AhnLab TrusGuard UTM 500 安装手册. ④ 신뢰할 수 없는 구간으로부터의 안전한 연결을 위한 SSL-VPN 등으로 구성된 통합 보안 장비 (Unified Threat Management)입니다.
Hong Kong
- Hong Kong
Reinforces Protection and Response against Advanced Threats through flexible Interoperation with leading Security Solutions
Enhanced Threat Detection and Response through Interoperation
As more businesses become digital, the cyber-attacks are getting sophisticated to avoid the detection by ordinary security methods like antivirus, firewall and IPS. Thus, a significant number of services and applications are using encryption as the primary method of securing information, and the encrypted traffic has increased year over year. Although the attack methods are diverse, all are triggered by malware. Hence, adopting the exclusive unknown malware analysis solution and robust the endpoint protection by multi-layering the security solution is important.
To implement a more Powerful Multi-layered Response against Ever-evolving Security Threats from the encrypted traffic or files, the Solutions of A10 Thunder SSLi can decrypt the encrypted files first, then AhnLab MDS can analyze the unknown malwares and block the traffic, and NEC FileShell can encrypt various files with access control to secure all types of documents not yet leakage.
A10 Thunder SSLi
A10 Thunder SSLi is a comprehensive decryption solution to decrypt traffic across all ports, enabling third-party security devices to analyze all enterprise traffic without compromising performance
Intercept and decrypt SSL traffic from all security devices
- - Firewalls
- - Secure Web Gateways (SWG)
- - Intrusion Prevention Systems (IPS)
- - Unified Threat Management (UTM) platforms
- - Data Loss Prevention (DLP) products
- - Threat Prevention platforms
- - Network Forensics and Web Monitoring tools
- Forward decrypted traffic to malware analysis security devices (AhnLab MDS devices)
- Inspect traffic for attacks or data loss
- Encrypt decrypted traffic and forwards it to the intended destination
- (Optional) based on URL classification on the cloud (Webroot) – Thunder could bypass certain website categories for user’s privacy
AhnLab MDS
AhnLab MDS (Malware Defense System) is a sandbox-based security solution that combines on-premise and cloud-based analytics to stop advanced targeted threats anywhere across the organization. AhnLab MDS provides network-to-endpoint workflow-based detection and response to security threats coming from diverse range of vectors such as network, email and endpoint.
- Detects and analyze unknown threats or variants with multi-engine based hybrid analysis
- - Static detection based on signature, reputation, and machine learning
- - Sandbox-based dynamic behavior analysis
- Combat email-based threats that use spear phishing tactics. (file extension forgery, URL link, etc)
- Multi-layered responses to threats through integration as well as interoperation
- - Integrated responses at the network and endpoint levels
- - Interoperation with existing or third-party security solutions
- Provides optimized measures for each attack phase based on threat visibility
- - Attack flowchart displays threat type, infection vector, correlation, and detection status
- - Optimized response to specific and relevant attack phase
NEC InfoCage FileShell
NEC InfoCage FileShell is sensitive information protection software to encrypt various files with access control. It automatically protects electronic files and limits viewing and editing operations according to user rights so that users can share personal information, design information, and other confidential information safely and smoothly.
Ahnlab Mds
- Prevention of information leakage from contractors
NEC InfoCage FileShell can limit the viewing rights for Microsoft Office or CAD system electronic files passed to your contractors. This stops an employee at the contractor's viewing an electronic file that he/she has taken out of the company, preventing confidential information leakage. Moreover, because confidential information can still be shared while electronic files remain securely protected, operations can be performed without compromising convenience.
- Enhanced security without increasing user workload
Electronic files protected by NEC InfoCage FileShell can be viewed and/or edited in the protected state according to the user's rights. This means that the electronic file does not need to be protected again after use. In addition, linkage with Active Directory allows for single sign-on, eliminating hassles such as password entry when using electronic files.
Advantages
(1) Minimize Operational Costs
The Solutions is a centralized point to decrypt enterprise traffic, then block the traffic when analyzed the unknown malwares, and to encrypt various files with access control to secure all types of documents. It is able to ease the burden of security operation and offer long-term value for the organization through a low total cost of ownership and exceptionally rapid return on investment (ROI).
(2) Holistic file analysis to APT threat concealed by encrypted traffic
The Solutions can detect and analyze unknown malwares with machine learning based analysis engines regardless of its file type from encrypted traffic by decrypt traffic across all ports on a network level.
- Able to analyze traffic and files without compromising performance
- Able to decrypt the traffic from all ports and security devices
- Able to analyze all the files and malware behaviors with sandbox-based behavior analysis
- Able to provide the static detection based on signature, reputation, and machine learning
- Able to detect the latest attacks such as sandbox-aware attack or non-executable file based attack with “Dynamic Intelligence Content Analysis (DICA) technology.
- Able to analyze the email content, attachment and network traffic
- Able to detect and block traffic anomalies that attempt to connect to command and control(C&C)
(3) Robust endpoint protection and prevent data leakage
The Solutions can prevent and block the potential damage on user level by providing exclusive endpoint protection solution.
- Able to block the unknown malware execution (Ransomware) immediately on endpoint.
- Able to block the unknown threats from external devices (etc. USB)
- Able to analyze the potential abnormal process execution and files by scanning the endpoint
- Able to isolate the first infected endpoint and minimize the infection spreading
- Able to prevent the information leakage by limit the viewing rights for MS or CAD system
- Able to secure the data even leaked by encrypting the data cannot be read
- Able to manage the endpoint effectively by interlink with Active Directory
Software
Hong Kong
- Hong Kong
Reinforces Protection and Response against Advanced Threats through flexible Interoperation with leading Security Solutions
Enhanced Threat Detection and Response through Interoperation
As more businesses become digital, the cyber-attacks are getting sophisticated to avoid the detection by ordinary security methods like antivirus, firewall and IPS. Thus, a significant number of services and applications are using encryption as the primary method of securing information, and the encrypted traffic has increased year over year. Although the attack methods are diverse, all are triggered by malware. Hence, adopting the exclusive unknown malware analysis solution and robust the endpoint protection by multi-layering the security solution is important.
To implement a more Powerful Multi-layered Response against Ever-evolving Security Threats from the encrypted traffic or files, the Solutions of A10 Thunder SSLi can decrypt the encrypted files first, then AhnLab MDS can analyze the unknown malwares and block the traffic, and NEC FileShell can encrypt various files with access control to secure all types of documents not yet leakage.
A10 Thunder SSLi
A10 Thunder SSLi is a comprehensive decryption solution to decrypt traffic across all ports, enabling third-party security devices to analyze all enterprise traffic without compromising performance
Intercept and decrypt SSL traffic from all security devices
- - Firewalls
- - Secure Web Gateways (SWG)
- - Intrusion Prevention Systems (IPS)
- - Unified Threat Management (UTM) platforms
- - Data Loss Prevention (DLP) products
- - Threat Prevention platforms
- - Network Forensics and Web Monitoring tools
- Forward decrypted traffic to malware analysis security devices (AhnLab MDS devices)
- Inspect traffic for attacks or data loss
- Encrypt decrypted traffic and forwards it to the intended destination
- (Optional) based on URL classification on the cloud (Webroot) – Thunder could bypass certain website categories for user’s privacy
AhnLab MDS
AhnLab MDS (Malware Defense System) is a sandbox-based security solution that combines on-premise and cloud-based analytics to stop advanced targeted threats anywhere across the organization. AhnLab MDS provides network-to-endpoint workflow-based detection and response to security threats coming from diverse range of vectors such as network, email and endpoint.
Ahnlab Mds Agent Uninstall
- Detects and analyze unknown threats or variants with multi-engine based hybrid analysis
- - Static detection based on signature, reputation, and machine learning
- - Sandbox-based dynamic behavior analysis
- Combat email-based threats that use spear phishing tactics. (file extension forgery, URL link, etc)
- Multi-layered responses to threats through integration as well as interoperation
- - Integrated responses at the network and endpoint levels
- - Interoperation with existing or third-party security solutions
- Provides optimized measures for each attack phase based on threat visibility
- - Attack flowchart displays threat type, infection vector, correlation, and detection status
- - Optimized response to specific and relevant attack phase
NEC InfoCage FileShell
NEC InfoCage FileShell is sensitive information protection software to encrypt various files with access control. It automatically protects electronic files and limits viewing and editing operations according to user rights so that users can share personal information, design information, and other confidential information safely and smoothly.
- Prevention of information leakage from contractors
NEC InfoCage FileShell can limit the viewing rights for Microsoft Office or CAD system electronic files passed to your contractors. This stops an employee at the contractor's viewing an electronic file that he/she has taken out of the company, preventing confidential information leakage. Moreover, because confidential information can still be shared while electronic files remain securely protected, operations can be performed without compromising convenience.
- Enhanced security without increasing user workload
Electronic files protected by NEC InfoCage FileShell can be viewed and/or edited in the protected state according to the user's rights. This means that the electronic file does not need to be protected again after use. In addition, linkage with Active Directory allows for single sign-on, eliminating hassles such as password entry when using electronic files.
Advantages
(1) Minimize Operational Costs
The Solutions is a centralized point to decrypt enterprise traffic, then block the traffic when analyzed the unknown malwares, and to encrypt various files with access control to secure all types of documents. It is able to ease the burden of security operation and offer long-term value for the organization through a low total cost of ownership and exceptionally rapid return on investment (ROI).
(2) Holistic file analysis to APT threat concealed by encrypted traffic
The Solutions can detect and analyze unknown malwares with machine learning based analysis engines regardless of its file type from encrypted traffic by decrypt traffic across all ports on a network level.
- Able to analyze traffic and files without compromising performance
- Able to decrypt the traffic from all ports and security devices
- Able to analyze all the files and malware behaviors with sandbox-based behavior analysis
- Able to provide the static detection based on signature, reputation, and machine learning
- Able to detect the latest attacks such as sandbox-aware attack or non-executable file based attack with “Dynamic Intelligence Content Analysis (DICA) technology.
- Able to analyze the email content, attachment and network traffic
- Able to detect and block traffic anomalies that attempt to connect to command and control(C&C)
(3) Robust endpoint protection and prevent data leakage
The Solutions can prevent and block the potential damage on user level by providing exclusive endpoint protection solution.
- Able to block the unknown malware execution (Ransomware) immediately on endpoint.
- Able to block the unknown threats from external devices (etc. USB)
- Able to analyze the potential abnormal process execution and files by scanning the endpoint
- Able to isolate the first infected endpoint and minimize the infection spreading
- Able to prevent the information leakage by limit the viewing rights for MS or CAD system
- Able to secure the data even leaked by encrypting the data cannot be read
- Able to manage the endpoint effectively by interlink with Active Directory