over 600 outlets all around the country. Besides retail, the Group's businesses interests include food production, bank business, and restaurants.\r\nThe group sells food and household products via its Silpo supermarkets chain and Le Silpo premium stores, wholesale and retail Fozzy hypermarkets, Fora convenience stores, and thrash! discounters chain. Fozzy Group chains stock their own brands of goods Premiya, Premiya Select, Povna Chasha, Povna Charka, Zelena Krayina, Protex, EXTRA!, and others. Silpo supermarkets have a customer loyalty program called Vlasnyi Rakhunok, which, in addition to offering customer rewards, is an effective research and marketing tool for both the chain and for suppliers.\r\nThe group sells non-food products in its Bila Romashka pharmaceutical supermarkets, and ringoo personal electronics stores.\r\nThe major industrial enterprises in the Fozzy Group are the Nizhyn canning business and the Varto poultry factory, Boguslav Food Plant, and Vogni Hestii, LLC (Lights of Hestya).\r\nBanking sector is another Group's business area. Fozzy Group is a key shareholder of PJSC “BANK VOSTOK” and the new operator in the shipping market - Justin.\r\nFozzy Group restaurant business includes the U Hromogo Pola, Staromak, POSITANO, Jiao-bar, ESCOBAR ,WHO&WHY.DRINKERY bar, and two bakeries Boulangerie in Kyiv.\r\nFozzy Group is introducing modern solutions in all areas of its activity. By investing in improving its business processes, the group has achieved leading positions in the retail market. By performing retail chains logistics through its own distribution centers, Fozzy Group has been able to ensure the timely delivery of food to its stores all over Ukraine. In addition, the group operates its own quality control system, ensuring full compliance with its standards in goods storage, transportation and sale.\r\nSince its inception in 1997, Fozzy Group has focused on making innovative business improvements, creating new opportunities for the market and further developing the industry as a whole.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":4,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://www.fozzy.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"FOZZY GROUP","keywords":"GROUP, Ukrainian, with, retailers, leading, over, country, Besi","description":"FOZZY GROUP, THE GROUP OF COMPANIES\r\nFozzy Group is one of the largest trade industrial groups in Ukraine and one of the leading Ukrainian retailers, with over 600 outlets all around the country. Besides retail, the Group's businesses interests include food pr","og:title":"FOZZY GROUP","og:description":"FOZZY GROUP, THE GROUP OF COMPANIES\r\nFozzy Group is one of the largest trade industrial groups in Ukraine and one of the leading Ukrainian retailers, with over 600 outlets all around the country. Besides retail, the Group's businesses interests include food pr","og:image":"https://old.roi4cio.com/uploads/roi/company/FOZZY_GROUP.png"},"eventUrl":""},"supplier":{"id":248,"title":"IT INTEGRATOR","logoURL":"https://old.roi4cio.com/uploads/roi/company/IT-Integrator_logo.png","alias":"it-integrator","address":"Киев, ул. Смоленская, 31-33, 3 корпус тел. (044) 538-00-69","roles":[],"description":"IT-Integrator - ukrainian system integrator, has a wide product range and high competencies in the field of IT. The company was founded December 5, 2000. By focusing its activities on advanced technologies, the company offers its customers a wide range of products and services designed to increase efficiency. The company promotes the formation of IT literacy for the development of the Ukrainian economy.<br />Advantages\r\n<ul><li>Years of experience in the Ukrainian market</li></ul>\r\n<ul><li>Full range of IT services - from the sale of equipment to the audit services, engineering, consulting and support</li></ul>\r\n<ul><li>More than 60 certified engineers</li></ul>\r\n<ul><li>Focusing on business customers' needs</li></ul>\r\n<ul><li>Cooperation with world manufacturers of hardware and software</li></ul>\r\n<ul><li>High quality equipment certified delivery, warranty, service support and maintenance</li></ul>\r\n<ul><li>An extensive branch network: the representation of all regions of Ukraine</li></ul>","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":211,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":10,"vendorImplementationsCount":0,"vendorPartnersCount":8,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://it-integrator.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"IT INTEGRATOR","keywords":"company, customers, focusing, services, wide, Ukrainian, range, segment","description":"IT-Integrator - ukrainian system integrator, has a wide product range and high competencies in the field of IT. The company was founded December 5, 2000. By focusing its activities on advanced technologies, the company offers its customers a wide range of prod","og:title":"IT INTEGRATOR","og:description":"IT-Integrator - ukrainian system integrator, has a wide product range and high competencies in the field of IT. The company was founded December 5, 2000. By focusing its activities on advanced technologies, the company offers its customers a wide range of prod","og:image":"https://old.roi4cio.com/uploads/roi/company/IT-Integrator_logo.png"},"eventUrl":""},"vendors":[{"id":2749,"title":"F5 Networks","logoURL":"https://old.roi4cio.com/uploads/roi/company/f5.png","alias":"f5-networks","address":"","roles":[],"description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, and other network resources. F5 is headquartered in Seattle, Washington, and has development, manufacturing, and sales/marketing offices worldwide. F5 originally manufactured and sold some of the industry's first load balancing products. In 2010 and 2011, F5 Networks was on Fortune's list of 100 Fastest-Growing Companies worldwide. The company was also rated one of the top ten best-performing stocks by S&P 500 in 2010.\r\n\r\nSource: https://en.wikipedia.org/wiki/F5_Networks","companyTypes":[],"products":{},"vendoredProductsCount":6,"suppliedProductsCount":6,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"http://www.f5.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"F5 Networks","keywords":"2010, worldwide, delivery, that, Networks, company, Fortune, list","description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:title":"F5 Networks","og:description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:image":"https://old.roi4cio.com/uploads/roi/company/f5.png"},"eventUrl":""}],"products":[{"id":201,"logo":false,"scheme":false,"title":"BIG-IP Local Traffic Manager","vendorVerified":0,"rating":"1.70","implementationsCount":2,"suppliersCount":0,"alias":"big-ip-local-traffic-manager","companyTypes":[],"description":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intelligent traffic management decisions, selecting the right destination based on server performance, security, and availability.\r\n\r\nYes, BIG-IP LTM enables sophisticated load balancing. But, that’s just the beginning.\r\nFull proxy means full power.\r\n\r\nIf you can see it, you can manipulate it.\r\n\r\nBecause BIG-IP LTM is a full proxy, you can inspect, manage, and report on application traffic entering and exiting your network. From basic load balancing to complex traffic management decisions based on client, server, or application status, BIG-IP LTM gives you granular control over app traffic.\r\n\r\nFor example, if you want to direct traffic based on the requested URL or log specific server responses to a reporting system, BIG-IP LTM has the architecture and the tools you need to do it.\r\n\r\nOperational efficiency? Check.\r\n\r\nBIG-IP LTM can optimize the speed and reliability of your applications via both network and application layers.\r\n\r\nUsing real-time protocol and traffic management decisions based on application and server conditions, extensive connection management, and TCP and content offloading, BIG-IP LTM dramatically improves page load times and the user experience.\r\n\r\nWhether it’s negotiating high-latency networks or offloading millions of connections, BIG-IP LTM can improve the performance of your infrastructure and your applications.\r\n\r\nThe SSL performance of BIG-IP LTM lets you cost-effectively protect the end-to-end user experience by encrypting everything from the client to the server. It also scales on-demand and absorbs potentially crippling DDoS attacks.\r\n\r\nOften SSL is turned on throughout the network. Thing is, most network security devices aren’t built to detect malicious traffic in layers 4–7. Separating the good and bad traffic is the first problem, taking action on the malicious traffic is the second.\r\n\r\nBIG-IP LTM includes levels of inspection necessary to block bad traffic and allow good traffic to pass through.\r\n\r\n","shortDescription":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":7,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"BIG-IP Local Traffic Manager","keywords":"traffic, BIG-IP, application, network, server, your, based, management","description":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intel","og:title":"BIG-IP Local Traffic Manager","og:description":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intel"},"eventUrl":"","translationId":202,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":217,"title":"Ukraine","name":"UKR"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"}]}},"categories":[{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"http://it-integrator.ua/project/lider-ukrainskogo-riteyla-uluchshil-rabotu-klyuchevyh-informacionnyh-servisov","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":132,"title":"F5 BIG-IP DNS for ARUP","description":"<span style=\"font-weight: bold;\">The Challenge</span>\r\nWhen starting a new building project, Arup opens an office on site, which remains in place for the duration of the build, often for a number of years. It is paramount that employees have all the resources they need available to them and can start operating from the site straight away in order to work efficiently and meet deadlines. However, different parts of the company were using competing IT technologies from several vendors. As more project sites were built across the globe, it was becoming increasingly complex and difficult to manage the network and it was proving to be very costly for the infrastructure to keep up with user demands. Arup wanted to resolve this by consolidating the various systems into one; having one solution for all. By having a robust infrastructure that was easy to manage, it would bring operational efficiency and cost savings.\r\n\r\n<span style=\"font-weight: bold;\">The Solution</span>\r\nArup turned to SecureData, the independent IT security service provider, who it saw as a trusted consultant. SecureData reviewed the situation and recommended two innovative solutions. Firstly, SecureData deployed Application Delivery Network provider F5’s BIG-IP Local Traffic Manager (LTM). The application delivery controller allows the load balancing of multiple servers. It automatically points the user at the correct server depending on location, loading and availability. This turns the network into an agile infrastructure for application delivery – improving speed, and providing security and resilience. This would give Arup the flexibility and control to add applications and servers easily, as well as eliminate downtime and improve application performance.\r\nThe second solution to be deployed by SecureData was F5’s Big-IP Global Traffic Manager (GTM), which directs users to resources around the world depending on availability and location. It works by distributing user application requests based on business policies, data centre and network conditions, user location, and application performance to ensure high availability of global application. This gives holistic control of Arup’s global traffic to ensure better application performance, less downtime and simplified management. If a data centre goes down, it will automatically look for another and re-direct users to ensure that resources and support are always available. This enables Arup to optimise its application delivery across its globally distributed data centres as well as manage its complex distributed network simply and efficiently.\r\n\r\n<span style=\"font-weight: bold;\">The Implementation</span>\r\nPhase one of the implementation kicked off in mid-2009 which saw the initial evaluation right through to production. The implementation began in September of that year and saw the migration of the incumbent solution over to F5’s through a phased approach which took approximately nine months to complete. Phase two saw the process become automated. Arup is currently trialling the acceleration of the solution through various methods that speed up application performance ensuring that the users, wherever they are, get the same performance and experience even if it was a remote or local connection. Trial results have been good and Arup is now getting additional services from SecureData such as technical updates on its hardware.\r\nArup continues to leverage investment and is keen to begin trials to integrate functionality between F5 and other onpremise systems to automatically spin-up and –down servers automatically, providing fully ‘elastic’ server capacity when needed most, instead of investing in additional, seldom-used hardware.\r\n\r\n<span style=\"font-weight: bold;\">The Benefits</span>\r\nBy streamlining application delivery, Arup is provided with an agile and flexible infrastructure. This enables the company to obtain all the functionality it needs to optimise performance. This reduces the server load, bandwidth usage and related costs. Applications and data are secured and can be accelerated up to three times. Arup now has full control of application traffic to handle its ever-growing business, infrastructure and application demands.\r\n\r\n<span style=\"font-style: italic;\">“Information Technology is moving at an unprecedented rate, we expect our trusted partners to be able to provide expert advice on-demand; technology solutions that are robust and reliable; pricing that is costeffective, and all backed up by professional support services. We believe that SecureData is able to meet our stringent requirements and we are happy to count them as a trusted partner.”</span> - Mark Judge, Global IT Operations Manager, Arup","alias":"f5-big-ip-dns-for-arup","roi":0,"seo":{"title":"F5 BIG-IP DNS for ARUP","keywords":"application, Arup, that, SecureData, This, performance, infrastructure, Manager","description":"<span style=\"font-weight: bold;\">The Challenge</span>\r\nWhen starting a new building project, Arup opens an office on site, which remains in place for the duration of the build, often for a number of years. It is paramount that employees have all the resources ","og:title":"F5 BIG-IP DNS for ARUP","og:description":"<span style=\"font-weight: bold;\">The Challenge</span>\r\nWhen starting a new building project, Arup opens an office on site, which remains in place for the duration of the build, often for a number of years. It is paramount that employees have all the resources "},"deal_info":"","user":{"id":2951,"title":"Arup","logoURL":"https://old.roi4cio.com/uploads/roi/company/Arup.png","alias":"arup","address":"","roles":[],"description":"We are an independent firm of designers, planners, engineers, consultants and technical specialists offering a broad range of professional services. Through our work, we make a positive difference in the world. We shape a better world.\r\nRead the Key SpeechSir Ove Arup working at the Sydney Opera House site.\r\nFounded in 1946 with an initial focus on structural engineering, Arup first came to the world’s attention with the structural design of the Sydney Opera House, followed by its work on the Centre Pompidou in Paris. Arup has since grown into a truly multidisciplinary organisation. Most recently, its work for the Singapore Sports Hub has reaffirmed its reputation for delivering innovative and sustainable designs that reinvent the built environment.\r\nArup brings together broad-minded individuals from a wide range of disciplines and encourages them to look beyond the constraints of their own specialisms.\r\nThis unconventional approach to design springs in part from Arup’s ownership structure. The firm is owned in trust on behalf of its staff. The result is an independence of spirit that is reflected in the firm’s work, and in its dedicated pursuit of technical excellence.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://www.arup.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Arup","keywords":"Arup, work, from, design, world, Sydney, firm, Opera","description":"We are an independent firm of designers, planners, engineers, consultants and technical specialists offering a broad range of professional services. Through our work, we make a positive difference in the world. We shape a better world.\r\nRead the Key SpeechSir ","og:title":"Arup","og:description":"We are an independent firm of designers, planners, engineers, consultants and technical specialists offering a broad range of professional services. Through our work, we make a positive difference in the world. We shape a better world.\r\nRead the Key SpeechSir ","og:image":"https://old.roi4cio.com/uploads/roi/company/Arup.png"},"eventUrl":""},"supplier":{"id":2950,"title":"SecureData","logoURL":"https://old.roi4cio.com/uploads/roi/company/SecureData.jpg","alias":"securedata","address":"","roles":[],"description":"Founded in 1992, SecureData is one of Europe’s largest security service providers with an annual turnover in excess of £30 million. We specialise in delivering managed services that help businesses secure their data and networks to minimise disruption.\r\n\r\nHeadquartered in Maidstone, Kent, SecureData has more than a decade of experience as a managed security services provider and over 2500 blue-chip customers across Europe, Africa and the USA. We are currently expanding globally, with recent acquisitions including SensePost, Paterva, and Quadrant Networks. \r\n\r\nOur complete security services assess risk, detect threats in real-time, protect valuable assets and instantly respond to breaches when they happen. We help our customers fight an increasing array of cyberthreats, improve employee mobility, ensure regulatory compliance and allow the safe adoption of both cloud computing and consumer technologies in the workplace.","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":1,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":1,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.secdata.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"SecureData","keywords":"SecureData, services, security, help, customers, with, managed, respond","description":"Founded in 1992, SecureData is one of Europe’s largest security service providers with an annual turnover in excess of £30 million. We specialise in delivering managed services that help businesses secure their data and networks to minimise disruption.\r\n\r\nHead","og:title":"SecureData","og:description":"Founded in 1992, SecureData is one of Europe’s largest security service providers with an annual turnover in excess of £30 million. We specialise in delivering managed services that help businesses secure their data and networks to minimise disruption.\r\n\r\nHead","og:image":"https://old.roi4cio.com/uploads/roi/company/SecureData.jpg"},"eventUrl":""},"vendors":[{"id":2749,"title":"F5 Networks","logoURL":"https://old.roi4cio.com/uploads/roi/company/f5.png","alias":"f5-networks","address":"","roles":[],"description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, and other network resources. F5 is headquartered in Seattle, Washington, and has development, manufacturing, and sales/marketing offices worldwide. F5 originally manufactured and sold some of the industry's first load balancing products. In 2010 and 2011, F5 Networks was on Fortune's list of 100 Fastest-Growing Companies worldwide. The company was also rated one of the top ten best-performing stocks by S&P 500 in 2010.\r\n\r\nSource: https://en.wikipedia.org/wiki/F5_Networks","companyTypes":[],"products":{},"vendoredProductsCount":6,"suppliedProductsCount":6,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"http://www.f5.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"F5 Networks","keywords":"2010, worldwide, delivery, that, Networks, company, Fortune, list","description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:title":"F5 Networks","og:description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:image":"https://old.roi4cio.com/uploads/roi/company/f5.png"},"eventUrl":""}],"products":[{"id":500,"logo":false,"scheme":false,"title":"F5 BIG-IP DNS (formerly Global Traffic Manager - GTM)","vendorVerified":0,"rating":"1.70","implementationsCount":1,"suppliersCount":0,"alias":"f5-big-ip-dns-formerly-global-traffic-manager-gtm","companyTypes":[],"description":"Speed, meet security.\r\nBIG-IP DNS hyperscales up to 100 million responses per second (RPS) to manage rapid increases in DNS queries. \r\nWith a set of features that includes multicore scalability, DNS Express, and IP Anycast integration, BIG-IP DNS handles millions of DNS queries, protects your business from DDoS attacks, and ensures top application performance for users.\r\nBIG-IP DNS delivers a real-time, signed DNSSEC query response and DNS firewall services for attack protection and mitigates complex threats by blocking access to malicious domains.\r\nWorks with what you already have in place.\r\nBIG-IP DNS services integrate with DNS zone management solutions, increase DNS performance at the network edge, and mask the DNS back-end infrastructure.\r\n\r\nThat translates into higher productivity, server consolidation, faster responses, and protected DNS management.\r\nAll-over availability.\r\nBIG-IP DNS routes distributed app traffic to keep pace with changing network and user volumes that can overwhelm data centers during peak traffic times.\r\nBIG-IP DNS can also be configured as a full proxy for global load balancing applications and DNS across architectures, as well as across the globe. Plus, you can use it in virtual and hybrid cloud environments to extend DNS services and global app availability while keeping centralized control within the data center.\r\n","shortDescription":"BIG-IP DNS improves the performance and availability of your global applications by sending users to the closest or best-performing physical, virtual, or cloud environment. It also hyperscales and secures your DNS infrastructure from DDoS attacks and delivers a real-time DNSSEC solution that protects against hijacking attacks.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":5,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"F5 BIG-IP DNS (formerly Global Traffic Manager - GTM)","keywords":"BIG-IP, services, with, across, availability, that, global, queries","description":"Speed, meet security.\r\nBIG-IP DNS hyperscales up to 100 million responses per second (RPS) to manage rapid increases in DNS queries. \r\nWith a set of features that includes multicore scalability, DNS Express, and IP Anycast integration, BIG-IP DNS handles ","og:title":"F5 BIG-IP DNS (formerly Global Traffic Manager - GTM)","og:description":"Speed, meet security.\r\nBIG-IP DNS hyperscales up to 100 million responses per second (RPS) to manage rapid increases in DNS queries. \r\nWith a set of features that includes multicore scalability, DNS Express, and IP Anycast integration, BIG-IP DNS handles "},"eventUrl":"","translationId":501,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":7,"title":"Improve Customer Service"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":281,"title":"No IT security guidelines"},{"id":177,"title":"Decentralized IT systems"}]}},"categories":[{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://www.secdata.com/resource/arup-resilient-infrastructure","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":273,"title":"F5 BIG-IP Local Traffic Manager (LTM) for bank","description":"Description is not ready yet","alias":"f5-big-ip-local-traffic-manager-ltm-for-bank","roi":0,"seo":{"title":"F5 BIG-IP Local Traffic Manager (LTM) for bank","keywords":"","description":"Description is not ready yet","og:title":"F5 BIG-IP Local Traffic Manager (LTM) for bank","og:description":"Description is not ready yet"},"deal_info":"","user":{"id":544,"title":"Raiffeisen Bank Aval","logoURL":"https://old.roi4cio.com/uploads/roi/company/Aval.jpg","alias":"raiffaizen-bank-aval","address":"","roles":[],"description":"Raiffeisen Bank Aval Public Joint Stock Company was registered on March 27, 1992 (operated under the brand name of Joint Stock Postal Pension Bank Aval until September 25, 2006). Since October 2005, the Bank has been part of the Raiffeisen International Bank Holding AG Group, Austria (since October 2010 — Raiffeisen Bank International AG, as of September 30, 2015 the Group held 96.46% of shares in the Bank).\r\nThe Bank provides a broad range of standard and innovative banking services through its nationwide network which comprised, as of September 30, 2015, 617 outlets located in big cities, provincial and community centers throughout Ukraine.\r\nThe Bank has an effective management structure, based on a clear division into business lines and supporting verticals (information technologies, operation support, controlling, security and other) both in the Bank’s Head-office and regional directorates. As a truly international bank, Raiffeisen Bank Aval clearly separates front-office functions from back-office ones to achieve higher quality of client service and enhance risk mitigation.\r\nTraditionally, Raiffeisen Bank Aval is ranked among top Ukrainian banks by trust and recognition of clients, partners and experts, both Ukrainian and international.\r\nThe Bank strives to improve its customer service quality through using its own long-term experience, the valuable expertise of Raiffeisen Bank International network banks and the newest technologies.\r\nSource: https://www.linkedin.com/company/raiffeisen-bank-aval/about/","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":6,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://www.aval.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Raiffeisen Bank Aval","keywords":"Aval, Bank, Raiffeisen, Joint, Stock, name, brand, Postal","description":"Raiffeisen Bank Aval Public Joint Stock Company was registered on March 27, 1992 (operated under the brand name of Joint Stock Postal Pension Bank Aval until September 25, 2006). Since October 2005, the Bank has been part of the Raiffeisen International Bank H","og:title":"Raiffeisen Bank Aval","og:description":"Raiffeisen Bank Aval Public Joint Stock Company was registered on March 27, 1992 (operated under the brand name of Joint Stock Postal Pension Bank Aval until September 25, 2006). Since October 2005, the Bank has been part of the Raiffeisen International Bank H","og:image":"https://old.roi4cio.com/uploads/roi/company/Aval.jpg"},"eventUrl":""},"supplier":{"id":248,"title":"IT INTEGRATOR","logoURL":"https://old.roi4cio.com/uploads/roi/company/IT-Integrator_logo.png","alias":"it-integrator","address":"Киев, ул. Смоленская, 31-33, 3 корпус тел. (044) 538-00-69","roles":[],"description":"IT-Integrator - ukrainian system integrator, has a wide product range and high competencies in the field of IT. The company was founded December 5, 2000. By focusing its activities on advanced technologies, the company offers its customers a wide range of products and services designed to increase efficiency. The company promotes the formation of IT literacy for the development of the Ukrainian economy.<br />Advantages\r\n<ul><li>Years of experience in the Ukrainian market</li></ul>\r\n<ul><li>Full range of IT services - from the sale of equipment to the audit services, engineering, consulting and support</li></ul>\r\n<ul><li>More than 60 certified engineers</li></ul>\r\n<ul><li>Focusing on business customers' needs</li></ul>\r\n<ul><li>Cooperation with world manufacturers of hardware and software</li></ul>\r\n<ul><li>High quality equipment certified delivery, warranty, service support and maintenance</li></ul>\r\n<ul><li>An extensive branch network: the representation of all regions of Ukraine</li></ul>","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":211,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":10,"vendorImplementationsCount":0,"vendorPartnersCount":8,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://it-integrator.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"IT INTEGRATOR","keywords":"company, customers, focusing, services, wide, Ukrainian, range, segment","description":"IT-Integrator - ukrainian system integrator, has a wide product range and high competencies in the field of IT. The company was founded December 5, 2000. By focusing its activities on advanced technologies, the company offers its customers a wide range of prod","og:title":"IT INTEGRATOR","og:description":"IT-Integrator - ukrainian system integrator, has a wide product range and high competencies in the field of IT. The company was founded December 5, 2000. By focusing its activities on advanced technologies, the company offers its customers a wide range of prod","og:image":"https://old.roi4cio.com/uploads/roi/company/IT-Integrator_logo.png"},"eventUrl":""},"vendors":[{"id":2749,"title":"F5 Networks","logoURL":"https://old.roi4cio.com/uploads/roi/company/f5.png","alias":"f5-networks","address":"","roles":[],"description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, and other network resources. F5 is headquartered in Seattle, Washington, and has development, manufacturing, and sales/marketing offices worldwide. F5 originally manufactured and sold some of the industry's first load balancing products. In 2010 and 2011, F5 Networks was on Fortune's list of 100 Fastest-Growing Companies worldwide. The company was also rated one of the top ten best-performing stocks by S&P 500 in 2010.\r\n\r\nSource: https://en.wikipedia.org/wiki/F5_Networks","companyTypes":[],"products":{},"vendoredProductsCount":6,"suppliedProductsCount":6,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"http://www.f5.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"F5 Networks","keywords":"2010, worldwide, delivery, that, Networks, company, Fortune, list","description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:title":"F5 Networks","og:description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:image":"https://old.roi4cio.com/uploads/roi/company/f5.png"},"eventUrl":""}],"products":[{"id":201,"logo":false,"scheme":false,"title":"BIG-IP Local Traffic Manager","vendorVerified":0,"rating":"1.70","implementationsCount":2,"suppliersCount":0,"alias":"big-ip-local-traffic-manager","companyTypes":[],"description":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intelligent traffic management decisions, selecting the right destination based on server performance, security, and availability.\r\n\r\nYes, BIG-IP LTM enables sophisticated load balancing. But, that’s just the beginning.\r\nFull proxy means full power.\r\n\r\nIf you can see it, you can manipulate it.\r\n\r\nBecause BIG-IP LTM is a full proxy, you can inspect, manage, and report on application traffic entering and exiting your network. From basic load balancing to complex traffic management decisions based on client, server, or application status, BIG-IP LTM gives you granular control over app traffic.\r\n\r\nFor example, if you want to direct traffic based on the requested URL or log specific server responses to a reporting system, BIG-IP LTM has the architecture and the tools you need to do it.\r\n\r\nOperational efficiency? Check.\r\n\r\nBIG-IP LTM can optimize the speed and reliability of your applications via both network and application layers.\r\n\r\nUsing real-time protocol and traffic management decisions based on application and server conditions, extensive connection management, and TCP and content offloading, BIG-IP LTM dramatically improves page load times and the user experience.\r\n\r\nWhether it’s negotiating high-latency networks or offloading millions of connections, BIG-IP LTM can improve the performance of your infrastructure and your applications.\r\n\r\nThe SSL performance of BIG-IP LTM lets you cost-effectively protect the end-to-end user experience by encrypting everything from the client to the server. It also scales on-demand and absorbs potentially crippling DDoS attacks.\r\n\r\nOften SSL is turned on throughout the network. Thing is, most network security devices aren’t built to detect malicious traffic in layers 4–7. Separating the good and bad traffic is the first problem, taking action on the malicious traffic is the second.\r\n\r\nBIG-IP LTM includes levels of inspection necessary to block bad traffic and allow good traffic to pass through.\r\n\r\n","shortDescription":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":7,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"BIG-IP Local Traffic Manager","keywords":"traffic, BIG-IP, application, network, server, your, based, management","description":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intel","og:title":"BIG-IP Local Traffic Manager","og:description":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intel"},"eventUrl":"","translationId":202,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":217,"title":"Ukraine","name":"UKR"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":7,"title":"Improve Customer Service"},{"id":6,"title":"Ensure Security and Business Continuity"}]}},"categories":[{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"http://it-integrator.ua/project/resheniya-f5-usilili-rabotu-kriticheskih-servisov-rayffayzen-banka-aval","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":986,"title":"F5 Big-IP platform for Ukrainian bank","description":"<span style=\"font-style: italic; \">Description is not ready yet</span>","alias":"f5-big-ip-platform-for-ukrainian-bank","roi":0,"seo":{"title":"F5 Big-IP platform for Ukrainian bank","keywords":"","description":"<span style=\"font-style: italic; \">Description is not ready yet</span>","og:title":"F5 Big-IP platform for Ukrainian bank","og:description":"<span style=\"font-style: italic; \">Description is not ready yet</span>"},"deal_info":"","user":{"id":342,"title":"Alfa-Bank Ukraine","logoURL":"https://old.roi4cio.com/uploads/roi/company/alfabank.png","alias":"alfa-bank-ukraina","address":"","roles":[],"description":"Alfa-Bank Ukraine is a major Ukrainian commercial bank with international capital. The bank is owned by a private investment holding company ABH Holdings SA (ABHH) with investments in financial institutions in Ukraine, Belarus, Kazakhstan, the Netherlands and Russia, having representative offices in Cyprus and the United Kingdom. The bank was founded in 1992. Since 2001, it has been operating under the brand Alfa-Bank Ukraine. The bank is one of the most sustainable and reliable banks in Ukraine holding leading positions in all segments of the banking market. The bank is among the top 10 financial institutions in the country in terms of assets according to the data of the National Bank of Ukraine.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":5,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://alfabank.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Alfa-Bank Ukraine","keywords":"Alfa-Bank, with, holding, Ukraine, company, Holdings, headquarters, compa","description":"Alfa-Bank Ukraine is a major Ukrainian commercial bank with international capital. The bank is owned by a private investment holding company ABH Holdings SA (ABHH) with investments in financial institutions in Ukraine, Belarus, Kazakhstan, the Netherlands and ","og:title":"Alfa-Bank Ukraine","og:description":"Alfa-Bank Ukraine is a major Ukrainian commercial bank with international capital. The bank is owned by a private investment holding company ABH Holdings SA (ABHH) with investments in financial institutions in Ukraine, Belarus, Kazakhstan, the Netherlands and ","og:image":"https://old.roi4cio.com/uploads/roi/company/alfabank.png"},"eventUrl":""},"supplier":{"id":7517,"title":"TechnoServ Ukraine (TSU)","logoURL":"https://old.roi4cio.com/uploads/roi/company/TSU.png","alias":"tekhnoserv-ukraina-tsu","address":"4, Vaclav Havel blvd.,Kyiv, 03067 Kyiv, n/a 03164, UA","roles":[],"description":" “Technoserv Ukraine” is the Ukrainian system integrator company, started its business in Ukraine in 2006. “Technoserv Ukraine” currently offers the whole spectrum of complex solutions and services to the Ukrainian customers in the field of system integration, building corporate-class info-communication systems and telecommunication networks for communications service providers. \r\n“Technoserv Ukraine” incorporates and develops the informational and engineering systems based on in-house technological developments as well as solutions of the world market leaders of info-communication technologies. Totally more than 50 vendors, including CA, Cisco, IBM, Citrix, EMC, Hitachi Data Systems, HP, Microsoft, NetАpp, Oracle, SAF Tehnika, SAP, VMware are among “Technoserv Ukraine” long-term partners.<br />\r\nThe company has certified specialists in all areas of cooperation with partners, as well as "Service Partner" status of many vendors, thereby providing ongoing technical support of customers’ solutions, including 24x7x365 mode. “Technoserv Ukraine” has its own demonstration laboratory. Timely opportunity to test the performance of the proposed multi-vendor solutions and compatibility of all their components allows reduce the lifetime of the project, minimize customers’ costs and ensure the maximum reliability of implemented systems.<br />\r\nThe main achievement of the company is the number of large implemented projects since 2007.<br />\r\n“Technoserv Ukraine” customers are the largest enterprises of key industries: leading fixed and mobile operators, industry enterprises, financial organizations and banks, energy complex enterprises. Among the company's customers are: Vodafone Ukraine, lifecell, VOLIA, Raffaisen Bank Aval, SBERBANK, Alfa-Bank, Ukrenergo, insurance company "Oranta" and others.<br /><br />“Technoserv Ukraine” company has acquired a reputation of a reliable and competent business partner among its customers, thanks to a team of professionals, flexible project management system, well-functioning system of quality management and innovative approaches. The additional confirmation of "Technoserv Ukraine" comprehensive management system is the Certificate of ISO 9001: 2015 (DSTU ISO 9001: 2015).","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":8,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://tsu.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"TechnoServ Ukraine (TSU)","keywords":"","description":" “Technoserv Ukraine” is the Ukrainian system integrator company, started its business in Ukraine in 2006. “Technoserv Ukraine” currently offers the whole spectrum of complex solutions and services to the Ukrainian customers in the field of system integration,","og:title":"TechnoServ Ukraine (TSU)","og:description":" “Technoserv Ukraine” is the Ukrainian system integrator company, started its business in Ukraine in 2006. “Technoserv Ukraine” currently offers the whole spectrum of complex solutions and services to the Ukrainian customers in the field of system integration,","og:image":"https://old.roi4cio.com/uploads/roi/company/TSU.png"},"eventUrl":""},"vendors":[{"id":2749,"title":"F5 Networks","logoURL":"https://old.roi4cio.com/uploads/roi/company/f5.png","alias":"f5-networks","address":"","roles":[],"description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, and other network resources. F5 is headquartered in Seattle, Washington, and has development, manufacturing, and sales/marketing offices worldwide. F5 originally manufactured and sold some of the industry's first load balancing products. In 2010 and 2011, F5 Networks was on Fortune's list of 100 Fastest-Growing Companies worldwide. The company was also rated one of the top ten best-performing stocks by S&P 500 in 2010.\r\n\r\nSource: https://en.wikipedia.org/wiki/F5_Networks","companyTypes":[],"products":{},"vendoredProductsCount":6,"suppliedProductsCount":6,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{},"companyUrl":"http://www.f5.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"F5 Networks","keywords":"2010, worldwide, delivery, that, Networks, company, Fortune, list","description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:title":"F5 Networks","og:description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:image":"https://old.roi4cio.com/uploads/roi/company/f5.png"},"eventUrl":""}],"products":[{"id":2236,"logo":false,"scheme":false,"title":"F5 Big-IP Advanced Firewall Manager","vendorVerified":0,"rating":"1.70","implementationsCount":1,"suppliersCount":0,"alias":"f5-big-ip-advanced-firewall-manager","companyTypes":[],"description":"<p>F5 BIG-IP Advanced Firewall Manager (AFM) is a high-performance, stateful, full-proxy network security solution designed to guard data centers against incoming threats that enter the network on the most widely deployed protocols. Built on F5’s industry-leading Application Delivery Controller (ADC), BIG-IP AFM gives enterprises and service providers the scalability, flexibility, performance, and control needed to mitigate the most aggressive, volumetric distributed denial-of-service (DDoS) attacks before they reach the data center.</p>\r\n<p>BIG-IP AFM’s unique application-centric design enables greater effectiveness in guarding against targeted network-level attacks. It tracks the state of network sessions, maintains deep application awareness, and uniquely mitigates attacks based on more granular details than traditional firewalls. With BIG-IP AFM, organizations receive protection from over 100 attack signatures—more hardware-based signatures than any other leading firewall vendor—and unsurpassed programmability, interoperability, and visibility into threat conditions.</p>\r\n<p><span style=\"font-weight: bold;\">Key benefits</span></p>\r\n<p><span style=\"font-weight: bold;\">Scale to meet network demand</span></p>\r\n<p>Meet demands for higher bandwidth usage and concurrency rates with F5’s proven TMOS architecture, hardware systems, and virtual editions to ensure performance while under attack.</p>\r\n<p><span style=\"font-weight: bold;\">Ensure application availability</span></p>\r\n<p>Secure networks from DDoS threats across a variety of protocols, with in-depth rules customization and increased performance and scalability.</p>\r\n<p><span style=\"font-weight: bold;\">Protect with app-centric, full-proxy firewall capabilities</span></p>\r\n<p>Inspect all incoming client connections and server-to-client responses, and mitigate threats based on security and application parameters before forwarding them on to the server.</p>\r\n<p><span style=\"font-weight: bold;\">Inspect SSL sessions</span></p>\r\n<p>Fully terminate and decrypt SSL traffic to identify potentially hidden attacks—at high rates and with high throughput.</p>\r\n<p><span style=\"font-weight: bold;\">Streamline firewall deployment</span></p>\r\n<p>Simplify security configuration with firewall policies oriented around applications and an efficient rules and policy GUI.</p>\r\n<p><span style=\"font-weight: bold;\">Customize reporting for visibility</span></p>\r\n<p>Easily understand your security status with rich customizable reports, logging, and charts that provide insight to all event types and enable effective forensic analysis.</p>","shortDescription":"F5 BIG-IP AFM is a high-performance, stateful, full-proxy network security solution designed to guard data centers against incoming threats that enter the network on the most widely deployed protocols","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":2,"sellingCount":3,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"F5 Big-IP Advanced Firewall Manager","keywords":"","description":"<p>F5 BIG-IP Advanced Firewall Manager (AFM) is a high-performance, stateful, full-proxy network security solution designed to guard data centers against incoming threats that enter the network on the most widely deployed protocols. Built on F5’s industr","og:title":"F5 Big-IP Advanced Firewall Manager","og:description":"<p>F5 BIG-IP Advanced Firewall Manager (AFM) is a high-performance, stateful, full-proxy network security solution designed to guard data centers against incoming threats that enter the network on the most widely deployed protocols. Built on F5’s industr"},"eventUrl":"","translationId":2237,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":4716,"logo":false,"scheme":false,"title":"F5 Big-IP Application Delivery Services","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"alias":"f5-big-ip-application-delivery-services","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Explore BIG-IP application services</span>\r\nKeep your apps up and running with BIG-IP application delivery controllers. BIG-IP Local Traffic Manager (LTM) and BIG-IP DNS handle your application traffic and secure your infrastructure. You’ll get built-in security, traffic management, and performance application services, whether your applications live in a private data center or in the cloud.\r\n<span style=\"font-weight: bold;\">Service Provider</span>\r\nBIG-IP Diameter Traffic Management, BIG-IP Policy Enforcement Manager (PEM), and BIG-IP Carrier-Grade NAT (CGNAT) manage network resources to keep your applications performing at carrier-grade levels. They also help you identify ways to optimize and monetize your network, improving your bottom line.\r\n<span style=\"font-weight: bold;\">Platforms</span>\r\nGet the right platform for your business, whether you deploy your applications on-premises, in the cloud, or both. Hardware appliances include the new BIG-IP iSeries or our high-performing VIPRION chassis and blades. Software options are available through BIG-IP virtual edition or BIG-IP Cloud Edition.","shortDescription":"BIG-IP Application Delivery Services - advanced technology for an app-centric world.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":11,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"F5 Big-IP Application Delivery Services","keywords":"","description":"<span style=\"font-weight: bold;\">Explore BIG-IP application services</span>\r\nKeep your apps up and running with BIG-IP application delivery controllers. BIG-IP Local Traffic Manager (LTM) and BIG-IP DNS handle your application traffic and secure your infrastru","og:title":"F5 Big-IP Application Delivery Services","og:description":"<span style=\"font-weight: bold;\">Explore BIG-IP application services</span>\r\nKeep your apps up and running with BIG-IP application delivery controllers. BIG-IP Local Traffic Manager (LTM) and BIG-IP DNS handle your application traffic and secure your infrastru"},"eventUrl":"","translationId":4717,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"},{"id":178,"title":"IoT - Internet of Things","alias":"iot-internet-of-things","description":"The Internet of things (IoT) is the extension of Internet connectivity into physical devices and everyday objects. Embedded with electronics, Internet connectivity, and other forms of hardware (such as sensors), these devices can communicate and interact with others over the Internet, and they can be remotely monitored and controlled.\r\nThe definition of the Internet of things has evolved due to the convergence of multiple technologies, real-time analytics, machine learning, commodity sensors, and embedded systems. Traditional fields of embedded systems, wireless sensor networks, control systems, automation (including home and building automation). and others all contribute to enabling the Internet of things. In the consumer market, IoT technology is most synonymous with products pertaining to the concept of the "smart home", covering devices and appliances (such as lighting fixtures, thermostats, home security systems and cameras, and other home appliances) that support one or more common ecosystems, and can be controlled via devices associated with that ecosystem, such as smartphones and smart speakers.\r\nThe IoT concept has faced prominent criticism, especially in regards to privacy and security concerns related to these devices and their intention of pervasive presence.","materialsDescription":"<span style=\"font-weight: bold;\">What is the Internet of Things (IoT)?</span>\r\nThe Internet of things refers to the network of things (physical objects) that can be connected to the Internet to collect and share data without human-to-human or human-to-computer interaction.\r\n<span style=\"font-weight: bold;\">Why is it called the Internet of Things?</span>\r\nThe term Internet of things was coined by Kevin Ashton in 1999. Stemming from Kevin Ashton’s experience with RFID, the term Internet of things originally described the concept of tagging every object in a person’s life with machine-readable codes. This would allow computers to easily manage and inventory all of these things.\r\nThe term IoT today has evolved to a much broader prospect. It now encompasses ubiquitous connectivity, devices, sensors, analytics, machine learning, and many other technologies.\r\n<span style=\"font-weight: bold;\">What is an IoT solution?</span>\r\nAn IoT solution is a combination of devices or other data sources, outfitted with sensors and Internet connected hardware to securely report information back to an IoT platform. This information is often a physical metric which can help users answer a question or solve a specific problem.\r\n<span style=\"font-weight: bold;\">What is an IoT Proof of Concept (PoC)?</span>\r\nThe purpose of a PoC is to experiment with a solution in your environment, collect data, and evaluate performance from a set timeline on a set budget. A PoC is a low-risk way to introduce IoT to an organization.\r\n<span style=\"font-weight: bold;\">What is an IoT cloud platform?</span>\r\nAn IoT platform provides users with one or more of these key elements — visualization tools, data security features, a workflow engine and a custom user interface to utilize the information collected from devices and other data sources in the field. These platforms are based in the cloud and can be accessed from anywhere.\r\n<span style=\"font-weight: bold;\">What is industrial equipment monitoring?</span>\r\nIndustrial equipment monitoring uses a network of connected sensors - either native to a piece of equipment or retrofitted - to inform owners/operators of a machine’s output, component conditions, need for service or impending failure. Industrial equipment monitoring is an IoT solution which can utilize an IoT platform to unify disparate data and enable decision-makers to respond to real-time data.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/IoT_-_Internet_of_Things.png"},{"id":56,"title":"Router","alias":"router","description":"A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet. Data sent through the internet, such as a web page or email, is in the form of data packets. A packet is typically forwarded from one router to another router through the networks that constitute an internetwork (e.g. the Internet) until it reaches its destination node.\r\nA router is connected to two or more data lines from different IP networks. When a data packet comes in on one of the lines, the router reads the network address information in the packet header to determine the ultimate destination. Then, using information in its routing table or routing policy, it directs the packet to the next network on its journey.\r\nThe most familiar type of IP routers are home and small office routers that simply forward IP packets between the home computers and the Internet. An example of a router would be the owner's cable or DSL router, which connects to the Internet through an Internet service provider (ISP). More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone.\r\nThe main purpose of a router is to connect multiple networks and forward packets destined either for its own networks or other networks. A router is considered a layer-3 device because its primary forwarding decision is based on the information in the layer-3 IP packet, specifically the destination IP address. When a router receives a packet, it searches its routing table to find the best match between the destination IP address of the packet and one of the addresses in the routing table. Once a match is found, the packet is encapsulated in the layer-2 data link frame for the outgoing interface indicated in the table entry. A router typically does not look into the packet payload,[citation needed] but only at the layer-3 addresses to make a forwarding decision, plus optionally other information in the header for hints on, for example, quality of service (QoS). For pure IP forwarding, a router is designed to minimize the state information associated with individual packets. Once a packet is forwarded, the router does not retain any historical information about the packet.\r\nThe routing table itself can contain information derived from a variety of sources, such as a default or static routes that are configured manually, or dynamic routing protocols where the router learns routes from other routers. A default route is one that is used to route all traffic whose destination does not otherwise appear in the routing table; this is common – even necessary – in small networks, such as a home or small business where the default route simply sends all non-local traffic to the Internet service provider. The default route can be manually configured (as a static route), or learned by dynamic routing protocols, or be obtained by DHCP.\r\nA router can run more than one routing protocol at a time, particularly if it serves as an autonomous system border router between parts of a network that run different routing protocols; if it does so, then redistribution may be used (usually selectively) to share information between the different protocols running on the same router.\r\nBesides making a decision as to which interface a packet is forwarded to, which is handled primarily via the routing table, a router also has to manage congestion when packets arrive at a rate higher than the router can process. Three policies commonly used in the Internet are tail drop, random early detection (RED), and weighted random early detection (WRED). Tail drop is the simplest and most easily implemented; the router simply drops new incoming packets once the length of the queue exceeds the size of the buffers in the router. RED probabilistically drops datagrams early when the queue exceeds a pre-configured portion of the buffer, until a pre-determined max, when it becomes tail drop. WRED requires a weight on the average queue size to act upon when the traffic is about to exceed the pre-configured size, so that short bursts will not trigger random drops.\r\nAnother function a router performs is to decide which packet should be processed first when multiple queues exist. This is managed through QoS, which is critical when Voice over IP is deployed, so as not to introduce excessive latency.\r\nYet another function a router performs is called policy-based routing where special rules are constructed to override the rules derived from the routing table when a packet forwarding decision is made.\r\nRouter functions may be performed through the same internal paths that the packets travel inside the router. Some of the functions may be performed through an application-specific integrated circuit (ASIC) to avoid overhead of scheduling CPU time to process the packets. Others may have to be performed through the CPU as these packets need special attention that cannot be handled by an ASIC.","materialsDescription":" <span style=\"font-weight: bold;\">What Is a Router?</span>\r\nRouters are the nodes that make up a computer network like the internet. The router you use at home is the central node of your home network.\r\nIt functions as an information manager between the internet and all devices that go online (i.e. all devices connected to the router). Generally speaking, routers direct incoming traffic to its destination.\r\nThis also makes your router the first line of security in protecting your home network from malicious online attacks.\r\n<span style=\"font-weight: bold;\">What Does a Router Do?</span>\r\nYour router handles network traffic. For example, to view this article, data packages coding for this website have to transit from our server, through various nodes on the internet, and finally through your router to arrive on your phone or computer. On your device, your browser decodes those data packages to display the article you’re currently reading.\r\nSince a typical household has more than one device that connects to the internet, you need a router to manage the incoming network signals. In other words, your router makes sure that the data packages coding for a website you want to view on your computer aren’t sent to your phone. It does that by using your device’s MAC address.\r\nWhile your router has a unique (external) IP address to receive data packages from servers worldwide, every device on your home network also carries a unique MAC address. Simply put, when you try to access information online, your router maintains a table to keep track of which device requested information from where. Based on this table, your router distributes incoming data packages to the correct recipient.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between Modems and Routers?</span>\r\nA modem turns the proprietary network signal of your ISP (internet service provider) into a standard network signal. In theory, you can choose between multiple ISPs and some of them may use the same delivery route. Your modem knows which signals to read and translate.\r\nThe kind of modem your ISP will provide you with depends on how you’re connecting to the internet. For example, a DSL modem requires a different technology than a cable or fiber optic broadband modem. That’s because one uses the copper wiring of your telephone line, while the others use a coaxial or a fiber optic cable, respectively.\r\nThe DSL modem has to filter and read both the low frequencies that phone and voice data produce, as well as the high frequencies of internet data. Cable modems, on the other hand, have to differentiate between television and internet signals, which are transmitted on different channels, rather than different frequencies. Finally, fiber optic uses pulses of light to transmit information. The modem has to decode these signals into standard data packages.\r\nOnce the modem has turned the ISP’s network signal into data packages, the router can distribute them to the target device.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Router1.png"},{"id":540,"title":"Security Hardware","alias":"security-hardware","description":"Hardware security as a discipline originated out of cryptographic engineering and involves hardware design, access control, secure multi-party computation, secure key storage, ensuring code authenticity and measures to ensure that the supply chain that built the product is secure, among other things.\r\nA hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.\r\nSome providers in this discipline consider that the key difference between hardware security and software security is that hardware security is implemented using "non-Turing-machine" logic (raw combinatorial logic or simple state machines). One approach, referred to as "hardsec", uses FPGAs to implement non-Turing-machine security controls as a way of combining the security of hardware with the flexibility of software.\r\nHardware backdoors are backdoors in hardware. Conceptionally related, a hardware Trojan (HT) is a malicious modification of an electronic system, particularly in the context of an integrated circuit.\r\nA physical unclonable function (PUF) is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Further, an individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect, it is the hardware analog of a one-way function. The name "physically unclonable function" might be a little misleading as some PUFs are clonable, and most PUFs are noisy and therefore do not achieve the requirements for a function. Today, PUFs are usually implemented in integrated circuits and are typically used in applications with high-security requirements.\r\nMany attacks on sensitive data and resources reported by organizations occur from within the organization itself.","materialsDescription":"<span style=\"font-weight: bold;\">What is hardware information security?</span>\r\nHardware means various types of devices (mechanical, electromechanical, electronic, etc.), which solve information protection problems with hardware. They impede access to information, including through its disguise. The hardware includes: noise generators, surge protectors, scanning radios and many other devices that "block" potential channels of information leakage or allow them to be detected. The advantages of technical means are related to their reliability, independence from subjective factors and high resistance to modification. The weaknesses include a lack of flexibility, relatively large volume and mass and high cost. The hardware for information protection includes the most diverse technical structures in terms of operation, device and capabilities, which ensure the suppression of disclosure, protection against leakage and counteraction to unauthorized access to sources of confidential information.\r\n<span style=\"font-weight: bold;\">Where is the hardware used to protect information?</span>\r\nHardware information protection is used to solve the following problems:\r\n<ul><li>conducting special studies of technical means of ensuring production activity for the presence of possible channels of information leakage;</li><li>identification of information leakage channels at various objects and in premises;</li><li>localization of information leakage channels;</li><li>search and detection of industrial espionage tools;</li><li>countering unauthorized access to confidential information sources and other actions.</li></ul>\r\n<span style=\"font-weight: bold;\">What is the classification of information security hardware?</span>\r\nAccording to the functional purpose, the hardware can be classified into detection tools, search tools and detailed measurements and active and passive countermeasures. At the same time, according to their technical capabilities, information protection tools can be general-purpose, designed for use by non-professionals in order to obtain preliminary (general) estimates, and professional complexes that allow for a thorough search, detection and precision measurement of all the characteristics of industrial espionage equipment. As an example of the former, we can consider a group of IP electromagnetic radiation indicators, which have a wide range of received signals and rather low sensitivity. As a second example - a complex for the detection and direction finding of radio bookmarks, designed to automatically detect and locate radio transmitters, radio microphones, telephone bookmarks and network radio transmitters.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Hardware.png"},{"id":471,"title":"Hardware","alias":"hardware","description":" Computer hardware includes the physical, tangible parts or components of a computer, such as the cabinet, central processing unit, monitor, keyboard, computer data storage, graphics card, sound card, speakers and motherboard. By contrast, software is instructions that can be stored and run by hardware. Hardware is so-termed because it is "hard" or rigid with respect to changes or modifications; whereas software is "soft" because it is easy to update or change. Intermediate between software and hardware is "firmware", which is software that is strongly coupled to the particular hardware of a computer system and thus the most difficult to change but also among the most stable with respect to consistency of interface. The progression from levels of "hardness" to "softness" in computer systems parallels a progression of layers of abstraction in computing.\r\nHardware is typically directed by the software to execute any command or instruction. A combination of hardware and software forms a usable computing system, although other systems exist with only hardware components.\r\nThe template for all modern computers is the Von Neumann architecture, detailed in a 1945 paper by Hungarian mathematician John von Neumann. This describes a design architecture for an electronic digital computer with subdivisions of a processing unit consisting of an arithmetic logic unit and processor registers, a control unit containing an instruction register and program counter, a memory to store both data and instructions, external mass storage, and input and output mechanisms. The meaning of the term has evolved to mean a stored-program computer in which an instruction fetch and a data operation cannot occur at the same time because they share a common bus. This is referred to as the Von Neumann bottleneck and often limits the performance of the system.","materialsDescription":" <span style=\"font-weight: bold; \">What does Hardware (H/W) mean?</span>\r\nHardware (H/W), in the context of technology, refers to the physical elements that make up a computer or electronic system and everything else involved that is physically tangible. This includes the monitor, hard drive, memory and CPU. Hardware works hand-in-hand with firmware and software to make a computer function.\r\n<span style=\"font-weight: bold; \">What are the types of computer systems?</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Personal computer</span></span>\r\nThe personal computer, also known as the PC, is one of the most common types of computer due to its versatility and relatively low price. Laptops are generally very similar, although they may use lower-power or reduced size components, thus lower performance.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Case</span></span>\r\nThe computer case encloses and holds most of the components of the system. It provides mechanical support and protection for internal elements such as the motherboard, disk drives, and power supplies, and controls and directs the flow of cooling air over internal components. The case is also part of the system to control electromagnetic interference radiated by the computer, and protects internal parts from electrostatic discharge. Large tower cases provide extra internal space for multiple disk drives or other peripherals and usually stand on the floor, while desktop cases provide less expansion room. All-in-one style designs include a video display built into the same case. Portable and laptop computers require cases that provide impact protection for the unit. A current development in laptop computers is a detachable keyboard, which allows the system to be configured as a touch-screen tablet. Hobbyists may decorate the cases with colored lights, paint, or other features, in an activity called case modding.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Power supply</span></span>\r\nA power supply unit (PSU) converts alternating current (AC) electric power to low-voltage direct current (DC) power for the internal components of the computer. Laptops are capable of running from a built-in battery, normally for a period of hours. The PSU typically uses a switched-mode power supply (SMPS), with power MOSFETs (power metal–oxide–semiconductor field-effect transistors) used in the converters and regulator circuits of the SMPS.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Motherboard</span></span>\r\nThe motherboard is the main component of a computer. It is a board with integrated circuitry that connects the other parts of the computer including the CPU, the RAM, the disk drives (CD, DVD, hard disk, or any others) as well as any peripherals connected via the ports or the expansion slots. The integrated circuit (IC) chips in a computer typically contain billions of tiny metal–oxide–semiconductor field-effect transistors (MOSFETs).\r\nComponents directly attached to or to part of the motherboard include:\r\n<ul><li><span style=\"font-weight: bold; \">The CPU (central processing unit)</span>, which performs most of the calculations which enable a computer to function, and is referred to as the brain of the computer which get a hold of program instruction from random-access memory (RAM), interprets and processes it and then send it backs to computer result so that the relevant components can carry out the instructions. The CPU is a microprocessor, which is fabricated on a metal–oxide–semiconductor (MOS) integrated circuit (IC) chip. It is usually cooled by a heat sink and fan, or water-cooling system. Most newer CPU include an on-die graphics processing unit (GPU). The clock speed of CPU governs how fast it executes instructions, and is measured in GHz; typical values lie between 1 GHz and 5 GHz. Many modern computers have the option to overclock the CPU which enhances performance at the expense of greater thermal output and thus a need for improved cooling.</li><li><span style=\"font-weight: bold; \">The chipset</span>, which includes the north bridge, mediates communication between the CPU and the other components of the system, including main memory; as well as south bridge, which is connected to the north bridge, and supports auxiliary interfaces and buses; and, finally, a Super I/O chip, connected through the south bridge, which supports the slowest and most legacy components like serial ports, hardware monitoring and fan control.</li><li><span style=\"font-weight: bold; \">Random-access memory (RAM)</span>, which stores the code and data that are being actively accessed by the CPU. For example, when a web browser is opened on the computer it takes up memory; this is stored in the RAM until the web browser is closed. It is typically a type of dynamic RAM (DRAM), such as synchronous DRAM (SDRAM), where MOS memory chips store data on memory cells consisting of MOSFETs and MOS capacitors. RAM usually comes on dual in-line memory modules (DIMMs) in the sizes of 2GB, 4GB, and 8GB, but can be much larger.</li><li><span style=\"font-weight: bold; \">Read-only memory (ROM)</span>, which stores the BIOS that runs when the computer is powered on or otherwise begins execution, a process known as Bootstrapping, or "booting" or "booting up". The ROM is typically a nonvolatile BIOS memory chip, which stores data on floating-gate MOSFET memory cells.</li><li><span style=\"font-weight: bold; \">The BIOS (Basic Input Output System)</span> includes boot firmware and power management firmware. Newer motherboards use Unified Extensible Firmware Interface (UEFI) instead of BIOS.</li><li><span style=\"font-weight: bold; \">Buses</span> that connect the CPU to various internal components and to expand cards for graphics and sound.</li><li><span style=\"font-weight: bold; \">The CMOS</span> (complementary MOS) battery, which powers the CMOS memory for date and time in the BIOS chip. This battery is generally a watch battery.</li><li><span style=\"font-weight: bold; \">The video card</span> (also known as the graphics card), which processes computer graphics. More powerful graphics cards are better suited to handle strenuous tasks, such as playing intensive video games or running computer graphics software. A video card contains a graphics processing unit (GPU) and video memory (typically a type of SDRAM), both fabricated on MOS integrated circuit (MOS IC) chips.</li><li><span style=\"font-weight: bold; \">Power MOSFETs</span> make up the voltage regulator module (VRM), which controls how much voltage other hardware components receive.</li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Expansion cards</span></span>\r\nAn expansion card in computing is a printed circuit board that can be inserted into an expansion slot of a computer motherboard or backplane to add functionality to a computer system via the expansion bus. Expansion cards can be used to obtain or expand on features not offered by the motherboard.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Storage devices</span></span>\r\nA storage device is any computing hardware and digital media that is used for storing, porting and extracting data files and objects. It can hold and store information both temporarily and permanently, and can be internal or external to a computer, server or any similar computing device. Data storage is a core function and fundamental component of computers.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Fixed media</span></span>\r\nData is stored by a computer using a variety of media. Hard disk drives (HDDs) are found in virtually all older computers, due to their high capacity and low cost, but solid-state drives (SSDs) are faster and more power efficient, although currently more expensive than hard drives in terms of dollar per gigabyte, so are often found in personal computers built post-2007. SSDs use flash memory, which stores data on MOS memory chips consisting of floating-gate MOSFET memory cells. Some systems may use a disk array controller for greater performance or reliability.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Removable media</span></span>\r\nTo transfer data between computers, an external flash memory device (such as a memory card or USB flash drive) or optical disc (such as a CD-ROM, DVD-ROM or BD-ROM) may be used. Their usefulness depends on being readable by other systems; the majority of machines have an optical disk drive (ODD), and virtually all have at least one Universal Serial Bus (USB) port.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input and output peripherals</span></span>\r\nInput and output devices are typically housed externally to the main computer chassis. The following are either standard or very common to many computer systems.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input</span></span>\r\nInput devices allow the user to enter information into the system, or control its operation. Most personal computers have a mouse and keyboard, but laptop systems typically use a touchpad instead of a mouse. Other input devices include webcams, microphones, joysticks, and image scanners.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Output device</span></span>\r\nOutput devices display information in a human readable form. Such devices could include printers, speakers, monitors or a Braille embosser.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Mainframe computer</span></span>\r\nA mainframe computer is a much larger computer that typically fills a room and may cost many hundreds or thousands of times as much as a personal computer. They are designed to perform large numbers of calculations for governments and large enterprises.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Departmental computing</span></span>\r\nIn the 1960s and 1970s, more and more departments started to use cheaper and dedicated systems for specific purposes like process control and laboratory automation.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supercomputer</span></span>\r\nA supercomputer is superficially similar to a mainframe, but is instead intended for extremely demanding computational tasks. As of June 2018, the fastest supercomputer on the TOP500supercomputer list is the Summit, in the United States, with a LINPACK benchmarkscore of 122.3 PFLOPS Light, by around 29 PFLOPS.\r\nThe term supercomputer does not refer to a specific technology. Rather it indicates the fastest computations available at any given time. In mid 2011, the fastest supercomputers boasted speeds exceeding one petaflop, or 1 quadrillion (10^15 or 1,000 trillion) floating point operations per second. Supercomputers are fast but extremely costly, so they are generally used by large organizations to execute computationally demanding tasks involving large data sets. Supercomputers typically run military and scientific applications. Although costly, they are also being used for commercial applications where huge amounts of data must be analyzed. For example, large banks employ supercomputers to calculate the risks and returns of various investment strategies, and healthcare organizations use them to analyze giant databases of patient data to determine optimal treatments for various diseases and problems incurring to the country. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Hardware.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":217,"title":"Ukraine","name":"UKR"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":7,"title":"Improve Customer Service"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":10,"title":"Ensure Compliance"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":180,"title":"Inability to forecast execution timelines"},{"id":340,"title":"Low quality of customer service"},{"id":370,"title":"No automated business processes"},{"id":387,"title":"Non-compliant with IT security requirements"},{"id":397,"title":"Insufficient risk management"}]}},"categories":[{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"},{"id":178,"title":"IoT - Internet of Things","alias":"iot-internet-of-things","description":"The Internet of things (IoT) is the extension of Internet connectivity into physical devices and everyday objects. Embedded with electronics, Internet connectivity, and other forms of hardware (such as sensors), these devices can communicate and interact with others over the Internet, and they can be remotely monitored and controlled.\r\nThe definition of the Internet of things has evolved due to the convergence of multiple technologies, real-time analytics, machine learning, commodity sensors, and embedded systems. Traditional fields of embedded systems, wireless sensor networks, control systems, automation (including home and building automation). and others all contribute to enabling the Internet of things. In the consumer market, IoT technology is most synonymous with products pertaining to the concept of the "smart home", covering devices and appliances (such as lighting fixtures, thermostats, home security systems and cameras, and other home appliances) that support one or more common ecosystems, and can be controlled via devices associated with that ecosystem, such as smartphones and smart speakers.\r\nThe IoT concept has faced prominent criticism, especially in regards to privacy and security concerns related to these devices and their intention of pervasive presence.","materialsDescription":"<span style=\"font-weight: bold;\">What is the Internet of Things (IoT)?</span>\r\nThe Internet of things refers to the network of things (physical objects) that can be connected to the Internet to collect and share data without human-to-human or human-to-computer interaction.\r\n<span style=\"font-weight: bold;\">Why is it called the Internet of Things?</span>\r\nThe term Internet of things was coined by Kevin Ashton in 1999. Stemming from Kevin Ashton’s experience with RFID, the term Internet of things originally described the concept of tagging every object in a person’s life with machine-readable codes. This would allow computers to easily manage and inventory all of these things.\r\nThe term IoT today has evolved to a much broader prospect. It now encompasses ubiquitous connectivity, devices, sensors, analytics, machine learning, and many other technologies.\r\n<span style=\"font-weight: bold;\">What is an IoT solution?</span>\r\nAn IoT solution is a combination of devices or other data sources, outfitted with sensors and Internet connected hardware to securely report information back to an IoT platform. This information is often a physical metric which can help users answer a question or solve a specific problem.\r\n<span style=\"font-weight: bold;\">What is an IoT Proof of Concept (PoC)?</span>\r\nThe purpose of a PoC is to experiment with a solution in your environment, collect data, and evaluate performance from a set timeline on a set budget. A PoC is a low-risk way to introduce IoT to an organization.\r\n<span style=\"font-weight: bold;\">What is an IoT cloud platform?</span>\r\nAn IoT platform provides users with one or more of these key elements — visualization tools, data security features, a workflow engine and a custom user interface to utilize the information collected from devices and other data sources in the field. These platforms are based in the cloud and can be accessed from anywhere.\r\n<span style=\"font-weight: bold;\">What is industrial equipment monitoring?</span>\r\nIndustrial equipment monitoring uses a network of connected sensors - either native to a piece of equipment or retrofitted - to inform owners/operators of a machine’s output, component conditions, need for service or impending failure. Industrial equipment monitoring is an IoT solution which can utilize an IoT platform to unify disparate data and enable decision-makers to respond to real-time data.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/IoT_-_Internet_of_Things.png"},{"id":56,"title":"Router","alias":"router","description":"A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet. Data sent through the internet, such as a web page or email, is in the form of data packets. A packet is typically forwarded from one router to another router through the networks that constitute an internetwork (e.g. the Internet) until it reaches its destination node.\r\nA router is connected to two or more data lines from different IP networks. When a data packet comes in on one of the lines, the router reads the network address information in the packet header to determine the ultimate destination. Then, using information in its routing table or routing policy, it directs the packet to the next network on its journey.\r\nThe most familiar type of IP routers are home and small office routers that simply forward IP packets between the home computers and the Internet. An example of a router would be the owner's cable or DSL router, which connects to the Internet through an Internet service provider (ISP). More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone.\r\nThe main purpose of a router is to connect multiple networks and forward packets destined either for its own networks or other networks. A router is considered a layer-3 device because its primary forwarding decision is based on the information in the layer-3 IP packet, specifically the destination IP address. When a router receives a packet, it searches its routing table to find the best match between the destination IP address of the packet and one of the addresses in the routing table. Once a match is found, the packet is encapsulated in the layer-2 data link frame for the outgoing interface indicated in the table entry. A router typically does not look into the packet payload,[citation needed] but only at the layer-3 addresses to make a forwarding decision, plus optionally other information in the header for hints on, for example, quality of service (QoS). For pure IP forwarding, a router is designed to minimize the state information associated with individual packets. Once a packet is forwarded, the router does not retain any historical information about the packet.\r\nThe routing table itself can contain information derived from a variety of sources, such as a default or static routes that are configured manually, or dynamic routing protocols where the router learns routes from other routers. A default route is one that is used to route all traffic whose destination does not otherwise appear in the routing table; this is common – even necessary – in small networks, such as a home or small business where the default route simply sends all non-local traffic to the Internet service provider. The default route can be manually configured (as a static route), or learned by dynamic routing protocols, or be obtained by DHCP.\r\nA router can run more than one routing protocol at a time, particularly if it serves as an autonomous system border router between parts of a network that run different routing protocols; if it does so, then redistribution may be used (usually selectively) to share information between the different protocols running on the same router.\r\nBesides making a decision as to which interface a packet is forwarded to, which is handled primarily via the routing table, a router also has to manage congestion when packets arrive at a rate higher than the router can process. Three policies commonly used in the Internet are tail drop, random early detection (RED), and weighted random early detection (WRED). Tail drop is the simplest and most easily implemented; the router simply drops new incoming packets once the length of the queue exceeds the size of the buffers in the router. RED probabilistically drops datagrams early when the queue exceeds a pre-configured portion of the buffer, until a pre-determined max, when it becomes tail drop. WRED requires a weight on the average queue size to act upon when the traffic is about to exceed the pre-configured size, so that short bursts will not trigger random drops.\r\nAnother function a router performs is to decide which packet should be processed first when multiple queues exist. This is managed through QoS, which is critical when Voice over IP is deployed, so as not to introduce excessive latency.\r\nYet another function a router performs is called policy-based routing where special rules are constructed to override the rules derived from the routing table when a packet forwarding decision is made.\r\nRouter functions may be performed through the same internal paths that the packets travel inside the router. Some of the functions may be performed through an application-specific integrated circuit (ASIC) to avoid overhead of scheduling CPU time to process the packets. Others may have to be performed through the CPU as these packets need special attention that cannot be handled by an ASIC.","materialsDescription":" <span style=\"font-weight: bold;\">What Is a Router?</span>\r\nRouters are the nodes that make up a computer network like the internet. The router you use at home is the central node of your home network.\r\nIt functions as an information manager between the internet and all devices that go online (i.e. all devices connected to the router). Generally speaking, routers direct incoming traffic to its destination.\r\nThis also makes your router the first line of security in protecting your home network from malicious online attacks.\r\n<span style=\"font-weight: bold;\">What Does a Router Do?</span>\r\nYour router handles network traffic. For example, to view this article, data packages coding for this website have to transit from our server, through various nodes on the internet, and finally through your router to arrive on your phone or computer. On your device, your browser decodes those data packages to display the article you’re currently reading.\r\nSince a typical household has more than one device that connects to the internet, you need a router to manage the incoming network signals. In other words, your router makes sure that the data packages coding for a website you want to view on your computer aren’t sent to your phone. It does that by using your device’s MAC address.\r\nWhile your router has a unique (external) IP address to receive data packages from servers worldwide, every device on your home network also carries a unique MAC address. Simply put, when you try to access information online, your router maintains a table to keep track of which device requested information from where. Based on this table, your router distributes incoming data packages to the correct recipient.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between Modems and Routers?</span>\r\nA modem turns the proprietary network signal of your ISP (internet service provider) into a standard network signal. In theory, you can choose between multiple ISPs and some of them may use the same delivery route. Your modem knows which signals to read and translate.\r\nThe kind of modem your ISP will provide you with depends on how you’re connecting to the internet. For example, a DSL modem requires a different technology than a cable or fiber optic broadband modem. That’s because one uses the copper wiring of your telephone line, while the others use a coaxial or a fiber optic cable, respectively.\r\nThe DSL modem has to filter and read both the low frequencies that phone and voice data produce, as well as the high frequencies of internet data. Cable modems, on the other hand, have to differentiate between television and internet signals, which are transmitted on different channels, rather than different frequencies. Finally, fiber optic uses pulses of light to transmit information. The modem has to decode these signals into standard data packages.\r\nOnce the modem has turned the ISP’s network signal into data packages, the router can distribute them to the target device.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Router1.png"},{"id":540,"title":"Security Hardware","alias":"security-hardware","description":"Hardware security as a discipline originated out of cryptographic engineering and involves hardware design, access control, secure multi-party computation, secure key storage, ensuring code authenticity and measures to ensure that the supply chain that built the product is secure, among other things.\r\nA hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.\r\nSome providers in this discipline consider that the key difference between hardware security and software security is that hardware security is implemented using "non-Turing-machine" logic (raw combinatorial logic or simple state machines). One approach, referred to as "hardsec", uses FPGAs to implement non-Turing-machine security controls as a way of combining the security of hardware with the flexibility of software.\r\nHardware backdoors are backdoors in hardware. Conceptionally related, a hardware Trojan (HT) is a malicious modification of an electronic system, particularly in the context of an integrated circuit.\r\nA physical unclonable function (PUF) is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Further, an individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect, it is the hardware analog of a one-way function. The name "physically unclonable function" might be a little misleading as some PUFs are clonable, and most PUFs are noisy and therefore do not achieve the requirements for a function. Today, PUFs are usually implemented in integrated circuits and are typically used in applications with high-security requirements.\r\nMany attacks on sensitive data and resources reported by organizations occur from within the organization itself.","materialsDescription":"<span style=\"font-weight: bold;\">What is hardware information security?</span>\r\nHardware means various types of devices (mechanical, electromechanical, electronic, etc.), which solve information protection problems with hardware. They impede access to information, including through its disguise. The hardware includes: noise generators, surge protectors, scanning radios and many other devices that "block" potential channels of information leakage or allow them to be detected. The advantages of technical means are related to their reliability, independence from subjective factors and high resistance to modification. The weaknesses include a lack of flexibility, relatively large volume and mass and high cost. The hardware for information protection includes the most diverse technical structures in terms of operation, device and capabilities, which ensure the suppression of disclosure, protection against leakage and counteraction to unauthorized access to sources of confidential information.\r\n<span style=\"font-weight: bold;\">Where is the hardware used to protect information?</span>\r\nHardware information protection is used to solve the following problems:\r\n<ul><li>conducting special studies of technical means of ensuring production activity for the presence of possible channels of information leakage;</li><li>identification of information leakage channels at various objects and in premises;</li><li>localization of information leakage channels;</li><li>search and detection of industrial espionage tools;</li><li>countering unauthorized access to confidential information sources and other actions.</li></ul>\r\n<span style=\"font-weight: bold;\">What is the classification of information security hardware?</span>\r\nAccording to the functional purpose, the hardware can be classified into detection tools, search tools and detailed measurements and active and passive countermeasures. At the same time, according to their technical capabilities, information protection tools can be general-purpose, designed for use by non-professionals in order to obtain preliminary (general) estimates, and professional complexes that allow for a thorough search, detection and precision measurement of all the characteristics of industrial espionage equipment. As an example of the former, we can consider a group of IP electromagnetic radiation indicators, which have a wide range of received signals and rather low sensitivity. As a second example - a complex for the detection and direction finding of radio bookmarks, designed to automatically detect and locate radio transmitters, radio microphones, telephone bookmarks and network radio transmitters.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Hardware.png"},{"id":471,"title":"Hardware","alias":"hardware","description":" Computer hardware includes the physical, tangible parts or components of a computer, such as the cabinet, central processing unit, monitor, keyboard, computer data storage, graphics card, sound card, speakers and motherboard. By contrast, software is instructions that can be stored and run by hardware. Hardware is so-termed because it is "hard" or rigid with respect to changes or modifications; whereas software is "soft" because it is easy to update or change. Intermediate between software and hardware is "firmware", which is software that is strongly coupled to the particular hardware of a computer system and thus the most difficult to change but also among the most stable with respect to consistency of interface. The progression from levels of "hardness" to "softness" in computer systems parallels a progression of layers of abstraction in computing.\r\nHardware is typically directed by the software to execute any command or instruction. A combination of hardware and software forms a usable computing system, although other systems exist with only hardware components.\r\nThe template for all modern computers is the Von Neumann architecture, detailed in a 1945 paper by Hungarian mathematician John von Neumann. This describes a design architecture for an electronic digital computer with subdivisions of a processing unit consisting of an arithmetic logic unit and processor registers, a control unit containing an instruction register and program counter, a memory to store both data and instructions, external mass storage, and input and output mechanisms. The meaning of the term has evolved to mean a stored-program computer in which an instruction fetch and a data operation cannot occur at the same time because they share a common bus. This is referred to as the Von Neumann bottleneck and often limits the performance of the system.","materialsDescription":" <span style=\"font-weight: bold; \">What does Hardware (H/W) mean?</span>\r\nHardware (H/W), in the context of technology, refers to the physical elements that make up a computer or electronic system and everything else involved that is physically tangible. This includes the monitor, hard drive, memory and CPU. Hardware works hand-in-hand with firmware and software to make a computer function.\r\n<span style=\"font-weight: bold; \">What are the types of computer systems?</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Personal computer</span></span>\r\nThe personal computer, also known as the PC, is one of the most common types of computer due to its versatility and relatively low price. Laptops are generally very similar, although they may use lower-power or reduced size components, thus lower performance.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Case</span></span>\r\nThe computer case encloses and holds most of the components of the system. It provides mechanical support and protection for internal elements such as the motherboard, disk drives, and power supplies, and controls and directs the flow of cooling air over internal components. The case is also part of the system to control electromagnetic interference radiated by the computer, and protects internal parts from electrostatic discharge. Large tower cases provide extra internal space for multiple disk drives or other peripherals and usually stand on the floor, while desktop cases provide less expansion room. All-in-one style designs include a video display built into the same case. Portable and laptop computers require cases that provide impact protection for the unit. A current development in laptop computers is a detachable keyboard, which allows the system to be configured as a touch-screen tablet. Hobbyists may decorate the cases with colored lights, paint, or other features, in an activity called case modding.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Power supply</span></span>\r\nA power supply unit (PSU) converts alternating current (AC) electric power to low-voltage direct current (DC) power for the internal components of the computer. Laptops are capable of running from a built-in battery, normally for a period of hours. The PSU typically uses a switched-mode power supply (SMPS), with power MOSFETs (power metal–oxide–semiconductor field-effect transistors) used in the converters and regulator circuits of the SMPS.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Motherboard</span></span>\r\nThe motherboard is the main component of a computer. It is a board with integrated circuitry that connects the other parts of the computer including the CPU, the RAM, the disk drives (CD, DVD, hard disk, or any others) as well as any peripherals connected via the ports or the expansion slots. The integrated circuit (IC) chips in a computer typically contain billions of tiny metal–oxide–semiconductor field-effect transistors (MOSFETs).\r\nComponents directly attached to or to part of the motherboard include:\r\n<ul><li><span style=\"font-weight: bold; \">The CPU (central processing unit)</span>, which performs most of the calculations which enable a computer to function, and is referred to as the brain of the computer which get a hold of program instruction from random-access memory (RAM), interprets and processes it and then send it backs to computer result so that the relevant components can carry out the instructions. The CPU is a microprocessor, which is fabricated on a metal–oxide–semiconductor (MOS) integrated circuit (IC) chip. It is usually cooled by a heat sink and fan, or water-cooling system. Most newer CPU include an on-die graphics processing unit (GPU). The clock speed of CPU governs how fast it executes instructions, and is measured in GHz; typical values lie between 1 GHz and 5 GHz. Many modern computers have the option to overclock the CPU which enhances performance at the expense of greater thermal output and thus a need for improved cooling.</li><li><span style=\"font-weight: bold; \">The chipset</span>, which includes the north bridge, mediates communication between the CPU and the other components of the system, including main memory; as well as south bridge, which is connected to the north bridge, and supports auxiliary interfaces and buses; and, finally, a Super I/O chip, connected through the south bridge, which supports the slowest and most legacy components like serial ports, hardware monitoring and fan control.</li><li><span style=\"font-weight: bold; \">Random-access memory (RAM)</span>, which stores the code and data that are being actively accessed by the CPU. For example, when a web browser is opened on the computer it takes up memory; this is stored in the RAM until the web browser is closed. It is typically a type of dynamic RAM (DRAM), such as synchronous DRAM (SDRAM), where MOS memory chips store data on memory cells consisting of MOSFETs and MOS capacitors. RAM usually comes on dual in-line memory modules (DIMMs) in the sizes of 2GB, 4GB, and 8GB, but can be much larger.</li><li><span style=\"font-weight: bold; \">Read-only memory (ROM)</span>, which stores the BIOS that runs when the computer is powered on or otherwise begins execution, a process known as Bootstrapping, or "booting" or "booting up". The ROM is typically a nonvolatile BIOS memory chip, which stores data on floating-gate MOSFET memory cells.</li><li><span style=\"font-weight: bold; \">The BIOS (Basic Input Output System)</span> includes boot firmware and power management firmware. Newer motherboards use Unified Extensible Firmware Interface (UEFI) instead of BIOS.</li><li><span style=\"font-weight: bold; \">Buses</span> that connect the CPU to various internal components and to expand cards for graphics and sound.</li><li><span style=\"font-weight: bold; \">The CMOS</span> (complementary MOS) battery, which powers the CMOS memory for date and time in the BIOS chip. This battery is generally a watch battery.</li><li><span style=\"font-weight: bold; \">The video card</span> (also known as the graphics card), which processes computer graphics. More powerful graphics cards are better suited to handle strenuous tasks, such as playing intensive video games or running computer graphics software. A video card contains a graphics processing unit (GPU) and video memory (typically a type of SDRAM), both fabricated on MOS integrated circuit (MOS IC) chips.</li><li><span style=\"font-weight: bold; \">Power MOSFETs</span> make up the voltage regulator module (VRM), which controls how much voltage other hardware components receive.</li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Expansion cards</span></span>\r\nAn expansion card in computing is a printed circuit board that can be inserted into an expansion slot of a computer motherboard or backplane to add functionality to a computer system via the expansion bus. Expansion cards can be used to obtain or expand on features not offered by the motherboard.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Storage devices</span></span>\r\nA storage device is any computing hardware and digital media that is used for storing, porting and extracting data files and objects. It can hold and store information both temporarily and permanently, and can be internal or external to a computer, server or any similar computing device. Data storage is a core function and fundamental component of computers.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Fixed media</span></span>\r\nData is stored by a computer using a variety of media. Hard disk drives (HDDs) are found in virtually all older computers, due to their high capacity and low cost, but solid-state drives (SSDs) are faster and more power efficient, although currently more expensive than hard drives in terms of dollar per gigabyte, so are often found in personal computers built post-2007. SSDs use flash memory, which stores data on MOS memory chips consisting of floating-gate MOSFET memory cells. Some systems may use a disk array controller for greater performance or reliability.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Removable media</span></span>\r\nTo transfer data between computers, an external flash memory device (such as a memory card or USB flash drive) or optical disc (such as a CD-ROM, DVD-ROM or BD-ROM) may be used. Their usefulness depends on being readable by other systems; the majority of machines have an optical disk drive (ODD), and virtually all have at least one Universal Serial Bus (USB) port.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input and output peripherals</span></span>\r\nInput and output devices are typically housed externally to the main computer chassis. The following are either standard or very common to many computer systems.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input</span></span>\r\nInput devices allow the user to enter information into the system, or control its operation. Most personal computers have a mouse and keyboard, but laptop systems typically use a touchpad instead of a mouse. Other input devices include webcams, microphones, joysticks, and image scanners.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Output device</span></span>\r\nOutput devices display information in a human readable form. Such devices could include printers, speakers, monitors or a Braille embosser.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Mainframe computer</span></span>\r\nA mainframe computer is a much larger computer that typically fills a room and may cost many hundreds or thousands of times as much as a personal computer. They are designed to perform large numbers of calculations for governments and large enterprises.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Departmental computing</span></span>\r\nIn the 1960s and 1970s, more and more departments started to use cheaper and dedicated systems for specific purposes like process control and laboratory automation.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supercomputer</span></span>\r\nA supercomputer is superficially similar to a mainframe, but is instead intended for extremely demanding computational tasks. As of June 2018, the fastest supercomputer on the TOP500supercomputer list is the Summit, in the United States, with a LINPACK benchmarkscore of 122.3 PFLOPS Light, by around 29 PFLOPS.\r\nThe term supercomputer does not refer to a specific technology. Rather it indicates the fastest computations available at any given time. In mid 2011, the fastest supercomputers boasted speeds exceeding one petaflop, or 1 quadrillion (10^15 or 1,000 trillion) floating point operations per second. Supercomputers are fast but extremely costly, so they are generally used by large organizations to execute computationally demanding tasks involving large data sets. Supercomputers typically run military and scientific applications. Although costly, they are also being used for commercial applications where huge amounts of data must be analyzed. For example, large banks employ supercomputers to calculate the risks and returns of various investment strategies, and healthcare organizations use them to analyze giant databases of patient data to determine optimal treatments for various diseases and problems incurring to the country. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Hardware.jpg"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"http://tsu.ua/wp-content/uploads/2018/01/read_TSU_listovka_alfabank-1.pdf","title":"Supplier's web site"}},"comments":[],"referencesCount":0}],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":1,"b4r":0,"categories":{"42":{"id":42,"title":"UTM - Unified threat management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg","alias":"utm-unified-threat-management"},"52":{"id":52,"title":"SaaS - software as a service","description":"<span style=\"font-weight: bold;\">Software as a service (SaaS)</span> is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. It is sometimes referred to as "on-demand software", and was formerly referred to as "software plus services" by Microsoft.\r\n SaaS services is typically accessed by users using a thin client, e.g. via a web browser. SaaS software solutions has become a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), Management Information Systems (MIS), enterprise resource planning (ERP), invoicing, human resource management (HRM), talent acquisition, learning management systems, content management (CM), Geographic Information Systems (GIS), and service desk management. SaaS has been incorporated into the strategy of nearly all leading enterprise software companies.\r\nSaaS applications are also known as <span style=\"font-weight: bold;\">Web-based software</span>, <span style=\"font-weight: bold;\">on-demand software</span> and<span style=\"font-weight: bold;\"> hosted software</span>.\r\nThe term "Software as a Service" (SaaS) is considered to be part of the nomenclature of cloud computing, along with Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Desktop as a Service (DaaS),managed software as a service (MSaaS), mobile backend as a service (MBaaS), and information technology management as a service (ITMaaS).\r\nBecause SaaS is based on cloud computing it saves organizations from installing and running applications on their own systems. That eliminates or at least reduces the associated costs of hardware purchases and maintenance and of software and support. The initial setup cost for a SaaS application is also generally lower than it for equivalent enterprise software purchased via a site license.\r\nSometimes, the use of SaaS cloud software can also reduce the long-term costs of software licensing, though that depends on the pricing model for the individual SaaS offering and the enterprise’s usage patterns. In fact, it’s possible for SaaS to cost more than traditional software licenses. This is an area IT organizations should explore carefully.<br />SaaS also provides enterprises the flexibility inherent with cloud services: they can subscribe to a SaaS offering as needed rather than having to buy software licenses and install the software on a variety of computers. The savings can be substantial in the case of applications that require new hardware purchases to support the software.<br /><br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Who uses SaaS?</span></h1>\r\nIndustry analyst Forrester Research notes that SaaS adoption has so far been concentrated mostly in human resource management (HRM), customer relationship management (CRM), collaboration software (e.g., email), and procurement solutions, but is poised to widen. Today it’s possible to have a data warehouse in the cloud that you can access with business intelligence software running as a service and connect to your cloud-based ERP like NetSuite or Microsoft Dynamics.The dollar savings can run into the millions. And SaaS installations are often installed and working in a fraction of the time of on-premises deployments—some can be ready in hours. \r\nSales and marketing people are likely familiar with Salesforce.com, the leading SaaS CRM software, with millions of users across more than 100,000 customers. Sales is going SaaS too, with apps available to support sales in order management, compensation, quote production and configure, price, quoting, electronic signatures, contract management and more.\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">Why SaaS? Benefits of software as a service</span></h1>\r\n<ul><li><span style=\"font-weight: bold;\">Lower cost of entry</span>. With SaaS solution, you pay for what you need, without having to buy hardware to host your new applications. Instead of provisioning internal resources to install the software, the vendor provides APIs and performs much of the work to get their software working for you. The time to a working solution can drop from months in the traditional model to weeks, days or hours with the SaaS model. In some businesses, IT wants nothing to do with installing and running a sales app. In the case of funding software and its implementation, this can be a make-or-break issue for the sales and marketing budget, so the lower cost really makes the difference.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Reduced time to benefit/rapid prototyping</span>. In the SaaS model, the software application is already installed and configured. Users can provision the server for the cloud and quickly have the application ready for use. This cuts the time to benefit and allows for rapid demonstrations and prototyping. With many SaaS companies offering free trials, this means a painless proof of concept and discovery phase to prove the benefit to the organization. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Pay as you go</span>. SaaS business software gives you the benefit of predictable costs both for the subscription and to some extent, the administration. Even as you scale, you can have a clear idea of what your costs will be. This allows for much more accurate budgeting, especially as compared to the costs of internal IT to manage upgrades and address issues for an owned instance.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">The SaaS vendor is responsible for upgrades, uptime and security</span>. Under the SaaS model, since the software is hosted by the vendor, they take on the responsibility for maintaining the software and upgrading it, ensuring that it is reliable and meeting agreed-upon service level agreements, and keeping the application and its data secure. While some IT people worry about Software as a Service security outside of the enterprise walls, the likely truth is that the vendor has a much higher level of security than the enterprise itself would provide. Many will have redundant instances in very secure data centers in multiple geographies. Also, the data is being automatically backed up by the vendor, providing additional security and peace of mind. Because of the data center hosting, you’re getting the added benefit of at least some disaster recovery. Lastly, the vendor manages these issues as part of their core competencies—let them.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Integration and scalability.</span> Most SaaS apps are designed to support some amount of customization for the way you do business. SaaS vendors create APIs to allow connections not only to internal applications like ERPs or CRMs but also to other SaaS providers. One of the terrific aspects of integration is that orders written in the field can be automatically sent to the ERP. Now a salesperson in the field can check inventory through the catalog, write the order in front of the customer for approval, send it and receive confirmation, all in minutes. And as you scale with a SaaS vendor, there’s no need to invest in server capacity and software licenses. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Work anywhere</span>. Since the software is hosted in the cloud and accessible over the internet, users can access it via mobile devices wherever they are connected. This includes checking customer order histories prior to a sales call, as well as having access to real time data and real time order taking with the customer.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/SaaS__1_.png","alias":"saas-software-as-a-service"},"840":{"id":840,"title":"ICS/SCADA Cyber Security","description":"SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. These networks are responsible for providing automated control and remote human management of essential commodities and services such as water, natural gas, electricity and transportation to millions of people. They can also be used to improve the efficiencies and quality in other less essential (but some would say very important!) real-world processes such as snowmaking for ski resorts and beer brewing. SCADA is one of the most common types of industrial control systems (ICS).\r\nThese networks, just like any other network, are under threat from cyber-attacks that could bring down any part of the nation's critical infrastructure quickly and with dire consequences if the right security is not in place. Capital expenditure is another key concern; SCADA systems can cost an organization from tens of thousands to millions of dollars. For these reasons, it is essential that organizations implement robust SCADA security measures to protect their infrastructure and the millions of people that would be affected by the disruption caused by an external attack or internal error.\r\nSCADA security has evolved dramatically in recent years. Before computers, the only way to monitor a SCADA network was to deploy several people to each station to report back on the state of each system. In busier stations, technicians were stationed permanently to manually operate the network and communicate over telephone wires.\r\nIt wasn't until the introduction of the local area network (LAN) and improvements in system miniaturization that we started to see advances in SCADA development such as the distributed SCADA network. Next came networked systems that were able to communicate over a wide area network (WAN) and connect many more components together.\r\nFrom local companies to federal governments, every business or organization that works with SCADA systems are vulnerable to SCADA security threats. These threats can have wide-reaching effects on both the economy and the community. Specific threats to SCADA networks include the following:\r\n<span style=\"font-weight: bold;\">Hackers.</span> Individuals or groups with malicious intent could bring a SCADA network to its knees. By gaining access to key SCADA components, hackers could unleash chaos on an organization that can range from a disruption in services to cyber warfare.\r\n<span style=\"font-weight: bold;\">Malware.</span> Malware, including viruses, spyware and ransomware can pose a risk to SCADA systems. While malware may not be able to specifically target the network itself, it can still pose a threat to the key infrastructure that helps to manage the SCADA network. This includes mobile SCADA applications that are used to monitor and manage SCADA systems.\r\n<span style=\"font-weight: bold;\">Terrorists.</span> Where hackers are usually motivated by sordid gain, terrorists are driven by the desire to cause as much mayhem and damage as possible.\r\n<span style=\"font-weight: bold;\">Employees.</span> Insider threats can be just as damaging as external threats. From human error to a disgruntled employee or contractor, it is essential that SCADA security addresses these risks.\r\nManaging today's SCADA networks can be a challenge without the right security precautions in place. Many networks are still without the necessary detection and monitoring systems and this leaves them vulnerable to attack. Because SCADA network attacks exploit both cyber and physical vulnerabilities, it is critical to align cybersecurity measures accordingly.","materialsDescription":"<span style=\"font-weight: bold;\">What is the difference between ICS/SCADA cybersecurity and information security?</span>\r\nAutomated process control systems (SCADA) have a lot of differences from “traditional” corporate information systems: from the destination, specific data transfer protocols and equipment used and ending with the environment in which they operate. In corporate networks and systems, as a rule, the main protected resource is information that is processed, transmitted and stored in automated systems, and the main goal is to ensure its confidentiality. In ICS, the protected resource, first of all, is the technological process itself, and the main goal is to ensure its continuity (accessibility of all nodes) and integrity (including information transmitted between the nodes of the ICS). Moreover, the field of potential risks and threats to ICS, in comparison with corporate systems, expands with risks of potential damage to life and health of personnel and the public, damage to the environment and infrastructure. That is why it is incorrect to talk about “information security” in relation to ICS/SCADA. In English sources, the term “cybersecurity” is used for this, a direct translation of which (cybersecurity) is increasingly found in our market in relation to the protection of process control systems.\r\n<span style=\"font-weight: bold;\">Is it really necessary?</span>\r\nIt is necessary. There are a number of myths about process control systems, for example: “process control systems are completely isolated from the outside world”, “process control systems are too specific for someone to crack”, “process control systems are reliably protected by the developer”, or even “No one will ever try us, hacking us is not interesting. ” All this is no longer true. Many modern distributed process control systems have one or another connection with the corporate network, even if the system owners are unaware of this. Communication with the outside world greatly simplifies the task of the attacker, but does not remain the only possible option. Automated process control software and data transfer protocols are, as a rule, very, very insecure against cyber threats. This is evidenced by numerous articles and reports of experts involved in the study of the protection of industrial control systems and penetration tests. The PHDays III section on hacking automated process control systems impressed even ardent skeptics. Well, and, of course, the argument “they have NOT attacked us, therefore they will not” - can hardly be considered seriously. Everyone has heard about Stuxnet, which dispelled almost all the myths about the safety of ICS at once.\r\n<span style=\"font-weight: bold;\">Who needs this?</span>\r\nWith the phrase ICS/SCADA, most imagine huge plants, automated CNC machines or something similar. However, the application of process control systems is not limited to these objects - in the modern age of automation, process control systems are used everywhere: from large production facilities, the oil and gas industry, transport management to smart home systems. And, by the way, with the protection of the latter, as a rule, everything can be much worse, because the developer silently and imperceptibly shifts responsibility to the shoulders of the user.\r\nOf course, some of the objects with automated process control systems are more interesting for attackers, others less. But, given the ever-growing number of vulnerabilities discovered and published in the ICS, the spread of "exclusive" (written for specific protocols and ICS software) malware, considering your system safe "by default" is unreasonable.\r\n<span style=\"font-weight: bold;\">Are ICS and SCADA the same thing?</span>\r\nNo. SCADA systems (supervisory control and data acquisition, supervisory control and data collection) are part of the control system. Usually, a SCADA system means centralized control and management systems with the participation of a person as a whole system or a complex of industrial control systems. SCADA is the central link between people (human-machine interfaces) and PLC levels (programmable logic controller) or RTU (remote terminal unit).\r\n<span style=\"font-weight: bold;\">What is ICS/SCADA cybersecurity?</span>\r\nIn fact, ICS cybersecurity is a process similar to “information security” in a number of properties, but very different in details. And the devil, as you know, lies in them. ICS/SCADA also has similar information security-related processes: asset inventory, risk analysis and assessment, threat analysis, security management, change management, incident response, continuity, etc. But these processes themselves are different.<br />The cyber security of ICSs has the same basic target qualities - confidentiality, integrity and accessibility, but the significance and point of application for them are completely different. It should be remembered that in ICS/SCADA we, first of all, protect the technological process. Beyond this - from the risks of damage to human health and life and the environment.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_SCADA_Cyber_Security.png","alias":"icsscada-cyber-security"}},"branches":"Information Technology","companySizes":"More than 2000 Employees","companyUrl":"http://www.f5.com","countryCodes":[],"certifications":[],"isSeller":true,"isSupplier":false,"isVendor":true,"presenterCodeLng":"","seo":{"title":"F5 Networks","keywords":"2010, worldwide, delivery, that, Networks, company, Fortune, list","description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:title":"F5 Networks","og:description":"F5 Networks, Inc. is a multinational American company that specializes in application delivery networking (ADN) technology that optimizes the delivery of network-based applications and the security, performance, availability of servers, data storage devices, a","og:image":"https://old.roi4cio.com/uploads/roi/company/f5.png"},"eventUrl":"","vendorPartners":[],"supplierPartners":[{"supplier":"ISSP","partnershipLevel":"Silver UNITY Reseller","countries":"","partnersType":""}],"vendoredProducts":[{"id":4716,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/F5_Networks_logo.png","logo":true,"scheme":false,"title":"F5 Big-IP Application Delivery Services","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":1,"alias":"f5-big-ip-application-delivery-services","companyTitle":"F5 Networks","companyTypes":["vendor"],"companyId":2749,"companyAlias":"f5-networks","description":"<span style=\"font-weight: bold;\">Explore BIG-IP application services</span>\r\nKeep your apps up and running with BIG-IP application delivery controllers. BIG-IP Local Traffic Manager (LTM) and BIG-IP DNS handle your application traffic and secure your infrastructure. You’ll get built-in security, traffic management, and performance application services, whether your applications live in a private data center or in the cloud.\r\n<span style=\"font-weight: bold;\">Service Provider</span>\r\nBIG-IP Diameter Traffic Management, BIG-IP Policy Enforcement Manager (PEM), and BIG-IP Carrier-Grade NAT (CGNAT) manage network resources to keep your applications performing at carrier-grade levels. They also help you identify ways to optimize and monetize your network, improving your bottom line.\r\n<span style=\"font-weight: bold;\">Platforms</span>\r\nGet the right platform for your business, whether you deploy your applications on-premises, in the cloud, or both. Hardware appliances include the new BIG-IP iSeries or our high-performing VIPRION chassis and blades. Software options are available through BIG-IP virtual edition or BIG-IP Cloud Edition.","shortDescription":"BIG-IP Application Delivery Services - advanced technology for an app-centric world.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":11,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"F5 Big-IP Application Delivery Services","keywords":"","description":"<span style=\"font-weight: bold;\">Explore BIG-IP application services</span>\r\nKeep your apps up and running with BIG-IP application delivery controllers. BIG-IP Local Traffic Manager (LTM) and BIG-IP DNS handle your application traffic and secure your infrastru","og:title":"F5 Big-IP Application Delivery Services","og:description":"<span style=\"font-weight: bold;\">Explore BIG-IP application services</span>\r\nKeep your apps up and running with BIG-IP application delivery controllers. BIG-IP Local Traffic Manager (LTM) and BIG-IP DNS handle your application traffic and secure your infrastru","og:image":"https://old.roi4cio.com/fileadmin/user_upload/F5_Networks_logo.png"},"eventUrl":"","translationId":4717,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/iot.png"},{"id":178,"title":"IoT - Internet of Things","alias":"iot-internet-of-things","description":"The Internet of things (IoT) is the extension of Internet connectivity into physical devices and everyday objects. Embedded with electronics, Internet connectivity, and other forms of hardware (such as sensors), these devices can communicate and interact with others over the Internet, and they can be remotely monitored and controlled.\r\nThe definition of the Internet of things has evolved due to the convergence of multiple technologies, real-time analytics, machine learning, commodity sensors, and embedded systems. Traditional fields of embedded systems, wireless sensor networks, control systems, automation (including home and building automation). and others all contribute to enabling the Internet of things. In the consumer market, IoT technology is most synonymous with products pertaining to the concept of the "smart home", covering devices and appliances (such as lighting fixtures, thermostats, home security systems and cameras, and other home appliances) that support one or more common ecosystems, and can be controlled via devices associated with that ecosystem, such as smartphones and smart speakers.\r\nThe IoT concept has faced prominent criticism, especially in regards to privacy and security concerns related to these devices and their intention of pervasive presence.","materialsDescription":"<span style=\"font-weight: bold;\">What is the Internet of Things (IoT)?</span>\r\nThe Internet of things refers to the network of things (physical objects) that can be connected to the Internet to collect and share data without human-to-human or human-to-computer interaction.\r\n<span style=\"font-weight: bold;\">Why is it called the Internet of Things?</span>\r\nThe term Internet of things was coined by Kevin Ashton in 1999. Stemming from Kevin Ashton’s experience with RFID, the term Internet of things originally described the concept of tagging every object in a person’s life with machine-readable codes. This would allow computers to easily manage and inventory all of these things.\r\nThe term IoT today has evolved to a much broader prospect. It now encompasses ubiquitous connectivity, devices, sensors, analytics, machine learning, and many other technologies.\r\n<span style=\"font-weight: bold;\">What is an IoT solution?</span>\r\nAn IoT solution is a combination of devices or other data sources, outfitted with sensors and Internet connected hardware to securely report information back to an IoT platform. This information is often a physical metric which can help users answer a question or solve a specific problem.\r\n<span style=\"font-weight: bold;\">What is an IoT Proof of Concept (PoC)?</span>\r\nThe purpose of a PoC is to experiment with a solution in your environment, collect data, and evaluate performance from a set timeline on a set budget. A PoC is a low-risk way to introduce IoT to an organization.\r\n<span style=\"font-weight: bold;\">What is an IoT cloud platform?</span>\r\nAn IoT platform provides users with one or more of these key elements — visualization tools, data security features, a workflow engine and a custom user interface to utilize the information collected from devices and other data sources in the field. These platforms are based in the cloud and can be accessed from anywhere.\r\n<span style=\"font-weight: bold;\">What is industrial equipment monitoring?</span>\r\nIndustrial equipment monitoring uses a network of connected sensors - either native to a piece of equipment or retrofitted - to inform owners/operators of a machine’s output, component conditions, need for service or impending failure. Industrial equipment monitoring is an IoT solution which can utilize an IoT platform to unify disparate data and enable decision-makers to respond to real-time data.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/IoT_-_Internet_of_Things.png"},{"id":56,"title":"Router","alias":"router","description":"A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet. Data sent through the internet, such as a web page or email, is in the form of data packets. A packet is typically forwarded from one router to another router through the networks that constitute an internetwork (e.g. the Internet) until it reaches its destination node.\r\nA router is connected to two or more data lines from different IP networks. When a data packet comes in on one of the lines, the router reads the network address information in the packet header to determine the ultimate destination. Then, using information in its routing table or routing policy, it directs the packet to the next network on its journey.\r\nThe most familiar type of IP routers are home and small office routers that simply forward IP packets between the home computers and the Internet. An example of a router would be the owner's cable or DSL router, which connects to the Internet through an Internet service provider (ISP). More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone.\r\nThe main purpose of a router is to connect multiple networks and forward packets destined either for its own networks or other networks. A router is considered a layer-3 device because its primary forwarding decision is based on the information in the layer-3 IP packet, specifically the destination IP address. When a router receives a packet, it searches its routing table to find the best match between the destination IP address of the packet and one of the addresses in the routing table. Once a match is found, the packet is encapsulated in the layer-2 data link frame for the outgoing interface indicated in the table entry. A router typically does not look into the packet payload,[citation needed] but only at the layer-3 addresses to make a forwarding decision, plus optionally other information in the header for hints on, for example, quality of service (QoS). For pure IP forwarding, a router is designed to minimize the state information associated with individual packets. Once a packet is forwarded, the router does not retain any historical information about the packet.\r\nThe routing table itself can contain information derived from a variety of sources, such as a default or static routes that are configured manually, or dynamic routing protocols where the router learns routes from other routers. A default route is one that is used to route all traffic whose destination does not otherwise appear in the routing table; this is common – even necessary – in small networks, such as a home or small business where the default route simply sends all non-local traffic to the Internet service provider. The default route can be manually configured (as a static route), or learned by dynamic routing protocols, or be obtained by DHCP.\r\nA router can run more than one routing protocol at a time, particularly if it serves as an autonomous system border router between parts of a network that run different routing protocols; if it does so, then redistribution may be used (usually selectively) to share information between the different protocols running on the same router.\r\nBesides making a decision as to which interface a packet is forwarded to, which is handled primarily via the routing table, a router also has to manage congestion when packets arrive at a rate higher than the router can process. Three policies commonly used in the Internet are tail drop, random early detection (RED), and weighted random early detection (WRED). Tail drop is the simplest and most easily implemented; the router simply drops new incoming packets once the length of the queue exceeds the size of the buffers in the router. RED probabilistically drops datagrams early when the queue exceeds a pre-configured portion of the buffer, until a pre-determined max, when it becomes tail drop. WRED requires a weight on the average queue size to act upon when the traffic is about to exceed the pre-configured size, so that short bursts will not trigger random drops.\r\nAnother function a router performs is to decide which packet should be processed first when multiple queues exist. This is managed through QoS, which is critical when Voice over IP is deployed, so as not to introduce excessive latency.\r\nYet another function a router performs is called policy-based routing where special rules are constructed to override the rules derived from the routing table when a packet forwarding decision is made.\r\nRouter functions may be performed through the same internal paths that the packets travel inside the router. Some of the functions may be performed through an application-specific integrated circuit (ASIC) to avoid overhead of scheduling CPU time to process the packets. Others may have to be performed through the CPU as these packets need special attention that cannot be handled by an ASIC.","materialsDescription":" <span style=\"font-weight: bold;\">What Is a Router?</span>\r\nRouters are the nodes that make up a computer network like the internet. The router you use at home is the central node of your home network.\r\nIt functions as an information manager between the internet and all devices that go online (i.e. all devices connected to the router). Generally speaking, routers direct incoming traffic to its destination.\r\nThis also makes your router the first line of security in protecting your home network from malicious online attacks.\r\n<span style=\"font-weight: bold;\">What Does a Router Do?</span>\r\nYour router handles network traffic. For example, to view this article, data packages coding for this website have to transit from our server, through various nodes on the internet, and finally through your router to arrive on your phone or computer. On your device, your browser decodes those data packages to display the article you’re currently reading.\r\nSince a typical household has more than one device that connects to the internet, you need a router to manage the incoming network signals. In other words, your router makes sure that the data packages coding for a website you want to view on your computer aren’t sent to your phone. It does that by using your device’s MAC address.\r\nWhile your router has a unique (external) IP address to receive data packages from servers worldwide, every device on your home network also carries a unique MAC address. Simply put, when you try to access information online, your router maintains a table to keep track of which device requested information from where. Based on this table, your router distributes incoming data packages to the correct recipient.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between Modems and Routers?</span>\r\nA modem turns the proprietary network signal of your ISP (internet service provider) into a standard network signal. In theory, you can choose between multiple ISPs and some of them may use the same delivery route. Your modem knows which signals to read and translate.\r\nThe kind of modem your ISP will provide you with depends on how you’re connecting to the internet. For example, a DSL modem requires a different technology than a cable or fiber optic broadband modem. That’s because one uses the copper wiring of your telephone line, while the others use a coaxial or a fiber optic cable, respectively.\r\nThe DSL modem has to filter and read both the low frequencies that phone and voice data produce, as well as the high frequencies of internet data. Cable modems, on the other hand, have to differentiate between television and internet signals, which are transmitted on different channels, rather than different frequencies. Finally, fiber optic uses pulses of light to transmit information. The modem has to decode these signals into standard data packages.\r\nOnce the modem has turned the ISP’s network signal into data packages, the router can distribute them to the target device.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Router1.png"},{"id":540,"title":"Security Hardware","alias":"security-hardware","description":"Hardware security as a discipline originated out of cryptographic engineering and involves hardware design, access control, secure multi-party computation, secure key storage, ensuring code authenticity and measures to ensure that the supply chain that built the product is secure, among other things.\r\nA hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.\r\nSome providers in this discipline consider that the key difference between hardware security and software security is that hardware security is implemented using "non-Turing-machine" logic (raw combinatorial logic or simple state machines). One approach, referred to as "hardsec", uses FPGAs to implement non-Turing-machine security controls as a way of combining the security of hardware with the flexibility of software.\r\nHardware backdoors are backdoors in hardware. Conceptionally related, a hardware Trojan (HT) is a malicious modification of an electronic system, particularly in the context of an integrated circuit.\r\nA physical unclonable function (PUF) is a physical entity that is embodied in a physical structure and is easy to evaluate but hard to predict. Further, an individual PUF device must be easy to make but practically impossible to duplicate, even given the exact manufacturing process that produced it. In this respect, it is the hardware analog of a one-way function. The name "physically unclonable function" might be a little misleading as some PUFs are clonable, and most PUFs are noisy and therefore do not achieve the requirements for a function. Today, PUFs are usually implemented in integrated circuits and are typically used in applications with high-security requirements.\r\nMany attacks on sensitive data and resources reported by organizations occur from within the organization itself.","materialsDescription":"<span style=\"font-weight: bold;\">What is hardware information security?</span>\r\nHardware means various types of devices (mechanical, electromechanical, electronic, etc.), which solve information protection problems with hardware. They impede access to information, including through its disguise. The hardware includes: noise generators, surge protectors, scanning radios and many other devices that "block" potential channels of information leakage or allow them to be detected. The advantages of technical means are related to their reliability, independence from subjective factors and high resistance to modification. The weaknesses include a lack of flexibility, relatively large volume and mass and high cost. The hardware for information protection includes the most diverse technical structures in terms of operation, device and capabilities, which ensure the suppression of disclosure, protection against leakage and counteraction to unauthorized access to sources of confidential information.\r\n<span style=\"font-weight: bold;\">Where is the hardware used to protect information?</span>\r\nHardware information protection is used to solve the following problems:\r\n<ul><li>conducting special studies of technical means of ensuring production activity for the presence of possible channels of information leakage;</li><li>identification of information leakage channels at various objects and in premises;</li><li>localization of information leakage channels;</li><li>search and detection of industrial espionage tools;</li><li>countering unauthorized access to confidential information sources and other actions.</li></ul>\r\n<span style=\"font-weight: bold;\">What is the classification of information security hardware?</span>\r\nAccording to the functional purpose, the hardware can be classified into detection tools, search tools and detailed measurements and active and passive countermeasures. At the same time, according to their technical capabilities, information protection tools can be general-purpose, designed for use by non-professionals in order to obtain preliminary (general) estimates, and professional complexes that allow for a thorough search, detection and precision measurement of all the characteristics of industrial espionage equipment. As an example of the former, we can consider a group of IP electromagnetic radiation indicators, which have a wide range of received signals and rather low sensitivity. As a second example - a complex for the detection and direction finding of radio bookmarks, designed to automatically detect and locate radio transmitters, radio microphones, telephone bookmarks and network radio transmitters.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Hardware.png"},{"id":471,"title":"Hardware","alias":"hardware","description":" Computer hardware includes the physical, tangible parts or components of a computer, such as the cabinet, central processing unit, monitor, keyboard, computer data storage, graphics card, sound card, speakers and motherboard. By contrast, software is instructions that can be stored and run by hardware. Hardware is so-termed because it is "hard" or rigid with respect to changes or modifications; whereas software is "soft" because it is easy to update or change. Intermediate between software and hardware is "firmware", which is software that is strongly coupled to the particular hardware of a computer system and thus the most difficult to change but also among the most stable with respect to consistency of interface. The progression from levels of "hardness" to "softness" in computer systems parallels a progression of layers of abstraction in computing.\r\nHardware is typically directed by the software to execute any command or instruction. A combination of hardware and software forms a usable computing system, although other systems exist with only hardware components.\r\nThe template for all modern computers is the Von Neumann architecture, detailed in a 1945 paper by Hungarian mathematician John von Neumann. This describes a design architecture for an electronic digital computer with subdivisions of a processing unit consisting of an arithmetic logic unit and processor registers, a control unit containing an instruction register and program counter, a memory to store both data and instructions, external mass storage, and input and output mechanisms. The meaning of the term has evolved to mean a stored-program computer in which an instruction fetch and a data operation cannot occur at the same time because they share a common bus. This is referred to as the Von Neumann bottleneck and often limits the performance of the system.","materialsDescription":" <span style=\"font-weight: bold; \">What does Hardware (H/W) mean?</span>\r\nHardware (H/W), in the context of technology, refers to the physical elements that make up a computer or electronic system and everything else involved that is physically tangible. This includes the monitor, hard drive, memory and CPU. Hardware works hand-in-hand with firmware and software to make a computer function.\r\n<span style=\"font-weight: bold; \">What are the types of computer systems?</span>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Personal computer</span></span>\r\nThe personal computer, also known as the PC, is one of the most common types of computer due to its versatility and relatively low price. Laptops are generally very similar, although they may use lower-power or reduced size components, thus lower performance.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Case</span></span>\r\nThe computer case encloses and holds most of the components of the system. It provides mechanical support and protection for internal elements such as the motherboard, disk drives, and power supplies, and controls and directs the flow of cooling air over internal components. The case is also part of the system to control electromagnetic interference radiated by the computer, and protects internal parts from electrostatic discharge. Large tower cases provide extra internal space for multiple disk drives or other peripherals and usually stand on the floor, while desktop cases provide less expansion room. All-in-one style designs include a video display built into the same case. Portable and laptop computers require cases that provide impact protection for the unit. A current development in laptop computers is a detachable keyboard, which allows the system to be configured as a touch-screen tablet. Hobbyists may decorate the cases with colored lights, paint, or other features, in an activity called case modding.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Power supply</span></span>\r\nA power supply unit (PSU) converts alternating current (AC) electric power to low-voltage direct current (DC) power for the internal components of the computer. Laptops are capable of running from a built-in battery, normally for a period of hours. The PSU typically uses a switched-mode power supply (SMPS), with power MOSFETs (power metal–oxide–semiconductor field-effect transistors) used in the converters and regulator circuits of the SMPS.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Motherboard</span></span>\r\nThe motherboard is the main component of a computer. It is a board with integrated circuitry that connects the other parts of the computer including the CPU, the RAM, the disk drives (CD, DVD, hard disk, or any others) as well as any peripherals connected via the ports or the expansion slots. The integrated circuit (IC) chips in a computer typically contain billions of tiny metal–oxide–semiconductor field-effect transistors (MOSFETs).\r\nComponents directly attached to or to part of the motherboard include:\r\n<ul><li><span style=\"font-weight: bold; \">The CPU (central processing unit)</span>, which performs most of the calculations which enable a computer to function, and is referred to as the brain of the computer which get a hold of program instruction from random-access memory (RAM), interprets and processes it and then send it backs to computer result so that the relevant components can carry out the instructions. The CPU is a microprocessor, which is fabricated on a metal–oxide–semiconductor (MOS) integrated circuit (IC) chip. It is usually cooled by a heat sink and fan, or water-cooling system. Most newer CPU include an on-die graphics processing unit (GPU). The clock speed of CPU governs how fast it executes instructions, and is measured in GHz; typical values lie between 1 GHz and 5 GHz. Many modern computers have the option to overclock the CPU which enhances performance at the expense of greater thermal output and thus a need for improved cooling.</li><li><span style=\"font-weight: bold; \">The chipset</span>, which includes the north bridge, mediates communication between the CPU and the other components of the system, including main memory; as well as south bridge, which is connected to the north bridge, and supports auxiliary interfaces and buses; and, finally, a Super I/O chip, connected through the south bridge, which supports the slowest and most legacy components like serial ports, hardware monitoring and fan control.</li><li><span style=\"font-weight: bold; \">Random-access memory (RAM)</span>, which stores the code and data that are being actively accessed by the CPU. For example, when a web browser is opened on the computer it takes up memory; this is stored in the RAM until the web browser is closed. It is typically a type of dynamic RAM (DRAM), such as synchronous DRAM (SDRAM), where MOS memory chips store data on memory cells consisting of MOSFETs and MOS capacitors. RAM usually comes on dual in-line memory modules (DIMMs) in the sizes of 2GB, 4GB, and 8GB, but can be much larger.</li><li><span style=\"font-weight: bold; \">Read-only memory (ROM)</span>, which stores the BIOS that runs when the computer is powered on or otherwise begins execution, a process known as Bootstrapping, or "booting" or "booting up". The ROM is typically a nonvolatile BIOS memory chip, which stores data on floating-gate MOSFET memory cells.</li><li><span style=\"font-weight: bold; \">The BIOS (Basic Input Output System)</span> includes boot firmware and power management firmware. Newer motherboards use Unified Extensible Firmware Interface (UEFI) instead of BIOS.</li><li><span style=\"font-weight: bold; \">Buses</span> that connect the CPU to various internal components and to expand cards for graphics and sound.</li><li><span style=\"font-weight: bold; \">The CMOS</span> (complementary MOS) battery, which powers the CMOS memory for date and time in the BIOS chip. This battery is generally a watch battery.</li><li><span style=\"font-weight: bold; \">The video card</span> (also known as the graphics card), which processes computer graphics. More powerful graphics cards are better suited to handle strenuous tasks, such as playing intensive video games or running computer graphics software. A video card contains a graphics processing unit (GPU) and video memory (typically a type of SDRAM), both fabricated on MOS integrated circuit (MOS IC) chips.</li><li><span style=\"font-weight: bold; \">Power MOSFETs</span> make up the voltage regulator module (VRM), which controls how much voltage other hardware components receive.</li></ul>\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Expansion cards</span></span>\r\nAn expansion card in computing is a printed circuit board that can be inserted into an expansion slot of a computer motherboard or backplane to add functionality to a computer system via the expansion bus. Expansion cards can be used to obtain or expand on features not offered by the motherboard.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Storage devices</span></span>\r\nA storage device is any computing hardware and digital media that is used for storing, porting and extracting data files and objects. It can hold and store information both temporarily and permanently, and can be internal or external to a computer, server or any similar computing device. Data storage is a core function and fundamental component of computers.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Fixed media</span></span>\r\nData is stored by a computer using a variety of media. Hard disk drives (HDDs) are found in virtually all older computers, due to their high capacity and low cost, but solid-state drives (SSDs) are faster and more power efficient, although currently more expensive than hard drives in terms of dollar per gigabyte, so are often found in personal computers built post-2007. SSDs use flash memory, which stores data on MOS memory chips consisting of floating-gate MOSFET memory cells. Some systems may use a disk array controller for greater performance or reliability.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Removable media</span></span>\r\nTo transfer data between computers, an external flash memory device (such as a memory card or USB flash drive) or optical disc (such as a CD-ROM, DVD-ROM or BD-ROM) may be used. Their usefulness depends on being readable by other systems; the majority of machines have an optical disk drive (ODD), and virtually all have at least one Universal Serial Bus (USB) port.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input and output peripherals</span></span>\r\nInput and output devices are typically housed externally to the main computer chassis. The following are either standard or very common to many computer systems.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Input</span></span>\r\nInput devices allow the user to enter information into the system, or control its operation. Most personal computers have a mouse and keyboard, but laptop systems typically use a touchpad instead of a mouse. Other input devices include webcams, microphones, joysticks, and image scanners.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Output device</span></span>\r\nOutput devices display information in a human readable form. Such devices could include printers, speakers, monitors or a Braille embosser.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Mainframe computer</span></span>\r\nA mainframe computer is a much larger computer that typically fills a room and may cost many hundreds or thousands of times as much as a personal computer. They are designed to perform large numbers of calculations for governments and large enterprises.\r\n<span style=\"font-style: italic; \"><span style=\"font-weight: bold; \">Departmental computing</span></span>\r\nIn the 1960s and 1970s, more and more departments started to use cheaper and dedicated systems for specific purposes like process control and laboratory automation.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Supercomputer</span></span>\r\nA supercomputer is superficially similar to a mainframe, but is instead intended for extremely demanding computational tasks. As of June 2018, the fastest supercomputer on the TOP500supercomputer list is the Summit, in the United States, with a LINPACK benchmarkscore of 122.3 PFLOPS Light, by around 29 PFLOPS.\r\nThe term supercomputer does not refer to a specific technology. Rather it indicates the fastest computations available at any given time. In mid 2011, the fastest supercomputers boasted speeds exceeding one petaflop, or 1 quadrillion (10^15 or 1,000 trillion) floating point operations per second. Supercomputers are fast but extremely costly, so they are generally used by large organizations to execute computationally demanding tasks involving large data sets. Supercomputers typically run military and scientific applications. Although costly, they are also being used for commercial applications where huge amounts of data must be analyzed. For example, large banks employ supercomputers to calculate the risks and returns of various investment strategies, and healthcare organizations use them to analyze giant databases of patient data to determine optimal treatments for various diseases and problems incurring to the country. ","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Hardware.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1604,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/F5_Networks.png","logo":true,"scheme":false,"title":"F5 Silverline Web Application Firewall","vendorVerified":0,"rating":"1.70","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":1,"alias":"f5-silverline-web-application-firewall","companyTitle":"F5 Networks","companyTypes":["vendor"],"companyId":2749,"companyAlias":"f5-networks","description":"F5 Silverline Web Application Firewall is a cloud based service with 24x7x365 support from highly specialized security experts. It helps organizations protect web applications and data, and enable compliance with industry security standards, such as PCI DSS. Silverline Web Application Firewall is available as a fully managed service for comprehensive and customized app protection, or as an express self-service for rapid deployment of expertly maintained policies.\r\n<span style=\"font-weight: bold;\">Managed service key benefits</span>\r\n<ul> <li>Ensure application security and compliance</li> <li>Get comprehensive protection from advanced layer 7 attacks, OWASP Top Ten application security risks, and zero-day attacks—and enable compliance with key regulatory mandates.</li> <li>Get 24x7x365 expert service</li> <li>Receive 24x7x365 access to web application firewall (WAF) experts who build, proactively monitor, and fine-tune WAF policies against known and emerging threats.</li> <li>Deploy flexibly across hybrid environments</li> <li>Ensure consistent web application security, availability, and user experiences across traditional and cloud data centers.</li> <li>Defend with proven security effectiveness</li> <li>Leverage security efficacy with technology built on the NSS Labs–recommended F5 BIG-IP® Application Security Manager™ (ASM), based on tests that demonstrate 99.89 percent overall security effectiveness.</li> <li>Drive operational and cost efficiencies</li> <li>Remove the complexity of WAF management,</li> <li>increase the speed to deploy new policies, and</li> <li>decrease operational expenses.</li> <li>Gain attack insights and intelligence</li> <li>Access reports through the cloud-based customer portal and incorporate external intelligence for securing apps against identified threats. </li> </ul>\r\n<span style=\"font-weight: bold;\">What’s Inside</span>\r\n<ul> <li>Drive Efficiencies with a Comprehensive Web Application Firewall Service</li> <li>Receive Expert Policy Building and Monitoring</li> <li>Hybrid Policy Management and Deployment</li> <li>Defend with Proven Security Effectiveness</li> <li>Comprehensive Attack Protection</li> <li>Built-In Compliance and Reporting Capabilities</li> <li>Gain Attack Insights and Intelligence</li> <li>Comprehensive Managed Service App Protection</li> <li>Streamlined Self-Service App Protection</li> <li>The Silverline Cloud-Based Platform</li> <li>Flexible Licensing</li> <li>Add-On Threat Intelligence Services</li> <li>F5 Security Operations Center</li> </ul>","shortDescription":"F5 Silverline Web Application Firewall is a cloud-based service with 24x7x365 support from highly specialized security experts. It helps organizations protect web applications and data.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":19,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"F5 Silverline Web Application Firewall","keywords":"","description":"F5 Silverline Web Application Firewall is a cloud based service with 24x7x365 support from highly specialized security experts. It helps organizations protect web applications and data, and enable compliance with industry security standards, such as PCI DSS. S","og:title":"F5 Silverline Web Application Firewall","og:description":"F5 Silverline Web Application Firewall is a cloud based service with 24x7x365 support from highly specialized security experts. It helps organizations protect web applications and data, and enable compliance with industry security standards, such as PCI DSS. S","og:image":"https://old.roi4cio.com/fileadmin/user_upload/F5_Networks.png"},"eventUrl":"","translationId":1605,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":19,"title":"WAF - Web Application Firewall"}],"testingArea":"","categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":2174,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/F5_ASM.jpg","logo":true,"scheme":false,"title":"F5 Big-IP Application Security Manager","vendorVerified":0,"rating":"1.70","implementationsCount":0,"suppliersCount":0,"supplierPartnersCount":1,"alias":"f5-big-ip-application-security-manager","companyTitle":"F5 Networks","companyTypes":["vendor"],"companyId":2749,"companyAlias":"f5-networks","description":"Protect your organization and its reputation by maintaining the confidentiality, availability, and performance of the applications that are critical to your business with F5 Web Application Firewall (WAF) solutions.\r\nF5 WAF solutions are deployed in more data centers than any enterprise WAF on the market. The comprehensive suite of F5 WAF solutions includes managed rulesets for Amazon Web Services (AWS); cloud-based, self-service, and managed service in the F5 Silverline cloud-based service delivery platform; application delivery controller (ADC) integration with F5 BIG-IP Application Security Manager (ASM); and F5 Advanced Web Application Firewall (Advanced WAF).\r\nAdvanced WAF redefines application security to address the most prevalent threats organizations face today:\r\n<ul> <li>Automated attacks and bots that overwhelm existing security solutions.</li> <li>Web attacks that steal credentials and gain unauthorized access across user accounts.</li> <li>Application layer attacks that evade static security based on reputation and manual signatures.</li> <li>New attack surfaces and threats due to the rapid adoption of APIs.</li> </ul>\r\nAdvanced WAF is built on proven F5 technology and goes beyond reactive security such as static signatures and reputation to proactively detect and mitigate bots, secure credentials and sensitive data, and defend against application denial-of-service (DoS).\r\nAdvanced WAF delivers flexible and comprehensive protections wherever apps reside and without compromising performance. Advanced WAF is offered as an appliance, virtual edition, and as a managed service—providing automated WAF services that meet complex deployment and management requirements while protecting your apps with great precision. It is the most effective solution for guarding modern applications and data from existing and emerging threats while maintaining compliance with key regulatory mandates.\r\n<span style=\"font-weight: bold;\">Key benefits:</span>\r\n<ul> <li>Protect web and mobile applications from malicious bots;</li> <li>Safeguard credentials and sensitive data from theft and abuse;</li> <li>Defend against sophisticated application denial-of-service (DoS);</li> <li>Mitigate sophisticated threat campaigns;</li> <li>Protect APIs;</li> <li>Ensure application security and compliance;</li> <li>Turn on protection immediately;</li> <li>Patch vulnerabilities fast;</li> <li>Deploy flexibly;</li> <li>Defend with proven advanced protections;</li> <li>Magnify threat knowledge.</li> </ul>","shortDescription":"A comprehensive web application firewall that protects apps and data from known and unknown threats, defends against bots that bypass standard protections, and virtually patches app vulnerabilities.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":5,"sellingCount":5,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"F5 Big-IP Application Security Manager","keywords":"","description":"Protect your organization and its reputation by maintaining the confidentiality, availability, and performance of the applications that are critical to your business with F5 Web Application Firewall (WAF) solutions.\r\nF5 WAF solutions are deployed in more data ","og:title":"F5 Big-IP Application Security Manager","og:description":"Protect your organization and its reputation by maintaining the confidentiality, availability, and performance of the applications that are critical to your business with F5 Web Application Firewall (WAF) solutions.\r\nF5 WAF solutions are deployed in more data ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/F5_ASM.jpg"},"eventUrl":"","translationId":2175,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":19,"title":"WAF - Web Application Firewall"}],"testingArea":"","categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":2236,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/F5_Big-IP_AFM.png","logo":true,"scheme":false,"title":"F5 Big-IP Advanced Firewall Manager","vendorVerified":0,"rating":"1.70","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":1,"alias":"f5-big-ip-advanced-firewall-manager","companyTitle":"F5 Networks","companyTypes":["vendor"],"companyId":2749,"companyAlias":"f5-networks","description":"<p>F5 BIG-IP Advanced Firewall Manager (AFM) is a high-performance, stateful, full-proxy network security solution designed to guard data centers against incoming threats that enter the network on the most widely deployed protocols. Built on F5’s industry-leading Application Delivery Controller (ADC), BIG-IP AFM gives enterprises and service providers the scalability, flexibility, performance, and control needed to mitigate the most aggressive, volumetric distributed denial-of-service (DDoS) attacks before they reach the data center.</p>\r\n<p>BIG-IP AFM’s unique application-centric design enables greater effectiveness in guarding against targeted network-level attacks. It tracks the state of network sessions, maintains deep application awareness, and uniquely mitigates attacks based on more granular details than traditional firewalls. With BIG-IP AFM, organizations receive protection from over 100 attack signatures—more hardware-based signatures than any other leading firewall vendor—and unsurpassed programmability, interoperability, and visibility into threat conditions.</p>\r\n<p><span style=\"font-weight: bold;\">Key benefits</span></p>\r\n<p><span style=\"font-weight: bold;\">Scale to meet network demand</span></p>\r\n<p>Meet demands for higher bandwidth usage and concurrency rates with F5’s proven TMOS architecture, hardware systems, and virtual editions to ensure performance while under attack.</p>\r\n<p><span style=\"font-weight: bold;\">Ensure application availability</span></p>\r\n<p>Secure networks from DDoS threats across a variety of protocols, with in-depth rules customization and increased performance and scalability.</p>\r\n<p><span style=\"font-weight: bold;\">Protect with app-centric, full-proxy firewall capabilities</span></p>\r\n<p>Inspect all incoming client connections and server-to-client responses, and mitigate threats based on security and application parameters before forwarding them on to the server.</p>\r\n<p><span style=\"font-weight: bold;\">Inspect SSL sessions</span></p>\r\n<p>Fully terminate and decrypt SSL traffic to identify potentially hidden attacks—at high rates and with high throughput.</p>\r\n<p><span style=\"font-weight: bold;\">Streamline firewall deployment</span></p>\r\n<p>Simplify security configuration with firewall policies oriented around applications and an efficient rules and policy GUI.</p>\r\n<p><span style=\"font-weight: bold;\">Customize reporting for visibility</span></p>\r\n<p>Easily understand your security status with rich customizable reports, logging, and charts that provide insight to all event types and enable effective forensic analysis.</p>","shortDescription":"F5 BIG-IP AFM is a high-performance, stateful, full-proxy network security solution designed to guard data centers against incoming threats that enter the network on the most widely deployed protocols","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":2,"sellingCount":3,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"F5 Big-IP Advanced Firewall Manager","keywords":"","description":"<p>F5 BIG-IP Advanced Firewall Manager (AFM) is a high-performance, stateful, full-proxy network security solution designed to guard data centers against incoming threats that enter the network on the most widely deployed protocols. Built on F5’s industr","og:title":"F5 Big-IP Advanced Firewall Manager","og:description":"<p>F5 BIG-IP Advanced Firewall Manager (AFM) is a high-performance, stateful, full-proxy network security solution designed to guard data centers against incoming threats that enter the network on the most widely deployed protocols. Built on F5’s industr","og:image":"https://old.roi4cio.com/fileadmin/user_upload/F5_Big-IP_AFM.png"},"eventUrl":"","translationId":2237,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[{"id":13,"title":"NG Firewall"}],"testingArea":"","categories":[{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":201,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/BIG-IP_Local_Traffic_Manager.jpg","logo":true,"scheme":false,"title":"BIG-IP Local Traffic Manager","vendorVerified":0,"rating":"1.70","implementationsCount":2,"suppliersCount":0,"supplierPartnersCount":1,"alias":"big-ip-local-traffic-manager","companyTitle":"F5 Networks","companyTypes":["vendor"],"companyId":2749,"companyAlias":"f5-networks","description":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intelligent traffic management decisions, selecting the right destination based on server performance, security, and availability.\r\n\r\nYes, BIG-IP LTM enables sophisticated load balancing. But, that’s just the beginning.\r\nFull proxy means full power.\r\n\r\nIf you can see it, you can manipulate it.\r\n\r\nBecause BIG-IP LTM is a full proxy, you can inspect, manage, and report on application traffic entering and exiting your network. From basic load balancing to complex traffic management decisions based on client, server, or application status, BIG-IP LTM gives you granular control over app traffic.\r\n\r\nFor example, if you want to direct traffic based on the requested URL or log specific server responses to a reporting system, BIG-IP LTM has the architecture and the tools you need to do it.\r\n\r\nOperational efficiency? Check.\r\n\r\nBIG-IP LTM can optimize the speed and reliability of your applications via both network and application layers.\r\n\r\nUsing real-time protocol and traffic management decisions based on application and server conditions, extensive connection management, and TCP and content offloading, BIG-IP LTM dramatically improves page load times and the user experience.\r\n\r\nWhether it’s negotiating high-latency networks or offloading millions of connections, BIG-IP LTM can improve the performance of your infrastructure and your applications.\r\n\r\nThe SSL performance of BIG-IP LTM lets you cost-effectively protect the end-to-end user experience by encrypting everything from the client to the server. It also scales on-demand and absorbs potentially crippling DDoS attacks.\r\n\r\nOften SSL is turned on throughout the network. Thing is, most network security devices aren’t built to detect malicious traffic in layers 4–7. Separating the good and bad traffic is the first problem, taking action on the malicious traffic is the second.\r\n\r\nBIG-IP LTM includes levels of inspection necessary to block bad traffic and allow good traffic to pass through.\r\n\r\n","shortDescription":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":7,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"BIG-IP Local Traffic Manager","keywords":"traffic, BIG-IP, application, network, server, your, based, management","description":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intel","og:title":"BIG-IP Local Traffic Manager","og:description":"BIG-IP Local Traffic Manager (LTM) gives you a depth of understanding about your network’s application traffic and control over how it’s handled. It transforms the chaotic volume of network traffic into logically assembled streams of data, and then makes intel","og:image":"https://old.roi4cio.com/fileadmin/user_upload/BIG-IP_Local_Traffic_Manager.jpg"},"eventUrl":"","translationId":202,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":500,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/F5_BIG-IP_DNS__ranee_Global_Traffic_Manager_-_GTM_.jpg","logo":true,"scheme":false,"title":"F5 BIG-IP DNS (formerly Global Traffic Manager - GTM)","vendorVerified":0,"rating":"1.70","implementationsCount":1,"suppliersCount":0,"supplierPartnersCount":1,"alias":"f5-big-ip-dns-formerly-global-traffic-manager-gtm","companyTitle":"F5 Networks","companyTypes":["vendor"],"companyId":2749,"companyAlias":"f5-networks","description":"Speed, meet security.\r\nBIG-IP DNS hyperscales up to 100 million responses per second (RPS) to manage rapid increases in DNS queries. \r\nWith a set of features that includes multicore scalability, DNS Express, and IP Anycast integration, BIG-IP DNS handles millions of DNS queries, protects your business from DDoS attacks, and ensures top application performance for users.\r\nBIG-IP DNS delivers a real-time, signed DNSSEC query response and DNS firewall services for attack protection and mitigates complex threats by blocking access to malicious domains.\r\nWorks with what you already have in place.\r\nBIG-IP DNS services integrate with DNS zone management solutions, increase DNS performance at the network edge, and mask the DNS back-end infrastructure.\r\n\r\nThat translates into higher productivity, server consolidation, faster responses, and protected DNS management.\r\nAll-over availability.\r\nBIG-IP DNS routes distributed app traffic to keep pace with changing network and user volumes that can overwhelm data centers during peak traffic times.\r\nBIG-IP DNS can also be configured as a full proxy for global load balancing applications and DNS across architectures, as well as across the globe. Plus, you can use it in virtual and hybrid cloud environments to extend DNS services and global app availability while keeping centralized control within the data center.\r\n","shortDescription":"BIG-IP DNS improves the performance and availability of your global applications by sending users to the closest or best-performing physical, virtual, or cloud environment. It also hyperscales and secures your DNS infrastructure from DDoS attacks and delivers a real-time DNSSEC solution that protects against hijacking attacks.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":5,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"F5 BIG-IP DNS (formerly Global Traffic Manager - GTM)","keywords":"BIG-IP, services, with, across, availability, that, global, queries","description":"Speed, meet security.\r\nBIG-IP DNS hyperscales up to 100 million responses per second (RPS) to manage rapid increases in DNS queries. \r\nWith a set of features that includes multicore scalability, DNS Express, and IP Anycast integration, BIG-IP DNS handles ","og:title":"F5 BIG-IP DNS (formerly Global Traffic Manager - GTM)","og:description":"Speed, meet security.\r\nBIG-IP DNS hyperscales up to 100 million responses per second (RPS) to manage rapid increases in DNS queries. \r\nWith a set of features that includes multicore scalability, DNS Express, and IP Anycast integration, BIG-IP DNS handles ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/F5_BIG-IP_DNS__ranee_Global_Traffic_Manager_-_GTM_.jpg"},"eventUrl":"","translationId":501,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":443,"title":"Application Delivery Controller (load balancer) - appliance","alias":"application-delivery-controller-load-balancer-appliance","description":" Application Delivery Controllers are the next generation of load balancers, and are typically located between the firewall/router and the web server farm. An application delivery controller is a network device that helps sites direct user traffic to remove excess load from two or more servers. In addition to providing Layer 4 load balancing, ADCs can manage Layer 7 for content switching, and also provide SSL offload and acceleration. They tend to offer more advanced features such as content redirection as well as server health monitoring. An Application delivery controller may also be known as a Web switch, URL switch, Web content switch, content switch and Layer 7 switch.\r\nToday, advanced application delivery controllers and intelligent load balancers are not only affordable, but the consolidation of Layer 4-7 load balancing and content switching, and server offload capabilities such as SSL, data caching and compression provides companies with cost-effective out-of-the-box infrastructure.\r\nFor enterprise organizations (companies with 1,000 or more employees), integrating best-of-breed network infrastructure is commonplace. However best-of-breed does not equate with deploying networks with enterprise-specific features and expensive products, but rather, deploying products that are purpose-built, with the explicit features, performance, reliability and scalability created specifically for the companies of all sizes.\r\nIn general, businesses of all sizes are inclined to purchase “big brand” products. However, smaller vendors that offer products within the same category can provide the optimal performance, features and reliability required, with the same benefits - at a lower cost.\r\nFor the enterprise market, best-of-breed comes with a high Total Cost of Ownership (TCO), since deploying products from various manufacturers requires additional training, maintenance and support. Kemp can help SMBs lower their TCO, and help them build reliable, high performance and scalable web and application infrastructure. Kemp products have a high price/performance value for SMBs. Our products are purpose-built for SMB businesses for dramatically less than the price of “big name” ADC and SLB vendors who are developing features that enterprise customers might use.","materialsDescription":" <span style=\"font-weight: bold;\">What are application delivery controllers?</span>\r\nApplication Delivery Controllers (ADCs) are the next stage in the development of server load balancing solutions. ADCs allow you to perform not only the tasks of balancing user requests between servers, but also incorporate mechanisms that increase the performance, security and resiliency of applications, as well as ensure their scalability.\r\n<span style=\"font-weight: bold;\">And what other possibilities do application controllers have?</span>\r\nIn addition to the function of uniform distribution of user requests, application delivery controllers have many other interesting features. They can provide around-the-clock availability of services, improve web application performance up to five times, reduce risks when launching new services, protect confidential data, and publish internal applications to the outside with secure external access (a potential replacement for outgoing Microsoft TMG).\r\nOne of the most important functions of application delivery controllers, which distinguish them from simple load balancers, is the presence of a functional capable of processing information issued to the user based on certain rules.\r\n<span style=\"font-weight: bold;\">What are the prerequisites for implementing application delivery controllers in a particular organization?</span>\r\nA number of factors can determine the criteria for deciding whether to implement application controllers in your organization. First, this is the poor performance of web services, which is a long download of content, frequent hangs and crashes. Secondly, such a prerequisite can be interruptions in the work of services and communication channels, expressed in failures in the transmitting and receiving equipment that ensures the operation of the data transmission network, as well as failures in the operation of servers.\r\nIn addition, it is worth thinking about implementing application delivery controllers if you use Microsoft TMG or Cisco ACE products, since they are no longer supported by the manufacturer. A prerequisite for the implementation of ADC may be the launch of new large web projects, since this process will inevitably entail the need to ensure the operability of this web project with the maintenance of high fault tolerance and performance.\r\nAlso, controllers are needed when you need to provide fault tolerance, continuous availability and high speed of applications that are consolidated in the data center. A similar situation arises when it is necessary to build a backup data center: here you also need to ensure fault tolerance between several data centers located in different cities.\r\n<span style=\"font-weight: bold;\">What are the prospects for the introduction of application controllers in Russia and in the world?</span>\r\nGartner's research shows that there have recently been marked changes in the market for products that offer load balancing mechanisms. In this segment, user demand shifts from servers implementing a simple load balancing mechanism to devices offering richer functionality.\r\nGartner: “The era of load balancing has long gone, and companies need to focus on products that offer richer application delivery functionality.”\r\nIn Russia, due to the specifics of the internal IT market, application controllers are implemented mainly because of the presence of some specific functionality, and not because of the comprehensive solution for delivering applications in general, which this product offers. The main task for which application delivery controllers are now most often sold is the same load balancing function as before.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Application_Delivery_Controller_load_balancer_appliance.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"suppliedProducts":[],"partnershipProgramme":{"levels":[{"id":261,"level":"Silver UNITY Reseller"},{"id":262,"level":"Gold UNITY Reseller"},{"id":263,"level":"Platinum UNITY Reseller"},{"id":264,"level":"UNITY Distributor"}],"partnerDiscounts":{"Silver UNITY Reseller":"","Gold UNITY Reseller":"","Platinum UNITY Reseller":"","UNITY Distributor":""},"registeredDiscounts":{"Silver UNITY Reseller":"","Gold UNITY Reseller":"","Platinum UNITY Reseller":"","UNITY Distributor":""},"additionalBenefits":[],"salesPlan":{"Silver UNITY Reseller":"","Gold UNITY Reseller":"","Platinum UNITY Reseller":"","UNITY Distributor":""},"additionalRequirements":[]}}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}