ONESecurity

OverviewEnterprise FirewallAdvanced Threat ProtectionDDoS ProtectionSecure HostingThe Enterprise Immune System

Overview

Intelys ONESecurity provides secure networking capabilities across the business, anytime and anywhere.

With ONESecurity, your entire organization is fully secured by a single logical firewall. Headquarters, data centres, branch offices, mobile users and cloud resources are all connected together by an intelligent software-defined network with a unified security policy.

ONESecurity offers the following features, which can be selected independently. See “here” for dependencies.

  • Unified Cloud Portal (Intelys SIEM platform provides organizations of all sizes with a comprehensive, holistic, and scalable management platform for security, performance, and compliance management, from IoT to the cloud.);
  • Secure SD-WAN (Secure Software Defined WAN can provide an intelligent overlay network to your existing WAN, and in some cases replaces infrastructure such as MPLS);
  • Enterprise Firewall (Next-Generation Firewall, IPS/IDS, Internal Firewall Segmentation);
  • Advanced Threat Protection (Web Application Firewall, Sandboxing, Secure Email Gateway, and Endpoint Security);
  • DD0S
  • Internal Machine Learning Intelligence with Dark Trace.

Intelys security infrastructure is delivered as a single security platform but is built using best of breed vendor architecture. Intelys partner with Fortinet, Cisco, Juniper, Velocloud and Citrix.

Intelys has built a full network security stack directly into our pops (points-of-presence). This architecture extends enterprise-grade network security protection for every business user and location. Features such as Web Application Firewall or DDoS can be utilised in-country even in places like Africa where you would normally need to back haul traffic to European infrastructure for advanced security services.

Enterprise Firewall

Next Generation Firewall

Cybercriminals continue to launch automated and sophisticated attacks against organizations, threatening the foundation of cloud and digital transformation critical to efficient business operations.

Our  next-generation firewalls (NGFWs) provide high performance, multilayered validated security and granular visibility for end-to-end protection across the entire enterprise network. Our purpose-built security processors (SPUs) deliver scalable performance and ultra-low latency for advanced security capabilities. Our security services provide continuous threat intelligence updates and automated mitigation to keep organizations protected from advanced cyberattacks.

Our NGFWs reduce complexity and lower the total cost of ownership along with supporting scalable deployments at the network edge, data center, internal segments, and distributed branches.

IPS/IDS

The enterprise data center is evolving rapidly, incorporating technologies such as virtualization, software-defined networking, public cloud computing, along with advanced cyber security. Trying to apply traditional security solutions to these sorts of new technologies generally will not be effective. Enterprises need to evaluate their data center initiatives and how they will impact network security to ensure all areas of the data center remain protected.

In today’s dynamic and complex data centers, security must be flexible, effective, and easy to manage. It needs to bring order to the chaos—not add to it. Intelys can protect your physical, virtual, and cloud servers with one solution—whether it’s for data center, private cloud, or public cloud deployments.

Internal Segmentation Firewall

With advanced threats growing rapidly in number and sophistication, perimeter security is no longer enough to keep your sensitive information safe. Once a threat gains entry, it can spread and eventually extract the valuable assets it was sent to retrieve.

You can dramatically improve your security by adding Internal Network Segmentation Firewalls to your network to prevent the proliferation of threats once they get inside. ISFWs provide network segmentation inside the perimeter. They may sit in front of specific servers that contain valuable intellectual property or a set of user devices or web applications sitting in the cloud.

Advanced Threat Protection

Web Application Firewall

Unprotected web applications are the easiest point of entry for hackers and vulnerable to a number of attack types. Our multi-layered and correlated approach protects your web apps from the OWASP Top 10 and more. Our Web Application Security Service uses information based on the latest application vulnerabilities, bots, suspicious URL and data patterns, and specialized heuristic detection engines to keep your applications safe from:

  • Sophisticated threats such as SQL injection, cross-site scripting, buffer overflows, and cookie poisoning
  • Malicious sources
  • DoS attacks

It also includes layer 7 load balancing and accelerated SSL offloading for more efficient application delivery.

Sandboxing

Today’s threats are increasingly sophisticated and often bypass traditional malware security by masking their malicious activity. A sandbox augments your security architecture by validating threats in a separate, secure environment. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. It’s also a key component of our Advanced Threat Protection solution.

Secure Email Gateway

According to analysts, email security solutions from multi-product vendors have lagged behind changes in the threat landscape and email threats bypass traditional threat prevention technologies.  As a result, they recommend assessing the advanced threat defense capabilities of incumbent email security solutions, supplementing them or replacing them to fill gaps.

In fact, according to Verizon’s 2017 Data Breach Investigations Report, two-thirds of all malware leading to security incidents are initially delivered via email.  That’s why you need the powerful protection of Intelys SEG, as a high performance physical or virtual appliance in your data center, to help secure the dynamic enterprise attack surface.

Endpoint Security

Securing your endpoints against today’s threats on a myriad of devices can be quite a challenge for a number of reasons. Managing separate endpoint features is complex and time consuming. Disparate security products don’t share intelligence, resulting in slow threat response. And, lack of IT expertise to effectively administer endpoint security can let threats into your network. Intelys delivers easy-to-manage, automated, fully customizable endpoint security for a broad set of devices, removing those challenges.

DDoS Protection

DDoSDDoS Detection

Intelys DDoS includes a Sensor component which detects volumetric DDoS attacks by leveraging an extremely fast and highly innovative traffic anomaly detection engine. It profiles the on-line behavior of users and compares over 130 live traffic parameters against user-defined thresholds. The reaction to threats is automated using predefined action modules able to send notification emails, announce prefixes in BGP, generate SNMP traps, modify ACLs and execute custom scripts with access to an easy-to-use API that exposes 80+ live parameters. DDoS attacks are detected through packet sniffing, SNMP polling, or by using multi-vendor flow-based technologies.

DDoS Mitigation

Intelys DDoS mitigation includes a Filter component which ensures zero downtime for customers and services during Distributed Denial of Service attacks, without requiring operator intervention. It defends against DDoS attacks by cleaning the malicious traffic on-premise and notifies the attacker’s ISP during non-spoofed attacks. The malicious packets are blocked using intelligent, dynamic filtering rules that are applied to stateless software or hardware firewalls, or on BGP FlowSpec-capable routers. It can perform side-filtering with BGP off-ramping, or it can run on dedicated packet scrubbing servers deployed in the main data path.

Full Network Traffic Visibility

Intelys provide full network traffic visibility by using distributed Sensors (“probes”) able to capture IP packets, query SNMP devices and analyze flow records exported by Cisco NetFlow, Huawei Netstream, Juniper jFlow, cflowd, sFlow and IPFIX. All the collected data are accessible in a web-based user interface that provides custom dashboards, real-time traffic graphs and top statistics. You can quickly generate complex analytics with aggregated data for hosts, departments, interfaces, applications, protocols, autonomous systems and countries; view accurate bandwidth graphs for thousands of IP addresses, inspect packets and flows.

PCI Compliant Infrastructure Hosting

The PCI Data Security Standard (PCI DSS) provides a definitive set of data security requirements for organizations in the Payments Industry. Meeting these standards is essential for keeping your company’s sensitive financial information safe and, just as importantly, letting your clients know they can trust your organization with their financial data.

At Intelys, our PCI compliant infrastructure hosting solution is based on industry-proven methodologies and best-of-breed service offerings. We believe in surpassing compliance expectations, and our CCIE and CISSP certified professionals have designed our compliance solutions to meet or exceed all PCI merchant and service provider requirements.

Intelys delivers a private cloud and dedicated server options, giving your company the confidence and flexibility to run your security-sensitive financial operations in the environment that works best for you.

Managed cloud services to achieve IT efficiencies, increase capacity and flexibility without having to make capital investments.

Security defences include Web Application Firewalls, Logging, SIEM and IDS/IPS.

Web application firewall

Clients are provided with a service whereby firewalls are monitored “24/7” (twenty four hours a day, seven days a week). Our highly experienced certified security specialists will maintain security policies, backups and perform software and patch upgrades.

UTM features include: Control inbound and outbound access to the network, control access to websites and apps, prioritize traffic, dynamic filtering and block inappropriate web content.

Logging

Logging to help lower risk, improve security posture and reduce operational complexity.

Log data is the definitive record of what’s happening in an organisation and is an underutilized important source of truth for troubleshooting issues and supporting broader business objectives. Application logs and other machine data that’s highly variable, and in some cases unstructured, contains important data that traditional log management solutions don’t support or simply miss.

SIEM (Security Information and Event Management)

All data is monitored and considered security relevant and is indexed and analysed in real time.

Features include: aggregate and evaluation all security and compliance events, reporting and alerting, prevention of the spread of malware and advanced/unknown threat detection.

IDS/IPS (Intrusion Detection and Prevention System)

Our security specialists conduct ongoing forensic and trend analysis, and configure the IDS/IPS to control and monitor the health and performance of network security appliances.

We will be alerted when a host violates a configuration policy or attempts to access an unauthorized system. Malware can be detected and blocked utilizing cloud-analytics and Collective Security Intelligence.

The Enterprise Immune System

Learns the ‘self’ of your organization — automatically, No rules or signatures, Math & machine learning, Real-time threat detection

The Enterprise Immune System is the world’s most advanced machine learning technology for cyber defense. Inspired by the self-learning intelligence of the human immune system, this new class of technology has enabled a fundamental shift in the way organizations defend themselves, amid a new era of sophisticated and pervasive cyber-threats.

The human immune system is incredibly complex and continually adapts to new forms of threats, such as viral DNA that constantly mutates. It works by learning about what is normal for the body, identifying and neutralizing outliers that do not fit that evolving pattern of normality.

Darktrace applies the same logic to enterprise and industrial environments. Powered by machine learning and AI algorithms, Enterprise Immune System technology iteratively learns a unique ‘pattern of life’ (‘self’) for every device and user on a network, and correlates these insights in order to spot emerging threats that would otherwise go unnoticed.

Like the human immune system, the Enterprise Immune System does not require previous experience of a threat or pattern of activity in order to understand that it is potentially threatening. It works automatically, without prior knowledge or signatures, detecting and fighting back against subtle, stealthy attacks inside the network — in real time.

“Darktrace’s Enterprise Immune System has given us peace of mind that we are well-equipped to defend against today’s sophisticated attacks.”
Dane Sanderson, Global Security Director, Trek

“Security has to become fluid and adaptive”
Gartner, 2016

Vendors-checkpoint
Vendors-cisco
Vendors-darktrace
Vendors-fortinet
Vendors-juniper
Vendors-paloalto
Vendors-rsa
Vendors-sophos
Vendors-splunk