Your client’s internal network acts as a pivot between data, applications, and devices. Those who have access to the company network often have access to all kinds of sensitive data and can also influence day-to-day operations. Therefore, network security is indispensable. The most suitable means differ from one situation to another. We help you put together the right mix for your client.
Our Network Security portfolio includes all the necessary solutions for solid network security. Many of these techniques can be used as stand-alone or mixed.
The firewall is the first line of defence against the outside world. In addition, the firewall plays an important role in setting up a secure communication channel (VPN) to the outside world.
The traditional firewall only controlled data traffic based on a source and destination IP address in combination with a port number. But it’s been overtaken by the next-generation firewall in recent years. It analyses the data traffic much more intelligently and on multiple facets (including applications, users, and devices). More specific security rules can be applied based on this. This means that only the right users, possibly via the right device, have access to the IT resources.
Unified Threat Management
A Unified Threat Management (UTM) appliance combines multiple network security techniques. A UTM appliance is very suitable for clients with multiple locations. A firewall is then placed at the head office, possibly supplemented with more advanced techniques such as Secure Web and Email Gateways and Intrusion Prevention. The regional offices will be provided with a UTM appliance in which the firewall is combined with these security techniques.
Identity & Access Management
Identity & Access Management (IAM) takes care of all aspects of access control, such as the authentication and authorisation of users and the access rights they have. The solution uses various techniques (password, two-factor authentication, biometrics) to determine whether the user is indeed the person they claim to be. Once the identity has been established, the solution determines which applications, services, and data are available to this person based on the user profile.
Intrusion Prevention Systems
An Intrusion Prevention System (IPS) is a control system that analyses network packets and proactively denies network access if the packet contains a known threat.
Secure Mobile Access
A Secure Mobile Access (SMA) solution investigates whether a user has the correct login details and user rights and whether the endpoint used is secure. For example, an SMA solution checks the version and authenticity of the operating system and whether an antivirus solution is active on the device. This reduces the risk of malicious parties exploiting known leaks or infected devices gaining access to your client’s network.
Secure Email Gateways
Many cyber-attacks happen via email. For example, with phishing emails or by sending malware disguised as an innocent attachment. In addition, many data leaks occur via email. A Secure Email Gateway (SEG) blocks spam, detects malware in emails and attachments, and checks the content of emails for sensitive information (financial information, personal data, BSN, credit card information, etc.). It can also block email from certain countries and regions.
Secure Web Gateways
Employees who misuse the Internet connection for unauthorised purposes increase the risk of infection and are less productive. A Secure Web Gateway (SWG) is a stumbling block to this. With a SWG, your client can regulate access to specific websites and/or content. In addition, this gateway blocks access to the millions of malware and phishing websites that exist.
Data Loss Prevention
Data leaks cause damage to your client’s reputation and are a source of much frustration among your clients. Under current privacy legislation (GDPR), data leaks can also result in high fines. A Data Loss Prevention (DLP) solution detects situations where data is at risk and reduces the risk of data loss. For example, a DLP solution detects unauthorised access attempts to certain data and then blocks access. It can also protect data by encrypting it.
Backup & Recovery
Regular backups are essential to guarantee good availability. It is also essential to perform a restore to check those backups. In hybrid environments with interlinked applications and data, simply restoring a backup is no longer sufficient. Modern Data Center Backup & Recovery (DBR) solutions cover the entire network environment within a data center.
Web Application Firewalls
Hackers exploit vulnerabilities in web applications using methods such as SQL injection, cross-site scripting, and SSL hacking. A Web Application Firewall (WAF) prevents this. A WAF also blocks the display of sensitive personal data, such as credit card numbers and national registration numbers.