Birmingham 0121 647 6565
London 0207 871 9995
Email info@cygnia.co.uk
0121 647 6565 Birmingham
0207 871 9995 London
info@cygnia.co.uk
Downloads
Call 0121 647 6565 to find out more or use our Contact Form

Network Security

Network security is the foundation of a strong Cyber Security infrastructure. Its role is to prevent unauthorised access, misuse, modification, or denial of the organisations network and network-accessible resources. Types of network security solutions include Next Generation Firewalls (NGFW), Intrusion Prevention Systems (IPS), Virtual Private Networks (VPN’s) as well as access control for users connecting to the network and the prevention of Denial of Service (DoS) attacks. Organisations networks can be in one location, multiple locations or highly distributed through many virtual private connections. The recent trend is to extend access points to other organisations networks, these can be partners, cloud services, the public or contractors.

Cygnia technologies has solutions and experience in protecting all of these types of networks and remote connections. It incorporates:

 


+   Next Generation Firewalls

Next Generation firewalls give more granularity to their administrators. The key difference between next generation and traditional firewalls is the ability to control what users can do. This comes in the form of user identity. Once the user can be identified then URL Filtering, Application Control (restricting social media, webmail, instant messenger, etc) and Data Leakage Prevention (DLP), (the capability of sending information out of the gateway, email attachments, FTP, etc) can be granted down to a per user basis giving the organisation more management of users traversing the gateway. Advanced reporting features to capture user based activity and monitor it are also an aspect of next generation firewalls.

The other aspect of Next Generation Firewalls is their ability to deal with threats coming in to the network they offer Intrusion Prevention (IPS) which detects malicious code and passing through the gateway and thwarts it. With all this additional functionality there is an overhead on throughput and to have all the features running. Organisations may find they need significantly more processing power than if they were just running an old fashioned firewall.

 

Network Security - Intrusion Prevention

Intrusion Prevention

The main functions of Intrusion Prevention Systems are to identify malicious activity, log information about the activity, attempt to block or stop activity, and report the event.

Network Security - Application Control

Application Control

Provides granular control of applications such as Social Media, Webmail, Instant Messenger, etc. E.g. a user may be able to just have read only access to webmail but cannot send or upload attachments, or have access to social media sites but with the chat function and games turned off.

Network Security User Identity

User Identity

Turns IP addresses in to users, allowing administrators to have more granular control when setting up Application Control, URL Filtering and DLP.

Network Security URL Filtering

URL Filtering

Uses categories of websites to block users from accessing unproductive and inappropriate content. Combined with Application Control administrators can have a lot of control over what they can give users access to on the internet.

Network Security - Smart Reporting

Smart Reporting

Allows management to see security events as they happen and reporting on them post event. Multiple reporting streams can capture User, Firewall, IPS, Application and URL data.

Network Security - DLP

DLP

Data Leakage Prevention provides an additional layer of checking to what is leaving the organisation electronically. Typically covering SMTP, HTTP and FTP protocals DLP can prompt the user to agree that the action taken is the correct one, or silently monitor the situation in the background, reporting on what is being sent.


+   Intrusion Prevention Systems

Intrusion Prevention Systems (IPS) are network security appliances that monitor network and/or system activities for malicious activity. The main functions of Intrusion Prevention Systems are to identify malicious activity, log information about said activity, attempt to block/stop activity, and report the activity. Cygnia provide both Gateway IPS which can be included as part of a firewall or network sensor behind the firewall and Network IPS sensors that are placed on strategic parts of the network to detect malicious activity within the LAN.

Cygnia provide a range of IPS to suit the requirements and budgets of the customer.


+   Remote Access VPN Solutions

As working patterns change to accommodate modern business, more organisations need to connect their people remotely to the corporate network. SSL (Secure Socket Layer) or IPSec (Installed client on the end point) VPN (Virtual Private Networks) offer organisations the ability to connect their employees/ contractors securely over the interent as if they were connected inside the organisations network, with all of the functionality of the network resourses, e.g. email, CRM, network drives, etc.

Using encryption and end point checking/ protection it is possible to utilise the public internet securely from remote locations such as the end users home, hotels and Wi-Fi hotspots without having to set up expensive dedicated data lines.

Coupling a Strong Authentication solution for two factor authentication the organisation can have a full remote access solution, where the end user is securely authenticated and protected when connecting to the network from outside the LAN (Local Area Network).

Cygnia offer solutions from key vendors and can provide SSL (Secure Socket Layer) or IPSec (Installed Client) options.


+   Strong Authentication

Strong Authentication using two factor verification (Something you have and something you know) dramatically reduces the risk of someone gaining unauthorised access to an organisations network. For the end user there are many token types including, key fob tokens, software tokens for PC’s and mobile devices, card token’s and SMS tokens. Organisations can choose a suitable token for their users, whether they regularly connect remotely (E.g. home workers) or use the service infrequently out of hours and for emergencies.

Cygnia offer a range of two factor authentication solutions from industry leading vendors.


+   Network Access Control (NAC)

Network Access Control (NAC) is implemented to check the credentials of a device (PC, or Mobile Device) that is trying to connect to the network. It works by not permitting access to anything unless it complies with a business defined policy; including anti-virus protection level, system update level and configuration. While the computer is being checked by a pre-installed software agent, it can only access resources that can remediate (resolve or update) any issues.

Once the policy is met, the computer is able to access network resources and the Internet, within the policies defined within the NAC system.

Cygnia offer a range of NAC solutions from industry leading vendors.


+   Web Application Firewalls

A Web Application Firewall (WAF) is specifically designed to protect websites and ecommerce services. It operates by monitoring and potentially blocking the input, output, or system service calls that do not meet the configured policy of the WAF.

Different from traditional firewalls and NGFW’s that control where network traffic is going, WAF’s look at all the network traffic that passes through them from the OSI layer up to the application layer and prevent malicious events such as “Cross site scripting” and “SQL injections” which traditional firewalls and NGFW’s do not.

If you have web facing services that have databases or ecommerce applications a WAF is critical to protecting these assets even if there is a network firewall also protecting them.

Cygina provide a number of leading WAF vendors, which include appliances, software and cloud services.


+   Distributed Denial of Service (DDOS) Protection

A Denial of Service (DoS) or Distributed Denial of Service (DDoS) attack is an attempt to make a machine or network resource (E.g. Website, Firewall, Portal, VPN, etc) unavailable to its intended users by overloading the service with requests. This is generally done over the internet and can cost organisations money, productivity, loss of reputation and trust from users.

DDoS protection works by identifying attacks and preventing them from happening. It takes out the malicious traffic allowing the legitimate traffic to continue to its destination and keeping the resource available.

Cygina provide solutions from a number of leading DDoS vendors, which include appliances, software and cloud services.


Call 0121 647 6565 to find out more or use our Contact Form

We knew the technology could do the job and was reasonably priced. What won us over was how helpful Varonis and Cygnia were. They were really keen to help set up a demo, and were able to move quickly to get us up and working in a matter of days.

Karl Kroger – Data and Security Administrator, Ipswich Hospital NHS Trust

Having worked with Cygnia for a number of years, we trust them to advise on our security infrastructure. Their recommendations on defending against cyber attacks is critical to our business. We are already seeing the benefits of this new technology and could not be happier with the implementation process.

Paul Stern – IT Network and Security Manager, Arriva Trains

Network security is imperative to C24, it is one of the defining areas of our business. The expertise of Cygnia around this area provides us with comfort, and in turn has allowed us to reassure our customers that their security is covered. We have also come to recognise that the service provided by Cygnia is, in our opinion one of the best in the industry.

Paul Hemming – Managing Director, C24

Implementing a Direct Access solution has made remote working much simpler for council employees; this has seen double the amount of people using the service. As a result the authority will save money by being able to consolidate its property portfolio and staff have benefited from greater flexibility in their work arrangements.

Gavin Booth – Telecoms Service Manager, North Yorkshire County Council

Cygnia’s Managed Firewall Solution has provided us with a great service. Our security is taken care of by experts, so we can focus on running the business.

Infrastructure Manager, DP World London

Cygnia have provided excellent consultancy services and have always responded quickly to support queries and issues.

Pam Rowley, Infrastructure Planning Manager, Staffordshire County Council

If you are looking for a proactive partner to advise you on the latest security vectors and help you get the most out of your Check Point investment I can certainly recommend Cygnia. Their Account Managers, Technical Consultants and Support Team have all been first class.

David Moore – Head of IT, Chiltern Railways