The Eight Components of a Strong Cyber Security Defense System

Transcription

1 The Eight Components of a Strong Cyber Security Defense System

2 SEG Secure Gateway An appliance that provides anti-spam and anti-malware protection. It is installed on top of a corporation s Server and pre-screens all inbound & outbound messages to prevent spearphishing campaigns, annoying marketing s and malware infected attachments. Also provides encryption for secure delivery of all outbound .

3 EPP End Point Protection An appliance that provides MDM (Mobile Device Management) to protect cell phones, tablets, and laptops within a corporation s network. Also provides personal workstation antivirus and personal workstation firewall by preventing the user from downloading harmful software on the internet and from malware infected websites.

4 NGFW Next Generation Firewall A traditional firewall is an appliance (either cloud-based or hardware on-premise solution) that controls the incoming and outgoing network traffic based on a set of pre-configured rules. It establishes a barrier between a trusted, secure network (such as that of a business entity) and the outside world; such as the internet. The term Next Generation refers to the firewall s ability to do more than just control traffic. Next Gen firewalls now also include the ability to perform Intrusion Prevention, Anti-Virus Inspection and traffic Decryption to identify harmful encrypted applications before they enter the company s network.

5 IPS WDS WIPS Intrusion Prevention System Intrusion Detection System Wireless Intrusion Prevenwtion System IDS / IPS / WIPS systems are appliances that monitor a computer network for malicious activity, log that activity, and attempt to block it / stop it, and report it to the appropriate IT Staff within the corporation. IDS / IPS / WIPS systems have the ability to send an alarm, drop the malicious packets, block the unwanted traffic, and reset the connection.

6 DLP Data Loss Prevention DLP is a strategy for making sure that end users in a business do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a Network Administrator control what types of data end users can transfer and how they are allowed do it.

7 SIEM Security Incident & Event Management Security incident and event management (SIEM) is the process of identifying, monitoring, recording, and analyzing security events or incidents within a corporate network. It also refers to hardware/software solutions that provide a comprehensive and centralized view of the security architecture of an IT infrastructure. The product manufacturers in this space can automatically alert network Administrators of breaches, attacks, and anomalies which typically occur within the company s network.

8 SWG Secure Web Gateway A hardware appliance and/or software solution similar to a Firewall which protects websurfing PCs from infection and enforce company policies regarding which websites users are allowed to visit, and what types of download can take place, etc. Employees themselves are sometimes guilty of visiting sites that are dangerous or somply inappropriate. The web can seem like a minefield for organizations trying to condeuct legitmate business. Secure Web Gateway technologies defuse the bombs.

9 UTM Unified Threat Management A bundled solution of all the seven (7) aforementioned security features in a single appliance. This is a more cost effective security architcture designed for small and mid-sized businesses where price and ease ofuse is a determining factor.