AGEN
DA
Who we are?
Q & A?
Unified Threat Management
InfoSys Gateway Sdn. Bhd. (797304-H)
Incorporated in 2007 Bumiputra owned Company
MSC Status Company, Registered with Ministry of Finance (MOF), Kementah (MINDEF), Malaysia Industry Council for Defence, Enforcement &
Security(MIDES), MATRADE, SME-CORP and OIC- CERT.
Successfully innovated and developed a network security appliance with continuous R&D for enhancement and future innovation.
1st Malaysian developed unified network security product named iDERAS.
It is an innovation and development company specialized in ICT Network Security Appliance. We have developed a unique Hybrid Unified Threats Management Solution specially to
combat new types of cyber-threats for today's environment.
Malaysia's first innovation to develop Unified Network Security Appliance
iDeras Unified Threat Management (UTM) has received a global certification on Common Criteria Evaluation Level 2, certified by CyberSecurity Malaysia.
Global Certification Common Criteria EAL 2
Threat
is Everywhere!
According to last year’s Information Breaches Survey conducted by PwC for the Department of Business Innovation & Skills:
93% of large businesses had a security breach in the last year;
87% of SMEs had a security breach in the last year;
Only 14% of large organisations know that outsiders have stolen confidential data and;
And only 9% of small organisations know that outsiders have
stolen confidential data.
What is more alarming is that the
majority of organisations are not
aware whether their corporate networks have been subjected
How Advance Threats is
Impacting
Business Each
Day?
Probable scenarios of how an organisation may be impacted by advance threats in their organisation: System downtime
Credentials compromise
Loss/compromise crucial customer data Damage to system
Financial loss Brand damage
Our Proposed
Solution
to Counter Advance Cyber
Threats:
In order to secure Sabah’s ICT environment, we proposed solutions
consists of:
Malaysia First Innovation Unified Network Security Innovation
,
‘iDeras’
.
Introduction to
U
nified
T
hreat
M
anagement
Gartner defines Unified Threat Management as:
VPN BANDWIDTH MANAGEMENT DIRECTORY INTEGRATOR POLICY MANAGER FIREWALL REPORT WAN BALANCER WAN FAILOVER APPLICATION CONTROL HTTPS INSPECTOR SPAM BLOCKER SPAM BLOCKER WEB CACHE LOCAL MNGMNT PORTAL IDS/IPS
Prevention System
• Perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks.
• Performs protocol analysis, content searching, and content matching. • Detects probes or attacks, including, but not limited to, operating
system fingerprinting attempts, common gateway interface, buffer overflows, server message block probes, and stealth port scans.
Thousands of signatures for a variety of attacks
New attack signatures automatically downloaded to the client’s server.
Bandwidth Management
Limit abusers' bandwidth when using unwanted protocols, like BitTorrent or P2P.
Give different users and/or groups different bandwidth usage rights. Give important servers and services bandwidth reservations.
Track and monitor bandwidth usage and bandwidth abusers. Troubleshoot bandwidth-related network slow-downs.
Assign per-user, per-site, and per-application quotas.
Guarantee Network bandwidth for users and/or applications. Limit hosts to certain hourly/daily/weekly bandwidth quotas.
Punish unauthorized network usage attempts by rate-limiting network connections for users that violate Acceptable Usage Policies
Directory Integrator
Leverage existing Active Directory or RADIUS deployments.
Use with built-in local directory.
Authenticate users when automatically upon PC login with our login script.
Reporting (PDF/HTML) and Reporting by username.
Policy Manager
Time-based policies: Lunch hour vs. On-the-clock. Day-based policies: Weekday vs. Weekend.
User or group-based policies: Engineering vs. Sales. Runs at the gateway with no client software to install.
Reporting (PDF and HTML) and logging to monitor network, system and user behaviour.
Set up policies using any or all of the following criteria:
Day of week Time of day
Username (requires Directory Connector) Client and/or Server IP Address
Protocol (TCP/UDP) Port
Firewall
Match on the following qualifiers:
Destination Address Destination Port Destination Interface Source Address Source Interface Protocol Username
Reports
Summary, detail, and per user reports.
Automated email report delivery.
Report archive.
Report data available in CSV format.
IPSec VPN
Provides support for all current encryption protocols.
Seamless integration with existing IPsec VPN networks.
Enables secure site-to-site connections between trusted networks.
Mobile Policy Enforcement features include:
L2TP for simple authentication without the need for additional third
party software
Remote enforcement for Windows, Mac, iOS and Android devices
Remote users get all the benefits from the same policies and
protections as users behind an NG Firewall
Full or split tunnel VPN
WAN Balancer
Allocates traffic across multiple internet providers. Helps you maximize bandwidth.
Improves network performance.
Supports up to 7 independent WANs with QoS enabled (over 200 with QoS disabled).
Includes Wan Failover for maximum uptime.
Each WAN connection will require its own separate network card in the server.
Each Internet connection must be in separate IP address space. PPPoE must be handled by the upstream DSL modem.
Your maximum available bandwith will be improved as there will be more to go around, however the maximum speed will still be that of the particular ISP used for each connection.
WAN Failover
Automatically detects Internet outages and switches to the backup provider.
Customize thresholds and tests per connection.
Logs Internet downtime making it easy to identify connections with poor reliability.
Each WAN connection will require its own separate network card in the server.
Each Internet connection must be in separate IP address space.
If present, PPPoE must be handled by the upstream DSL modem.
Application Control
Allow, block, flag or tarpit hundreds of applications from an intuitive GUI.
Integrated Rules Engine (IRE) works with other applications to give you
unprecedented control over even the most complex traffic.
Use for fine-tuning user access to match your policy requirements. For
example, allow access to a social networking site, but block its games and
videos.
Control even protocol-agile applications like Ultrasurf.
Stop productivity and bandwidth drains and keep malware off your network.
HTTPS Inspector
HTTPS Inspector works by presenting a false certificate signed by a root Certificate
Authority that must be installed on each host if HTTPS decryption is to take place without a browser warning. After presenting the certificate, it will endpoint the SSL connection, send the unencrypted HTTP traffic through all the applications, then create a new SSL connection on the other side.
Spam Blocker
• Industry-leading detection rate at 99.96%
• Perimeter protection - blocks spam before it reaches the mail server
• Complete global solution - protects against all types of spam with any
content, in any location, format or language including image-based
and double-byte languages
• Perimeter protection - blocks spam before it reaches the mail server
• Bayesian Filters
• Real-time Blacklist using published IP addresses linked to spamming
• URL, Image and Character Filtering that blocks known spam
signatures
SPAMAnti Phishing
Block phishing email on SMTP.
Blocks malicious 'pharming' websites.
Event log of phish caught.
Reports show how many fraud emails were stopped, who they were targeting, and
from where they were sent.
Web Cache
Stores frequently requested web resources.
Decreases bandwidth usage.
Decreases response time.
Supports the caching of web content and software updates (Including
Microsoft® Updates).
Local Management Portal
• Require users to view and/or accept an Acceptable Use Policy before accessing the internet.
• Authenticate users against Local Directory, RADIUS or Microsoft Active Directory. • Configure Portal to be displayed only to a subset of your network.
• Separate mobile devices to a different view with different policies for BYOD (bring your own device) environments. Pages can be displayed by operating system
and/or device type. Show different captive portal pages to wireless and wired users. • Show a warning page when the user goes over quota or is added to the penalty
box for bad behavior.
