GreekEnglish (UK)

logo 08 13-d

Menu

Secure Networks and Compliance

asfalidiktya1

The issues that keep most IT and IT security practitioners up at night are the theft of their organization’s intellectual property, including research and development, business strategies, industrial processes, customer and product base. Another target of network attackers is confidential information used to obtain authentication credentials to infiltrate networks and enterprise systems.
In the data center today, several major trends are happening in parallel, with each representing a fundamental change in terms of how IT is managed. 
For the security teams responsible for safeguarding corporate IT assets, these trends present a host of challenges, necessitating several new capabilities, approaches and tools to ensure ongoing, effective security.

The enterprise threat landscape continues to evolve, with increasingly complex and malicious attacks being directed at the corporate network. Additionally, threats are emerging and spreading more quickly than ever, exploiting the growing number of possible points of attack. These newer points of vulnerability are caused by increased user mobility, remote locations, and the number of devices accessing the network.

The continued rollout of new applications also poses incremental risks for new attacks. For enterprise customers, these problems require additional diligence on the part of IT groups to manage threats. Tasks such as ongoing research into threat trends, management of a complex spectrum of network devices and critical applications, and ensuring service-level agreements (SLAs), create a reactive environment in enterprise IT organizations that can overburden an already struggling IT staff.

asfalidiktya2


In today’s operating business environment, barely a day passes where we do not hear of a new exploit, virus, trojan, worm, data or security breach. Additionally, the organizational footprint continues to expand which pose additional challenges. Many enterprises face a more distributed network architecture than ever before with remote and satellite offices with global locations. With consultants, vendors, partners and guests accessing network resources, security has become a top of mind issue both for IT and business lines in the organization.

The intelligence and the capabilities of the hackers and their tools on one side, and the capabilities of the security and defense systems used in order to protect the networks and the data which are travelling on them are in constant and never-ending war.

External and internal vulnerabilities affect every business regardless of size and every vertical.

Shortcomings of any sort as well as complacency in general resulting in negligence of security measures are merciless and will inevitably result in substantial risks and damages which will cause unexpected, unbudgeted and totally unforeseen financial losses and costs.


The network-items deserving protection and security provisions are grouped as shown here:

  asfalidiktya3

The protection and the security of the NewGen computer networks cannot be static any more. It has to be Dynamic, in order to be able to adapt continuously to any given situation at any time, under any circumstance. 

youtubeDynamic Security   

The legacy security model protecting fully the central computational systems and computers as well as the systems within a well defined perimeter (including affiliates, subsidiaries, outlets, etc) belongs definitely to the past. This model –
 CASTLE MODEL- is not able to protect effectively and efficiently new type of needs and infrastructures like CLOUD, Mobility, BYOD, etc.

The new Security Model is multi-level, caters for Virtual infrastructures and it also can authenticate and authorize applications versus users and serve them according to the rights and privileges assigned to them, taking into account the type of device they are using at that specific moment, according to their current geographical location, the network they are using, as well as a myriad of other criteria, all decided by central administration – the HOTEL MODEL.

asfalidiktya18

At United-Telecom, we are building and offering to our customers only needs-based security solutions addressing their concerns regarding the security, the integrity, the legality, the compliance towards obligations imposed on them by Regulation Authorities and others, etc of their data networking infrastructures.

As enterprises adopt cloud apps across virtually every business function, integration across apps is critical. App vendors have built ecosystems solution that enable enterprises to execute business more efficiently, facilitate important workflows, and make better decisions. The statement “The sum of the whole is greater than the sum of the parts” describes the paradigm well. This has given rise to ecosystems, or groups of satellite cloud apps that orbit popular “anchor tenant” apps.

asfali23

Each of these anchor tenant apps has hundreds of ecosystem partners. For example, we observe active usage of an average 28 Box, 20 Dropbox, 19 Google Apps, and 26 Salesforce ecosystem apps. 
Organizations that are concerned about protecting sensitive data in the cloud need to go beyond securing the anchor tenant Apps and incorporate those apps’ ecosystems into their cloud app monitoring and policy regimens.

When our solutions for threat management and managed security technologies are bundled, they provide a comprehensive and highly scalable security functionality that delivers exceptional value to our customers. Exceptional, comprehensive functionality includes integrated security policy, network and device level management, virtualization of zones, routers, LANs and systems, and advanced access management and endpoint security.

Solutions addressing these needs, include:

· SRX
  Secure Services Gateways

· vSRX
  Virtual FireWall
 

· UTM - Unified Threat Management
  APPSECURE - L7 Application Control

· Junos Space Security Director

· DDoS Secure
  Spotlight Threat Intelligence Platform

· SIEM - Secure Analytics
  CLOUD Analytics

· Pulse Connect Secure
  SSL VPN Solutions
 

· Pulse Policy Secure
  NAC & BYOD Solutions

· Pulse Secure Gateways 

· Safe Cloud Enablement
  with Netskope

· Safe ID - Management
  for Cloud APP's

· Safe Cloud Enablement
  for most popular Cloud App's

 

 

 



 

 

  adobe-pdf-logo SRX - SECURE SERVICES GATEWAYS 

The SRX Secure Services Gateway series of High-performance networking equipment delivers high a very wide range of functionalities, top performance data security, enormous flexibility in network connectivity, high density of connection ports and a very comfortable management GUI.

The SRX’s will help You build a comprehensive security infrastructure in the DataCenter of the Enterprise  as well as it will provide tremendous flexibility in the branch office networks. It will also provide secure connectivity for remote users with the best available cost-benefit coefficient providing a multifunctional device capable of routing, WAN interconnectivity, Switching, and UTM - Unified Threat Management with a constantly high level of performance
.

 adobe-pdf-logo SRX for Enterprise


asfalidiktya13b

 

The Juniper Networks® SRX Services Gateways for Data-Centers are next-generation intelligent security platforms that deliver outstanding protection, market-leading performance, six nines reliability and availability, scalability, and services integration. These devices are ideally suited for service provider, large enterprise, and public sector networks, Cloud and hosting providers, Managed service providers.

Delivering the highest level of protection from Layer 3 to Layer 7, these platforms feature a carrier grade next generation firewall with advanced security services such as application security, Unified Threat Management (UTM), Intrusion Prevention System (IPS), and integrated threat intelligence services.

 adobe-pdf-logo SRX for DataCenter

 

 adobe-pdf-logo VIRTUAL FIREWALL - vSRX

The Virtual & Stateful FireWall (vSRX) designed for Hypervisor is used in Virtual Data Centers and in CLOUD setups. It will monitor and protect them while their maximum capacity and performance remains untouched.

The vSRX uses two basic features—zones and policies. The default configuration contains, at a minimum, a “trust” and an “untrust” zone. Additionally, it provides integrated tools for UTM, like Intrusion-detection (IDS), Virtualization-specific Antivirus (AV), Antispam (AS), WebFiltering and L7 - APP.Control, as well as tools for Management and Compliance
.

 youtubeJuniper vSRX: Advanced Security Features
 adobe-pdf-logo JUNOS Space: Security Director

asfalidiktya6b


The vSRX solution is optimized to leverage multiple virtual CPUs to maximize packet processing and overall throughput in the virtual environment. Each vSRX VM also has multiple virtual network interface cards (vNICs), which can be connected to various virtual networks to simultaneously protect multiple zones of similar VMs. Operating from within the virtual fabric, Juniper Networks' vSRX provides the best and strongest security with the performance needed to support a virtualized or cloud environment.

The vSRX provides mission-critical reliability, supporting chassis clustering for both active/active as well as active/passive modes providing full stateful failover for any connections being processed as well as for cluster members to span hypervisors.

 

 adobe-pdf-logo UTM - Unified Threat Management 


Design and Implementation of a 
Unified Threat Management (UTM) system providing an holistical security mechanism for the LAN which ensures higher productivity with it’s multi-layered  integrated central Antivirus, Antispam,  Web Filtering, Intrusion Detection and Prevention system as well as total  Application Control.

Your Benefits:

• Comprehensive, all-in-one, layered security solution
• Reduced costs and complexity in a single, integrated
  device
• Flexibility with cloud-based and onbox anti-malware
  options

asfalidiktya4b

adobe-pdf-logo APPSECURE - L7 Application Control 

AppSecure is a complete suite of Next-Gen (NG) Networking capabilities which can identify and match applications and users and combine them as per predefined policies, can record and report fully on the usage of the network, can support decisions on secure and access policies in order to protect the integrity of the corporate data as well as the networking investments, can impose priorities according to QoS requirements of specific applications, like Voice over the IP network.

With this, You will be able to hinder misuse and damages due to internal shortcomings in security matters, which are quite difficult to detect and prevent otherwise.

asfalidiktya19b

 

asfalidiktya20b

 

asfalidiktya5b

         

 adobe-pdf-logo JUNOS SPACE SECURITY DIRECTOR 


Juniper Networks® Junos® Space Security Director is an application on the Junos Space Network Management Platform, providing extensive security scale, granular policy control, and policy breadth across the network by implementing security policy management for both physical and virtual firewalls (Juniper’s Networks SRX Series Services Gateways as well as vSRX’s).

It helps administrators quickly manage all phases of the security policy life cycle for stateful firewall, unified threat management (UTM), intrusion prevention system (IPS), application firewall (AppFW), VPN, and Network Address Translation (NAT) through a centralized web-based interface through an intuitive, centralized web-based interface that offers enforcement across emerging and traditional risk vectors.


Junos Space Security Director reduces management costs and errors with efficient security policy, workflow tools, and a powerful “app” and platform architecture. Security administrators can use Junos Space Security Director to speed and simplify security administration and reduce management costs and errors with efficient security policy and workflow tools.


asfalidiktya21


Because the
Junos Space Security Director runs on the Junos Space Network Management Platformit enables administrators to extend their policy control capabilities both broadly and deeply. This includes managing security policy horizontally across multiple Juniper Networks SRX Series Services Gateways, and vertically to manage logical system (LSYS) instances or dense and varied security rule bases on individual SRX Series devices. This reach improves security policy consistency and compliance, even as networks scale. 

 

adobe-pdf-logo Junos Space Network Management Platform 


asfalidiktya27 

Junos Space Security Director helps organizations improve the reach, ease, and accuracy of security policy administration with a scalable, GUI based management application. It helps administrators more quickly and intuitively manage all phases of security policy lifecycle, from policy creation to remediation, through one centralized web-based interface.

 

Key features and benefits include:


tick  Fast and easy enforcement of security state across
     the end-to-end network

tick  Quick, easy translation of business policies into
     network configuration with minimal manual
     intervention

tick  Rapid deployment of thousands of devices with
     minimal user intervention and truck rolls

tick  Setup of thousands of IPsec VPNs in minutes rather
     than days

tick  Easy point-and-click interface to enable security
     architects to design, validate, and deploy security
     policies consistently across a distributed network

tick  Patent pending technology called security domains to
     allow security restrictions to be applied to distributed
     network resources, reducing configuration errors

tick  Policy abstraction to enable users to simply drag and
     drop a policy onto security devices

tick  Policy locking that reduces configuration errors by
     preventing simultaneous edits

tick  Policy versioning for configuration snapshots and
     rollback capabilities

tick  Topology view of the network for fully automated
     visualization and configuration of security devices

 

 

adobe-pdf-logo DDoS SECURE 


The 
Juniper Networks® DDoS Secure technology has been ensuring availability of critical business resources for some of the world’s busiest e-commerce, financial, and public sector customers for over a decade. Additionally, DDoS Secure now delivers an always-on Hybrid DDoS solution for handling multivector attacks that require a coordinated on-premises and cloud-based approach for mitigation.

asfalidiktya22

 

Juniper’s world-class technology has kept pace with the changing threat landscape in enterprise and service provider networks and is offering a highly effective, fine-grained DDoS mitigation solution, DDoS Secure protects network resources, regardless of which attack vectors are being deployed. DDoS Secure uses a stateful analysis and heuristics approach to DDoS mitigation that provides protection for high volume attacks, as well as advanced “low and slow” application attacks with minimal false positives. The solution delivers fully automated application-layer DDoS protection for Web (HTTP) and secure Web (HTTPS) applications, Domain Name Systems (DNS), and VoIP systems (SIP).


DDoS Secure can be deployed as an on-premise hardware appliance or as a virtual machine (VM) in private, public or hybrid cloud environments.

 

adobe-pdf-logo SPOTLIGHT THREAT INTELLIGENCE PLATFORM

 
Linking security intelligence to policy enforcement for rapid protection against advanced threats.

As the threat landscape continues to accelerate and evolve, the security industry continues to respond with a variety of disparate new detection technologies. Unfortunately, this approach results in customers struggling to manage a patchwork of uncoordinated security tools, leaving a gap between detection and enforcement at the firewall. Many next-generation firewalls (NGFW) include integrated capabilities, such as intrusion prevention system (IPS), antivirus signatures, and proprietary reputation feeds, but they are closed systems that are not capable of taking full advantage of the highly diverse third-party and custom feeds utilized by customers, specific to their industry.


Juniper’s Spotlight Secure threat intelligence platform addresses these challenges and constraints by aggregating threat feeds from multiple sources to deliver open, consolidated, actionable intelligence to SRX Series firewalls across the organization. These sources include Juniper threat feeds from our cloud-based service, third-party threat feeds, and threat detection technologies that the customer can deploy. The security intelligence service extracts relevant multi-threat feeds and delivers them to SRX Series firewalls for advanced threat protection. Administrators can define enforcement policies from all feeds via a single, centralized management point, Junos Space Security Director.

asfalidiktya23

 

 adobe-pdf-logo SIEM - JSA SECURE ANALYTICS

The Security Information & Event Management (SIEM) solution of Juniper Networks provides a central console for centralized control, which integrates a series of functions for the management and analysis of network behavior.

The SIEM system will help enterprises lower the cost of network management as well as improve on it’s effectiveness and performance. It will also help in establishing the necessary level of security in the network and to monitor security events.

asfalidiktya24


Further it will provide transparency in the network functions and the facilitation of security rules. It will monitor the performance of the applications and the activities of their authenticated users.

adobe-pdf-logo Meeting PCI Standards with JSA Security Analytics


Last not least it will support the security responsible track down events which are correlated with security events and breaches, providing also reports which are needed as part of security compliance regulations.


asfalidiktya16b

 

adobe-pdf-logo CLOUD ANALYTICS ENGINE


Juniper Networks
® Cloud Analytics Engine provides “network context” to applications. As more and more applications are moved to public and private clouds, security, application performance, and application availability are becoming significant challenges. With the growth of network virtualization, Infrastructure as a Service (IaaS) and Software as a Service (SaaS) offerings, public, private, and hybrid clouds, and the proliferation of business-critical applications running in the cloud, networks have to be more flexible and application-aware than ever to dynamically meet service-level agreements (SLAs).

asfalidiktya25

 

Cloud Analytics Engine provides an aggregated and detailed level of visibility, tying applications and the network together to deliver an application-centric view of network status, improving customers’ ability to quickly roll out new applications and troubleshoot problems.

asfalidiktya26

 

         

adobe-pdf-logo PULSE CONNECT SECURE SSL VPN SOLUTIONS


Pulse Connect Secure is the leading SSL VPN solution, enhanced for BYOD mobility, for market-leading seamless connectivity to corporate networks and resources.

Unmatched Clientless Access:
asfali17

asfali18
Optimized Enterprise Connectivity:
asfali19
 
asfali21

 Rich Access Privilege Management Capabilities

When users log into the Pulse Connect Secure, they pass through a pre-authentication assessment and are then dynamically mapped to the session role that combines established network, device, identity, and session policy settings. Users have access only to those resources that are deemed necessary for that session, according to administrator-defined policies. 

 

youtubeSSL-VPN for Secure Access & Virtual Desktop

 

 adobe-pdf-logo PULSE POLICY SECURE NAC & BYOD SOLUTIONS


A mobility ready network access control (NAC) and BYOD solution that resides on the network & protects enterprises by seamless enforcement of security policies for all users, devices and applications accessing the enterprise.

Mobility ready NAC & BYOD Solution:
asfali14

asfali13
Simple, Secure & Easy Deployment:
asfali15
 
asfali16

 

 

adobe-pdf-logo PULSE SECURE GATEWAYS 


Pulse Secure’s MAG Series Gateways work in concert with Pulse and deliver SSL VPN secure remote connectivity and/or Network Access Control (NAC) through a single converged gateway. Pulse and the MAG Series gateways address the needs of users regardless if they are mobile, remote or local, delivering performance and security while keeping costs low.

asfali10


The MAG Series gateways deliver increased deployment density, extensive scalability, and easily reconfigurable ”personality” changes between secure mobile and Remote Access (SSL VPN) and Network Access Control (NAC) modes. The combination of extensible, purpose-built gateways working hand-in-hand with Pulse and its associated services—including Pulse Connect Secure and Pulse Policy Secure—delivers secure mobile, remote, and LAN-based access control for users of mobile devices, laptops, and desktops in a way that is specifically designed to change the economics of enterprise security and the access infrastructure.

asfali11


The Pulse Secure Gateways are tightly integrated with the SRX Secure Services Gateways of Juniper Networks enabling application-aware firewall policies between them. This feature provides a cost-effective solution to secure specific applications within the network—typically the data center—by enabling the Pulse Policy Secure to allow its identity-based list of user roles to be accessed by the SRX Series gateway. The end user benefits from a seamless experience thanks to the integrated Windows domain SSO functionality via Active Directory.

adobe-pdf-logo Integrated SSL-VPN, Access Control, and MDM
            Solutions on 1 Device


Together with its partners, Pulse Secure has integrated Pulse Secure’s Connect Secure and Policy Secure gateway solutions with Mobile Device Management (MDM) solutions such as MobileIron and Airwatch—bringing the productivity and flexibility of BYOD, without compromising security or increasing management complexity.


The
Benefits of this integration are:

· Secure Remote connectivity
· Seamless onboarding and admission control
· Zero-touch application configuration
· Flexibility with security

 

asfali12


Today’s workers are mobile. They need to connect securely to their corporate network or cloud-APP around the clock and around the world—anytime, anywhere.

adobe-pdf-logo Empowering Mobile Productivity

         

adobe-pdf-logo SAFE CLOUD ENABLEMENT WITH netscope-logo 


Netskope™ is the leader in safe cloud enablement. Netskope gives IT the ability to find, understand, and secure cloud apps. Only Netskope empowers organizations to direct usage, protect sensitive data, and ensure compliance in real-time, on any device, for any cloud app so the business can move fast, with confidence
.

 

asfali2

 

Netskope helps you navigate the path towards safe cloud enablement by enabling you to be successful during each of the three stages:


STAGE 1: FIND
 

asfali3


STAGE 2: UNDERSTAND

asfali3b


STAGE 3: SECURE

asfali3c

 

 Netskope’s ™ Safe Cloud Enablement gives IT the ability to find, understand, and secure sanctioned and unsanctioned cloud apps. With Netskope, organizations can direct usage, protect sensitive data, and ensure compliance in real-time, on any device, including native apps on mobile devices and whether on-premises or remote, and with the broadest range of deployment options in the market

With Netskope, the business can move fast, with confidence.

asfali4

 

See below selected characteristics of some Netskope Products:

asfali9

 

adobe-pdf-logo Netskope Discovery

adobe-pdf-logo Netskope Active Platform

adobe-pdf-logo Netskope Active Cloud DLP

adobe-pdf-logo WP: DLP Prevention and Monitoring in the CLOUD

youtube Netskope CLOUD DLP


youtube SAFE ID-MANAGEMENT FOR CLOUD APP's 


Your organization is adopting cloud apps in a big way, and for good reason — these apps help people get their jobs done more quickly, easily, and flexibly than traditional software. But if you can’t manage people’s access or enforce usage policies, it’s hard for you to really embrace those apps
.

asfali5

 

What if you could bring all of those apps under one umbrella, manage their access with an industry-leading identity management solution, discover and run deep analytics on new apps, and enforce granular cloud app usage policies? That visibility and control would allow you to get out ahead of the cloud app adoption that is already happening and ensure security and compliance for those apps.

Netskope, with specific enterprise-grade ID-management services for cloud, mobile and interconnected businesses, provides an integrated solution that enables you to manage your cloud apps in a closed-loop manner, bring all of your cloud apps into your identity management fold, and ensure consistent cloud app security and compliance.
 

One such cloud-based Identity Management Service is the Okta identity management service, which integrates with existing directories and identity systems, as well as thousands of on-premises, cloud-based and mobile applications, to enable IT to securely manage access anywhere, anytime and from any device.

 

adobe-pdf-logo Netskope & Okta Safe ID-Management for Cloud APP's

asfali6

 

Another cloud-based Identity Management Service is the OneLogin identity management service, which controls cloud app access using existing directory infrastructure, quickly on- and off-board team members, and gives end users secure single sign-on to all their apps.

adobe-pdf-logo Netskope & OneLogin Safe ID-Management for Cloud APP's

asfali7 


Another world-class next-generation cloud-based Identity Management Service is the PING-One ID-Management service, used by more than 50% of the Fortune-100 companies, which discovers and onboards all cloud apps – known and unknown – and generates comprehensive, end-to-end reporting of cloud app access and usage
.

adobe-pdf-logo Netskope & PING Safe ID-Management for Cloud APP's 

asfali8


The cloud-based ID-Management systems presented before are tightly integrated with Netskope. They detect presence of the Netskope browser add-on or mobile profile. If Netskope is present on the computer or device, the user may proceed to use the app. If not, the ID-Management system will redirect the user for a quick Netskope install, followed by automated redirection to the cloud app.

adobe-pdf-logo 10 MUST-Haves for a Cloud APP Policy 

adobe-pdf-logo How to talk to Your Board about the Cloud 

adobe-pdf-logo CCI: Cloud Confidence Index 

 

adobe-pdf-logo SAFE CLOUD ENABLEMENT FOR MOST POPULAR CLOUD APP's. WHY THEY SHOULD MATTER TO YOU.  

 

asfali24

With Netskope for Office 365 you get visibility into activity and data - level usage datails with in Office 365 and the cloud Apps which constitute the Office 365 ecosystem.

youtubeNetskope for Office 365 
youtube Netskope for Office 365: Quarantine and Legal Hold

asfali25

 

asfali27

With Netskope for Salesforce you maintain complete security controls ensuring compliance with global regulations.

It allows you to answer questions like “Who’s sharing sensitive content outside of the company, and with whom?”

asfali28

 

asfali30asfali37

With Netskope for Dropbox and Netskope for BOX you can prevent loss of sensitive data, give IT the visibility they need, and get the most out of your Dropbox & BOX investments. Further you can standardize and drive users to Dropbox and BOX and you can also understand and secure Dropbox and BOX usage in your organization.

youtube Netskope for DropBox  youtubeNetskope for BOX
asfali31

 

asfali33

Google Apps for Work has become the productivity suite of choice for many enterprises. 

With Netskope for Google Apps you can answer questions like “Who’s sharing sensitive content outside of the company, and with whom?”. You will also be able to understand usage in Google Apps and its ecosystem, get visibility into activity and data-level usage details within Google, along with the cloud apps that are part of Google’s app ecosystem.

asfali34

 


adobe-pdf-logo

  Secure Access to the Virtual DataCenter

adobe-pdf-logo  Deception of the Hacker

youtube integrate SECURITY by DESIGN to Your Computer Network

And many more special - purpose solutions.

asfalidiktya17

Click for more: 
juniperlogo black

Click for more: 
pulse-logowhite

Click for more: 
netscope-logo1

Click for more: 
allied-logo1

 

Login or Sign Up