Einloggen
Products
Our Products
Pitch Avatar
Create an avatar for the event
IT catalogs
Find IT product
Bonus4Reference
Get reference from user
IT catalogs
it_our_it_catalogs
Find and compare IT products
Learn implementation reviews
Find vendor and company-supplier
Explore IT products by category
About Us
Blog
Sign Up
Sign In
Home
/
Deployments
/
barracuda-message-archiver-for-kyivstar
Deployment date: undefined
-
Anonymous
Anonymous
{"global":{"lastError":{},"locale":"de","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"implementationDetail":{"description":{"ru":"Описание","_type":"localeString","en":"Description"},"status":{"en":"Status","ru":"Статус","_type":"localeString"},"show":{"en":"Show more","ru":"Показать ещё","_type":"localeString"},"hide":{"en":"Hide","ru":"Скрыть","_type":"localeString"},"details":{"ru":"Подробности","_type":"localeString","en":"Details"},"categories":{"_type":"localeString","en":"Categories","ru":"Категории"},"additional-info":{"ru":"Дополнительная информация","_type":"localeString","en":"Additional information"},"project-was-put":{"en":"The project has been delivered on schedule","ru":"Проект был сдан в срок","_type":"localeString"},"budget-not-exceeded":{"ru":"Бюджет не был превышен","_type":"localeString","en":"The budget has not been exceeded"},"functionally-task-assignment":{"en":"Functionality complies with task","ru":"Функциональность соответствует задаче","_type":"localeString"},"similar-implementations":{"ru":"Схожие внедрения","_type":"localeString","en":"Similar deployments"},"source":{"ru":"Источник:","_type":"localeString","en":"Source:"},"price":{"_type":"localeString","en":"Price: ","ru":"Цена:"},"pluses":{"ru":"Плюсы","_type":"localeString","en":"Advantages"},"raiting":{"_type":"localeString","en":"Raiting","ru":"Общая оценка"},"user":{"en":"User","ru":"Пользователь","_type":"localeString"},"vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"supplier":{"_type":"localeString","en":"Supplier","ru":"Поставщик"},"product":{"en":"Product","ru":"Продукт","_type":"localeString"},"canceled":{"ru":"Отменено","_type":"localeString","en":"Canceled"},"deal-canceled":{"ru":"Сделка отменена","_type":"localeString","en":"Deal canceled"},"deal-closed":{"ru":"Сделка закрыта","_type":"localeString","en":"Deal closed"},"deal-in-progress":{"ru":"Сделка в процессе","_type":"localeString","en":"Deal in progress"},"deal-is-planned":{"_type":"localeString","en":"Deal is planned","ru":"Сделка планируется"},"finished":{"_type":"localeString","en":"Finished","ru":"Завершено"},"in-process":{"_type":"localeString","en":"In Process","ru":"Ведется"},"planned":{"ru":"Планируется","_type":"localeString","en":"Planned"},"proof-of-concept":{"ru":"Пилотный проект","_type":"localeString","en":"Proof of concept"},"stopped":{"_type":"localeString","en":"Stopped","ru":"Остановлено"},"date":{"_type":"localeString","en":"Deployment date","ru":"Дата внедрения"},"roi":{"en":"ROI","ru":"ROI","_type":"localeString"},"not-yet-converted":{"en":"Data is moderated and will be published soon. Please, try again later.","ru":"Данные модерируются и вскоре будут опубликованы. Попробуйте повторить переход через некоторое время.","_type":"localeString"}},"header":{"help":{"en":"Help","de":"Hilfe","ru":"Помощь","_type":"localeString"},"how":{"_type":"localeString","en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает"},"login":{"en":"Log in","de":"Einloggen","ru":"Вход","_type":"localeString"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"de":"FAQ","ru":"FAQ","_type":"localeString","en":"FAQ"},"references":{"de":"References","ru":"Мои запросы","_type":"localeString","en":"Requests"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find-it-product":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"autoconfigurator":{"_type":"localeString","en":" Price calculator","ru":"Калькулятор цены"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"catalogs":{"ru":"Каталоги","_type":"localeString","en":"Catalogs"},"products":{"_type":"localeString","en":"Products","ru":"Продукты"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"categories":{"en":"Categories","ru":"Категории","_type":"localeString"},"for-suppliers":{"en":"For suppliers","ru":"Поставщикам","_type":"localeString"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"ru":"Сделки","_type":"localeString","en":"Deals"},"my-account":{"ru":"Мой кабинет","_type":"localeString","en":"My account"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"_type":"localeString","en":"Deletion","ru":"Удаление"},"comparison-confirm":{"en":"Are you sure you want to delete","ru":"Подтвердите удаление","_type":"localeString"},"search-placeholder":{"_type":"localeString","en":"Enter your search term","ru":"Введите поисковый запрос"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"en":"Find IT product","_type":"localeString"},"sub_b4reference":{"en":"Get reference from user","_type":"localeString"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"en":"Find and compare IT products","_type":"localeString"},"it_implementations":{"en":"Learn implementation reviews","_type":"localeString"},"it_companies":{"en":"Find vendor and company-supplier","_type":"localeString"},"it_categories":{"en":"Explore IT products by category","_type":"localeString"},"it_our_products":{"en":"Our Products","_type":"localeString"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString","en":"All rights reserved"},"company":{"de":"Über die Firma","ru":"О компании","_type":"localeString","en":"My Company"},"about":{"de":"Über uns","ru":"О нас","_type":"localeString","en":"About us"},"infocenter":{"_type":"localeString","en":"Infocenter","de":"Infocenter","ru":"Инфоцентр"},"tariffs":{"ru":"Тарифы","_type":"localeString","en":"Subscriptions","de":"Tarife"},"contact":{"_type":"localeString","en":"Contact us","de":"Kontaktiere uns","ru":"Связаться с нами"},"marketplace":{"en":"Marketplace","de":"Marketplace","ru":"Marketplace","_type":"localeString"},"products":{"ru":"Продукты","_type":"localeString","en":"Products","de":"Produkte"},"compare":{"de":"Wähle und vergleiche","ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare"},"calculate":{"ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost","de":"Kosten berechnen"},"get_bonus":{"de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"salestools":{"de":"Salestools","ru":"Salestools","_type":"localeString","en":"Salestools"},"automatization":{"de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation"},"roi_calcs":{"de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"matrix":{"de":"Vergleichsmatrix","ru":"Матрица сравнения","_type":"localeString","en":"Comparison matrix"},"b4r":{"ru":"Rebate 4 Reference","_type":"localeString","en":"Rebate 4 Reference","de":"Rebate 4 Reference"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter","de":"Melden Sie sich für den Newsletter an"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"ru":"Политика конфиденциальности","_type":"localeString","en":"Privacy Policy"},"user_agreement":{"_type":"localeString","en":"Agreement","ru":"Пользовательское соглашение "},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"quote":{"ru":"Калькулятор цены","_type":"localeString","en":"Price calculator"},"boosting":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"4vendors":{"ru":"поставщикам","_type":"localeString","en":"4 vendors"},"blog":{"en":"blog","ru":"блог","_type":"localeString"},"pay4content":{"en":"we pay for content","ru":"платим за контент","_type":"localeString"},"categories":{"en":"categories","ru":"категории","_type":"localeString"},"showForm":{"_type":"localeString","en":"Show form","ru":"Показать форму"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"ru":"Email","_type":"localeString","en":"Email"},"subscribe__name-label":{"ru":"Имя","_type":"localeString","en":"Name"},"subscribe__required-message":{"ru":"Это поле обязательное","_type":"localeString","en":"This field is required"},"subscribe__notify-label":{"en":"Yes, please, notify me about news, events and propositions","ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString"},"subscribe__agree-label":{"_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data","ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*"},"subscribe__submit-label":{"ru":"Подписаться","_type":"localeString","en":"Subscribe"},"subscribe__email-message":{"en":"Please, enter the valid email","ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"en":"Last, first name","ru":"Имя Фамилия","_type":"localeString"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"en":"Subscription is unsuccessful. Please, try again later.","ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString"},"roi4presenter":{"de":"roi4presenter","ru":"roi4presenter","_type":"localeString","en":"Roi4Presenter"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"en":"Home","ru":"Главная","_type":"localeString"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"_type":"localeString","en":"Products","ru":"Продукты"},"implementations":{"_type":"localeString","en":"Deployments","ru":"Внедрения"},"login":{"_type":"localeString","en":"Login","ru":"Вход"},"registration":{"en":"Registration","ru":"Регистрация","_type":"localeString"},"b2b-platform":{"_type":"localeString","en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ"}},"comment-form":{"title":{"_type":"localeString","en":"Leave comment","ru":"Оставить комментарий"},"firstname":{"_type":"localeString","en":"First name","ru":"Имя"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"en":"Company name","ru":"Компания","_type":"localeString"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"ru":"Фактическая стоимость","_type":"localeString","en":"Actual cost"},"received-roi":{"ru":"Полученный ROI","_type":"localeString","en":"Received ROI"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"_type":"localeString","en":"Comment","ru":"Комментарий"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"_type":"localeString","en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности"},"send":{"ru":"Отправить","_type":"localeString","en":"Send"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"ru":"На сайте проводятся технические работы","_type":"localeString","en":"Site under maintenance"},"message":{"_type":"localeString","en":"Thank you for your understanding","ru":"Спасибо за ваше понимание"}},"filters":{"from":{"ru":"от","_type":"localeString","en":"from"},"to":{"_type":"localeString","en":"to","ru":"до"},"filter-price-title":{"_type":"localeString","en":"Filter by price","ru":"Фильтр по цене"},"view-type-label":{"en":"View","ru":"Вид","_type":"localeString"},"sort-type-label":{"ru":"Сортировка","_type":"localeString","en":"Sorting"},"category":{"_type":"localeString","en":"Category","ru":"Категория"},"follow":{"ru":"Следить","_type":"localeString","en":"Follow"},"add-product":{"ru":"Добавить продукт","_type":"localeString","en":"Add Product"},"show-all":{"_type":"localeString","en":"Show all","ru":"Показать все"},"filter-toggle":{"ru":"Фильтр","_type":"localeString","en":"Filter"},"clear-button":{"ru":"Очистить","_type":"localeString","en":"Сlear"},"delivery-type-field":{"_type":"localeString","en":"Delivery type","ru":"Тип поставки"},"product-categories-field":{"en":"product categories","ru":"категориz продуктаhjle","_type":"localeString"},"providers-field":{"en":"Providers","ru":"Поставщик, производитель","_type":"localeString"},"business-tasks-field":{"ru":"Бизнес задачи","_type":"localeString","en":"Business tasks"},"problems-field":{"_type":"localeString","en":"Problems","ru":"Проблемы"},"with-discounts-checkbox":{"_type":"localeString","en":"With discounts","ru":"Со скидками"},"expert-price-checkbox":{"ru":"Конфигуратор","_type":"localeString","en":"Configurator"},"roi-calculator-checkbox":{"en":"ROI-calculator","ru":"ROI-калькулятор","_type":"localeString"},"apply-filter-button":{"ru":"Применить фильтр","_type":"localeString","en":"Apply filter"},"sorting-toggle":{"_type":"localeString","en":"Sorting","ru":"Сортировка"},"show-all-button":{"ru":"Показать все","_type":"localeString","en":"Show all"},"suggest-product-button":{"ru":"Предложить продукт","_type":"localeString","en":"Suggest product"},"with-projects-label":{"ru":"С внедрениями","_type":"localeString","en":"With deployments"},"bonus-4-reference":{"en":"Bonus 4 Reference","ru":"Бонус за референс","_type":"localeString"},"product-categories":{"_type":"localeString","en":"Product Categories","ru":"Категории продуктов"},"countries":{"ru":"Страны","_type":"localeString","en":"Countries"},"seller":{"en":"Seller","ru":"Продавец","_type":"localeString"},"vendors":{"en":"User products vendors","ru":"Производители продуктов пользователя","_type":"localeString"},"suppliers":{"en":"User suppliers","ru":"Поставщики пользователя","_type":"localeString"},"business-process":{"en":"Problems","ru":"Проблемы","_type":"localeString"},"business-objectives":{"en":"Business tasks","ru":"Бизнес задачи","_type":"localeString"},"branch":{"ru":"Отрасль","_type":"localeString","en":" Branch"},"users":{"en":"Users","ru":"Пользователи","_type":"localeString"},"status":{"en":"Status","ru":"Статус","_type":"localeString"},"info-source":{"ru":"Информационный ресурс","_type":"localeString","en":"Info source"},"with-reference-checkbox":{"_type":"localeString","en":"With reference","ru":"С референсами"},"show-deal-checkbox":{"_type":"localeString","en":"Show deal with noname","ru":"Показывать сделки с noname"},"roi-checkbox":{"en":"ROI","ru":"ROI","_type":"localeString"},"problems":{"ru":"Проблемы","_type":"localeString","en":"Problems"},"find":{"ru":"Выполнить поиск","_type":"localeString","en":"Find"},"deal-date":{"_type":"localeString","en":"Date","ru":"Дата"},"try-button":{"en":"Try AI (Beta)","ru":"Попробовать AI (Beta)","_type":"localeString"},"hide":{"ru":"Скрыть","_type":"localeString","en":"Hide"},"company-size":{"ru":"Размер компании","_type":"localeString","en":"Company size"},"add-company":{"en":"Add company","ru":"Добавить компанию","_type":"localeString"},"add-implementation":{"en":"Add deployment","ru":"Добавить внедрение","_type":"localeString"},"sort-title-asc":{"ru":"От А до Я","_type":"localeString","en":"From A to Z"},"sort-title-desc":{"en":"From Z to A","ru":"От Я до А","_type":"localeString"},"sellers-field":{"ru":"Поставщики, Производители","_type":"localeString","en":"Sellers"},"supply-types":{"ru":"Тип поставки","_type":"localeString","en":"Supply type"},"with-comments-checkbox":{"en":"With comments","ru":"С комментариями","_type":"localeString"},"supplier":{"_type":"localeString","en":"Supplier","ru":"Поставщик"},"vendor":{"ru":"Производитель","_type":"localeString","en":"Vendor"},"user":{"_type":"localeString","en":"User","ru":"Пользователь"},"company-type":{"ru":"Тип компании","_type":"localeString","en":"Company type"},"partners-field":{"_type":"localeString","en":"Partners","ru":" Партнеры"},"customers":{"en":"Customers","ru":"Покупатели","_type":"localeString"},"product-supplier":{"en":"Product supplier","ru":"Поставщик продукта","_type":"localeString"},"product-vendor":{"_type":"localeString","en":"Product vendor","ru":"Производитель продукта"},"implementation-date":{"ru":"Дата внедрения","_type":"localeString","en":"Deployment date"},"canceled":{"ru":"Отменено","_type":"localeString","en":"Canceled"},"deal-canceled":{"ru":"Сделка отменена","_type":"localeString","en":"Deal canceled"},"deal-closed":{"ru":"Сделка закрыта","_type":"localeString","en":"Deal closed"},"deal-in-progress":{"_type":"localeString","en":"Deal in progress","ru":"Сделка в процессе"},"deal-is-planned":{"en":"Deal is planned","ru":"Сделка планируется","_type":"localeString"},"finished":{"_type":"localeString","en":"Finished","ru":"Завершено"},"in-process":{"_type":"localeString","en":"In Process","ru":"Ведется"},"planned":{"ru":"Планируется","_type":"localeString","en":"Planned"},"proof-of-concept":{"ru":"Пилотный проект","_type":"localeString","en":"Proof of concept"},"stopped":{"ru":"Остановлено","_type":"localeString","en":"Stopped"},"competencies":{"ru":"Компетенции","_type":"localeString","en":"Competencies"}}},"translationsStatus":{"implementationDetail":"success","filters":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"implementationDetail":{}},"pageMetaDataStatus":{"implementationDetail":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{"barracuda-web-application-firewall-for-automobile-industry":{"id":645,"title":"Barracuda Web Application Firewall for automobile industry","description":"Challenges:\r\n<ul><li>Protect against sophisticated attacks</li><li>Ensure uninterrupted online access</li><li>Support a multi-application environment</li><li>Prevent loss of personal/sensitive data</li><li>Scale easily</li><li>Easy to install and manage</li></ul>\r\nThe Barracuda CloudGen WAF provides an extra layer of fine-grained security, which allows the engineers to closely monitor traffic profiles and automatically mitigate unusual behavior and attacks. Hyundai was impressed with how easy it was to install and manage, and how well it performed.\r\nThe experts at Barracuda Central work 24x7 to monitor and block the latest Internet threats. Data from more than 150,000 collection points is analyzed to create and deliver protection against previously unknown threats within minutes of their discovery via Energize Updates. As new types of threats emerge, the Barracuda Web Application Firewall will acquire new capabilities to block them.\r\nHyundai found that Barracuda Networks was the right security and application delivery partner to protect it from sophisticated attacks, optimize its network, and keep IT resource needs low with its ease of installation and use. Barracuda Networks provided a complete, affordable, scalable solution that filled the application delivery and network security needs of this company.\r\nResults:\r\n<ul><li>Network is always up and running</li><li>Confidential data is safe</li><li>Easy to manage and monitor web applications across the network</li></ul>","alias":"barracuda-web-application-firewall-for-automobile-industry","roi":0,"seo":{"title":"Barracuda Web Application Firewall for automobile industry","keywords":"","description":"Challenges:\r\n<ul><li>Protect against sophisticated attacks</li><li>Ensure uninterrupted online access</li><li>Support a multi-application environment</li><li>Prevent loss of personal/sensitive data</li><li>Scale easily</li><li>Easy to install and manage</li></","og:title":"Barracuda Web Application Firewall for automobile industry","og:description":"Challenges:\r\n<ul><li>Protect against sophisticated attacks</li><li>Ensure uninterrupted online access</li><li>Support a multi-application environment</li><li>Prevent loss of personal/sensitive data</li><li>Scale easily</li><li>Easy to install and manage</li></"},"deal_info":"","user":{"id":5058,"title":"Hyundai","logoURL":"https://old.roi4cio.com/uploads/roi/company/Hyundai_logo.png","alias":"hyundai","address":"","roles":[],"description":"The Hyundai Motor Company, commonly known as Hyundai Motors , is a South Korean multinational automotive manufacturer headquartered in Seoul. The company was founded in 1967 and, along with its 32.8% owned subsidiary, Kia Motors, and its 100% owned luxury subsidiary Genesis Motor, altogether comprise the Hyundai Motor Group. It is the third largest vehicle manufacturer in the world.\r\nHyundai operates the world's largest integrated automobile manufacturing facility in Ulsan, South Korea which has an annual production capacity of 1.6 million units. The company employs about 75,000 people worldwide. Hyundai vehicles are sold in 193 countries through some 5,000 dealerships and showrooms. ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.hyundai.com/worldwide/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hyundai","keywords":"","description":"The Hyundai Motor Company, commonly known as Hyundai Motors , is a South Korean multinational automotive manufacturer headquartered in Seoul. The company was founded in 1967 and, along with its 32.8% owned subsidiary, Kia Motors, and its 100% owned luxury subs","og:title":"Hyundai","og:description":"The Hyundai Motor Company, commonly known as Hyundai Motors , is a South Korean multinational automotive manufacturer headquartered in Seoul. The company was founded in 1967 and, along with its 32.8% owned subsidiary, Kia Motors, and its 100% owned luxury subs","og:image":"https://old.roi4cio.com/uploads/roi/company/Hyundai_logo.png"},"eventUrl":""},"supplier":{"id":262,"title":"Softprom (supplier)","logoURL":"https://old.roi4cio.com/uploads/roi/company/SOFTPROM_blue_on_white_01.png","alias":"softprom-supplier","address":"","roles":[],"description":"<span style=\"font-weight: bold;\">Softprom</span> is a leading Value Added IT Distributor in the CIS and Eastern Europe markets which is trusted by more than 1200 partners. The company was founded in 1999 and today is represented in more than 30 countries.\r\n<span style=\"font-weight: bold;\">Softprom</span> provides professional services for testing, training, installation, implementation and technical support of IT solutions in IT Security, IT Infrastructure, Cloud Services, CAD and Graphic Design, Video Security.\r\nRead more: softprom.com","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":66,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":21,"vendorImplementationsCount":0,"vendorPartnersCount":13,"supplierPartnersCount":1,"b4r":1,"categories":{},"companyUrl":"https://softprom.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Softprom (supplier)","keywords":"Softprom, trust, company, services, customers, vendors, solutions, software","description":"<span style=\"font-weight: bold;\">Softprom</span> is a leading Value Added IT Distributor in the CIS and Eastern Europe markets which is trusted by more than 1200 partners. The company was founded in 1999 and today is represented in more than 30 countries.\r\n<sp","og:title":"Softprom (supplier)","og:description":"<span style=\"font-weight: bold;\">Softprom</span> is a leading Value Added IT Distributor in the CIS and Eastern Europe markets which is trusted by more than 1200 partners. The company was founded in 1999 and today is represented in more than 30 countries.\r\n<sp","og:image":"https://old.roi4cio.com/uploads/roi/company/SOFTPROM_blue_on_white_01.png"},"eventUrl":""},"vendors":[{"id":183,"title":"Barracuda Networks","logoURL":"https://old.roi4cio.com/uploads/roi/company/barracuda_logo.png","alias":"barracuda-networks","address":"","roles":[],"description":"Barracuda Networks, Inc. is the world leader in email and web security. In addition, the company develops solutions for IM security, server load balancing systems and message archiving.<br /><br />The company develops products for security, networking and storage based on network devices and cloud services. Security products include solutions to protect against spam, web surfing, hackers and threats from instant messaging services. The platform also successfully combats such threats as spam, spyware, Trojans and other malware. Barracuda solutions provide web traffic filtering, load balancing, message archiving, backup services, data protection, and more.<br /><br />Today, more than 50,000 companies and security organizations around the world use Barracuda Networks solutions. The main product list includes solutions such as Barracuda Spam Firewall, Barracuda Web Filter, Barracuda IM Firewall. ","companyTypes":[],"products":{},"vendoredProductsCount":11,"suppliedProductsCount":11,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":15,"vendorPartnersCount":0,"supplierPartnersCount":3,"b4r":1,"categories":{},"companyUrl":"www.barracuda.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Barracuda Networks","keywords":"products, company, Barracuda, include, protection, services, storage, security","description":"Barracuda Networks, Inc. is the world leader in email and web security. In addition, the company develops solutions for IM security, server load balancing systems and message archiving.<br /><br />The company develops products for security, networking and stor","og:title":"Barracuda Networks","og:description":"Barracuda Networks, Inc. is the world leader in email and web security. In addition, the company develops solutions for IM security, server load balancing systems and message archiving.<br /><br />The company develops products for security, networking and stor","og:image":"https://old.roi4cio.com/uploads/roi/company/barracuda_logo.png"},"eventUrl":""}],"products":[{"id":1309,"logo":false,"scheme":false,"title":"Barracuda Web Application Firewall","vendorVerified":0,"rating":"2.00","implementationsCount":2,"suppliersCount":0,"alias":"barracuda-web-application-firewall","companyTypes":[],"description":"The Barracuda Web Application Firewall blocks an ever-expanding list of sophisticated web-based intrusions and attacks that target the applications hosted on your web servers—and the sensitive or confidential data to which they have access. Constant Protection from Evolving Threats The Barracuda Web Application Firewall provides superior protection against data loss, DDoS, and all known applicationlayer attack modalities. Automatic updates provide defense against new threats as they apear. As new types of threats emerge, it will acquire new capabilities to block them. Identity and Access Management The Barracuda Web Application Firewall has strong authentication and access control capabilities that ensure security and privacy by restricting access to sensitive applications or data to authorized users. Affordable and Easy to Use Pre-built security templates and intuitive web interface provide immediate security without the need for time-consuming tuning or application learning. Integration with security vulnerability scanners and SIEM tools automates the assessment, monitoring, and mitigation process","shortDescription":"Barracuda Web Application Firewall - protect websites and apps from cyber threats.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":6,"discontinued":0,"rebateForPoc":0,"rebate":5,"seo":{"title":"Barracuda Web Application Firewall","keywords":"Barracuda, Application, Firewall, security, data, access, capabilities, they","description":"The Barracuda Web Application Firewall blocks an ever-expanding list of sophisticated web-based intrusions and attacks that target the applications hosted on your web servers—and the sensitive or confidential data to which they have access. Constant Protection","og:title":"Barracuda Web Application Firewall","og:description":"The Barracuda Web Application Firewall blocks an ever-expanding list of sophisticated web-based intrusions and attacks that target the applications hosted on your web servers—and the sensitive or confidential data to which they have access. Constant Protection"},"eventUrl":"","translationId":1391,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1582,"logo":false,"scheme":false,"title":"Barracuda WAF-as-a-Service","vendorVerified":0,"rating":"2.00","implementationsCount":2,"suppliersCount":0,"alias":"barracuda-waf-as-a-service","companyTypes":[],"description":"Complete application security does not have to be complicated. Web applications are connected directly to your business and customer data. Attackers know this and have become increasingly clever with their attempts to bring down or compromise websites and apps. These attacks can be prevented, but organizations often struggle to implement a robust web application security posture due to several challenges:\r\n<ul> <li>Application security is complicated to deploy and manage without specialized resources.</li> <li>Continuous updates to applications can lead to new vulnerabilities.</li> <li>Legacy applications were developed without secure coding practices.</li> </ul>\r\n<span style=\"font-weight: bold;\">Why Barracuda WAF-as-a-Service?</span>\r\n<ul> <li>Built on a proven security platform. Enterprise-proven technology that provides comprehensive protection from all OWASP recognized security risks, DDoS attacks, and even the most advanced zero-day threats. Proactive bot defense ensures always-on protection from automated attacks, web scraping, and brute force attacks.</li> <li>Simplified application security for everyone. Remove the complexity of setting up and configuring your application security solution. Barracuda WAF-as-a-Service delivers protection for your web apps in minutes thanks to a simple 5-step setup wizard, and numerous pre-built security policy templates.</li> <li>Complete control. Unlimited rulesets. For more advanced users, Barracuda WAF-as-a-Service offers a level of control traditionally reserved only for on-premises and public cloud solutions. Fine-tune specific policies for each component of every application's security profile.</li> <li>Automated vulnerability discovery and remediation. Barracuda Vulnerability Remediation Service is built-in and provides automatic vulnerability detection and remediation which can be scheduled, ensuring ongoing protection without any administrative overhead.</li> <li>Granular visibility with detailed logs and reports. Gain rich insight into all web traffic events and users. Detailed compliance reports help you easily understand your security status at any given time by having complete visibility into all HTTP/S traffic.</li> <li>Unmetered DDoS protection included. DDoS attacks disrupt the service availability of your web apps which can have a significant impact on your business. Barracuda WAF-as-a-Service defends against the full spectrum of L3-L7 DDoS attacks ensuring the availability of your web apps.</li> </ul>","shortDescription":"Barracuda WAF-as-a-Service - Protect every web app, hosted anywhere, in minutes.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":14,"sellingCount":17,"discontinued":0,"rebateForPoc":0,"rebate":5,"seo":{"title":"Barracuda WAF-as-a-Service","keywords":"","description":"Complete application security does not have to be complicated. Web applications are connected directly to your business and customer data. Attackers know this and have become increasingly clever with their attempts to bring down or compromise websites and apps","og:title":"Barracuda WAF-as-a-Service","og:description":"Complete application security does not have to be complicated. Web applications are connected directly to your business and customer data. Attackers know this and have become increasingly clever with their attempts to bring down or compromise websites and apps"},"eventUrl":"","translationId":1583,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":387,"title":"Non-compliant with IT security requirements"}]}},"categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"references":[],"referencesCount":0,"similarImplementations":[{"id":643,"title":"Barracuda Web Application Firewall for bank","description":"Challenges\r\n<ul><li>Unreliability of environment</li><li>Uneven levels of demand throughout the year</li><li>Highly sensitive data</li><li>Current solution meant waiting for weeks to receive additional web encoding servers</li><li>New solution required the additional security needed to keep customer data safe and maintain levels of customer experience</li></ul>\r\nPlatinum Bank was already familiar with Barracuda, having utilized the Barracuda Email Security Gateway for cyber threat prevention. The company came to the conclusion that it needed an additional firewall solution to protect their data center. The goal was to log more information on the subnets’ inbound and outbound traffic. Platinum Bank determined that the Barracuda WAF was the right choice.\r\nSince deploying the Barracuda WAF, Platinum Bank has warded off many cyberattacks. In addition, Platinum Bank is now able to fix their own issues within five minutes, whereas their outsourced provider solution took weeks, saving a significant amount of time and money.\r\nResults\r\n<ul><li>Increased uptime</li><li>Better security and more comprehensive compliance</li><li>Automation of new threat blockers</li><li>Little additional training required</li><li>Engineer time saved, so can be spent on improving customer experience</li><li>Cost effective solution</li></ul>","alias":"barracuda-web-application-firewall-for-bank","roi":0,"seo":{"title":"Barracuda Web Application Firewall for bank","keywords":"","description":"Challenges\r\n<ul><li>Unreliability of environment</li><li>Uneven levels of demand throughout the year</li><li>Highly sensitive data</li><li>Current solution meant waiting for weeks to receive additional web encoding servers</li><li>New solution required the add","og:title":"Barracuda Web Application Firewall for bank","og:description":"Challenges\r\n<ul><li>Unreliability of environment</li><li>Uneven levels of demand throughout the year</li><li>Highly sensitive data</li><li>Current solution meant waiting for weeks to receive additional web encoding servers</li><li>New solution required the add"},"deal_info":"","user":{"id":533,"title":"Platinum Bank","logoURL":"https://old.roi4cio.com/uploads/roi/company/Platinum_Bank.png","alias":"platinum-bank","address":"","roles":[],"description":"Platinum Bank - specialized retail bank, which since 2005 provides deposit and loan products to individuals through a network of offices and service points throughout Ukraine. The main shareholders of Platinum Bank is a group of financial shareholders, including the direct investment fund European Infrastructure Investment Company (“EIIC”, Luxembourg).\r\nInternational investors and shareholders contribute to the development of Platinum Bank and the introduction of Western management standards that allow bank customers to feel the comfort of cooperation and peace of mind for their investments.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":6,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://www.platinumbank.com.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Platinum Bank","keywords":"through, network, offices, service, shareholders, Plat, Ukraine, points","description":"Platinum Bank - specialized retail bank, which since 2005 provides deposit and loan products to individuals through a network of offices and service points throughout Ukraine. The main shareholders of Platinum Bank is a group of financial shareholders, includi","og:title":"Platinum Bank","og:description":"Platinum Bank - specialized retail bank, which since 2005 provides deposit and loan products to individuals through a network of offices and service points throughout Ukraine. The main shareholders of Platinum Bank is a group of financial shareholders, includi","og:image":"https://old.roi4cio.com/uploads/roi/company/Platinum_Bank.png"},"eventUrl":""},"supplier":{"id":262,"title":"Softprom (supplier)","logoURL":"https://old.roi4cio.com/uploads/roi/company/SOFTPROM_blue_on_white_01.png","alias":"softprom-supplier","address":"","roles":[],"description":"<span style=\"font-weight: bold;\">Softprom</span> is a leading Value Added IT Distributor in the CIS and Eastern Europe markets which is trusted by more than 1200 partners. The company was founded in 1999 and today is represented in more than 30 countries.\r\n<span style=\"font-weight: bold;\">Softprom</span> provides professional services for testing, training, installation, implementation and technical support of IT solutions in IT Security, IT Infrastructure, Cloud Services, CAD and Graphic Design, Video Security.\r\nRead more: softprom.com","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":66,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":21,"vendorImplementationsCount":0,"vendorPartnersCount":13,"supplierPartnersCount":1,"b4r":1,"categories":{},"companyUrl":"https://softprom.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Softprom (supplier)","keywords":"Softprom, trust, company, services, customers, vendors, solutions, software","description":"<span style=\"font-weight: bold;\">Softprom</span> is a leading Value Added IT Distributor in the CIS and Eastern Europe markets which is trusted by more than 1200 partners. The company was founded in 1999 and today is represented in more than 30 countries.\r\n<sp","og:title":"Softprom (supplier)","og:description":"<span style=\"font-weight: bold;\">Softprom</span> is a leading Value Added IT Distributor in the CIS and Eastern Europe markets which is trusted by more than 1200 partners. The company was founded in 1999 and today is represented in more than 30 countries.\r\n<sp","og:image":"https://old.roi4cio.com/uploads/roi/company/SOFTPROM_blue_on_white_01.png"},"eventUrl":""},"vendors":[{"id":183,"title":"Barracuda Networks","logoURL":"https://old.roi4cio.com/uploads/roi/company/barracuda_logo.png","alias":"barracuda-networks","address":"","roles":[],"description":"Barracuda Networks, Inc. is the world leader in email and web security. In addition, the company develops solutions for IM security, server load balancing systems and message archiving.<br /><br />The company develops products for security, networking and storage based on network devices and cloud services. Security products include solutions to protect against spam, web surfing, hackers and threats from instant messaging services. The platform also successfully combats such threats as spam, spyware, Trojans and other malware. Barracuda solutions provide web traffic filtering, load balancing, message archiving, backup services, data protection, and more.<br /><br />Today, more than 50,000 companies and security organizations around the world use Barracuda Networks solutions. The main product list includes solutions such as Barracuda Spam Firewall, Barracuda Web Filter, Barracuda IM Firewall. ","companyTypes":[],"products":{},"vendoredProductsCount":11,"suppliedProductsCount":11,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":15,"vendorPartnersCount":0,"supplierPartnersCount":3,"b4r":1,"categories":{},"companyUrl":"www.barracuda.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Barracuda Networks","keywords":"products, company, Barracuda, include, protection, services, storage, security","description":"Barracuda Networks, Inc. is the world leader in email and web security. In addition, the company develops solutions for IM security, server load balancing systems and message archiving.<br /><br />The company develops products for security, networking and stor","og:title":"Barracuda Networks","og:description":"Barracuda Networks, Inc. is the world leader in email and web security. In addition, the company develops solutions for IM security, server load balancing systems and message archiving.<br /><br />The company develops products for security, networking and stor","og:image":"https://old.roi4cio.com/uploads/roi/company/barracuda_logo.png"},"eventUrl":""}],"products":[{"id":1309,"logo":false,"scheme":false,"title":"Barracuda Web Application Firewall","vendorVerified":0,"rating":"2.00","implementationsCount":2,"suppliersCount":0,"alias":"barracuda-web-application-firewall","companyTypes":[],"description":"The Barracuda Web Application Firewall blocks an ever-expanding list of sophisticated web-based intrusions and attacks that target the applications hosted on your web servers—and the sensitive or confidential data to which they have access. Constant Protection from Evolving Threats The Barracuda Web Application Firewall provides superior protection against data loss, DDoS, and all known applicationlayer attack modalities. Automatic updates provide defense against new threats as they apear. As new types of threats emerge, it will acquire new capabilities to block them. Identity and Access Management The Barracuda Web Application Firewall has strong authentication and access control capabilities that ensure security and privacy by restricting access to sensitive applications or data to authorized users. Affordable and Easy to Use Pre-built security templates and intuitive web interface provide immediate security without the need for time-consuming tuning or application learning. Integration with security vulnerability scanners and SIEM tools automates the assessment, monitoring, and mitigation process","shortDescription":"Barracuda Web Application Firewall - protect websites and apps from cyber threats.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":6,"discontinued":0,"rebateForPoc":0,"rebate":5,"seo":{"title":"Barracuda Web Application Firewall","keywords":"Barracuda, Application, Firewall, security, data, access, capabilities, they","description":"The Barracuda Web Application Firewall blocks an ever-expanding list of sophisticated web-based intrusions and attacks that target the applications hosted on your web servers—and the sensitive or confidential data to which they have access. Constant Protection","og:title":"Barracuda Web Application Firewall","og:description":"The Barracuda Web Application Firewall blocks an ever-expanding list of sophisticated web-based intrusions and attacks that target the applications hosted on your web servers—and the sensitive or confidential data to which they have access. Constant Protection"},"eventUrl":"","translationId":1391,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1582,"logo":false,"scheme":false,"title":"Barracuda WAF-as-a-Service","vendorVerified":0,"rating":"2.00","implementationsCount":2,"suppliersCount":0,"alias":"barracuda-waf-as-a-service","companyTypes":[],"description":"Complete application security does not have to be complicated. Web applications are connected directly to your business and customer data. Attackers know this and have become increasingly clever with their attempts to bring down or compromise websites and apps. These attacks can be prevented, but organizations often struggle to implement a robust web application security posture due to several challenges:\r\n<ul> <li>Application security is complicated to deploy and manage without specialized resources.</li> <li>Continuous updates to applications can lead to new vulnerabilities.</li> <li>Legacy applications were developed without secure coding practices.</li> </ul>\r\n<span style=\"font-weight: bold;\">Why Barracuda WAF-as-a-Service?</span>\r\n<ul> <li>Built on a proven security platform. Enterprise-proven technology that provides comprehensive protection from all OWASP recognized security risks, DDoS attacks, and even the most advanced zero-day threats. Proactive bot defense ensures always-on protection from automated attacks, web scraping, and brute force attacks.</li> <li>Simplified application security for everyone. Remove the complexity of setting up and configuring your application security solution. Barracuda WAF-as-a-Service delivers protection for your web apps in minutes thanks to a simple 5-step setup wizard, and numerous pre-built security policy templates.</li> <li>Complete control. Unlimited rulesets. For more advanced users, Barracuda WAF-as-a-Service offers a level of control traditionally reserved only for on-premises and public cloud solutions. Fine-tune specific policies for each component of every application's security profile.</li> <li>Automated vulnerability discovery and remediation. Barracuda Vulnerability Remediation Service is built-in and provides automatic vulnerability detection and remediation which can be scheduled, ensuring ongoing protection without any administrative overhead.</li> <li>Granular visibility with detailed logs and reports. Gain rich insight into all web traffic events and users. Detailed compliance reports help you easily understand your security status at any given time by having complete visibility into all HTTP/S traffic.</li> <li>Unmetered DDoS protection included. DDoS attacks disrupt the service availability of your web apps which can have a significant impact on your business. Barracuda WAF-as-a-Service defends against the full spectrum of L3-L7 DDoS attacks ensuring the availability of your web apps.</li> </ul>","shortDescription":"Barracuda WAF-as-a-Service - Protect every web app, hosted anywhere, in minutes.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":14,"sellingCount":17,"discontinued":0,"rebateForPoc":0,"rebate":5,"seo":{"title":"Barracuda WAF-as-a-Service","keywords":"","description":"Complete application security does not have to be complicated. Web applications are connected directly to your business and customer data. Attackers know this and have become increasingly clever with their attempts to bring down or compromise websites and apps","og:title":"Barracuda WAF-as-a-Service","og:description":"Complete application security does not have to be complicated. Web applications are connected directly to your business and customer data. Attackers know this and have become increasingly clever with their attempts to bring down or compromise websites and apps"},"eventUrl":"","translationId":1583,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":387,"title":"Non-compliant with IT security requirements"}]}},"categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":876,"title":"Carbon Black (CB) Protection, Carbon Black (CB) Response for Core-Mark International","description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAs one of the largest and most valued distributors of consumer goods to convenience stores throughout North America, Core-Mark International is very invested in having a strong security posture. Director of Network Systems Ken Merrigan and his team chose Carbon Black to meet various security needs within the organization and have found the visibility and control into their environment unmatched.\r\n<span style=\"font-weight: bold;\">Expanding Their Security Footprint</span>\r\nSeveral years ago when high profile company breaches became increasingly news-worthy, Core-Mark received a mandate from their executives to increase the security footprint of the organization. With the very basic antivirus product that they had, the security team set out to upgrade to a solution that would provide them both visibility and protection.\r\n<span style=\"font-style: italic;\">“We didn’t have that comprehensive protection that traditional antivirus doesn’t give,”</span> said Julian Alexander, Network Analyst. <span style=\"font-style: italic;\">“We needed visibility into our environment that we didn’t have in the past.”</span><br />After evaluating several vendors they found Carbon Black’s products best met the needs of the security team and the organization.\r\n<span style=\"font-weight: bold;\">Gaining Control Over Their Environment</span>\r\nAfter deploying both CB Protection and CB Response, Core-Mark International gained both the insight into their environment and the application whitelisting capabilities they had been looking for.\r\n<span style=\"font-style: italic;\">“By having chosen Carbon Black we now have visibility, awareness and control over our environment,”</span> said Alexander. <span style=\"font-style: italic;\">“When we looked into the Carbon Black technology we wanted the change control approach which Carbon Black definitely had. We looked at other vendors in the space and Carbon Black was definitely the best choice.”</span>\r\n<span style=\"font-weight: bold;\">Conclusion</span>\r\nAs strong believers in the whitelisting approach to security for their critical systems the team has found Carbon Black continues to prevent unwanted files from running and gives them the insight they need into what is happening on their endpoints.<br /><span style=\"font-style: italic;\">“Carbon Black has a wide variety of products that could fit the need of almost any company,”</span> concludes Merrigan. ","alias":"carbon-black-cb-protection-carbon-black-cb-response-for-core-mark-international","roi":0,"seo":{"title":"Carbon Black (CB) Protection, Carbon Black (CB) Response for Core-Mark International","keywords":"","description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAs one of the largest and most valued distributors of consumer goods to convenience stores throughout North America, Core-Mark International is very invested in having a strong security posture. Director of Netw","og:title":"Carbon Black (CB) Protection, Carbon Black (CB) Response for Core-Mark International","og:description":"<span style=\"font-weight: bold;\">Summary</span>\r\nAs one of the largest and most valued distributors of consumer goods to convenience stores throughout North America, Core-Mark International is very invested in having a strong security posture. Director of Netw"},"deal_info":"","user":{"id":5984,"title":"Core-Mark Holding Company","logoURL":"https://old.roi4cio.com/uploads/roi/company/core-mark_logo.jpg","alias":"core-mark-holding-company","address":"","roles":[],"description":" Core-Mark Holding Company (NASDAQ: CORE) distributes fresh, chilled and frozen merchandise mainly to convenience stores in the United States. It also provides associated business services such as category management and management of promotions.\r\nFounded in 1888, Core-Mark serves 44,000 customer locations in the U.S. and Canada. The company operates 32 distribution centers (excluding two distribution centers which are operated as a third party logistics provider). Core-Mark's headquarters are in Westlake, TX and it employs about 8,100 employees throughout North America. Core-Mark services convenience retailers including traditional convenience stores as well as grocery stores, big box retailers, drug stores, liquor and specialty stores, and other stores that carry convenience products.\r\n\r\nSource: https://en.wikipedia.org/wiki/Core-Mark","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.core-mark.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Core-Mark Holding Company","keywords":"","description":" Core-Mark Holding Company (NASDAQ: CORE) distributes fresh, chilled and frozen merchandise mainly to convenience stores in the United States. It also provides associated business services such as category management and management of promotions.\r\nFounded in 1","og:title":"Core-Mark Holding Company","og:description":" Core-Mark Holding Company (NASDAQ: CORE) distributes fresh, chilled and frozen merchandise mainly to convenience stores in the United States. It also provides associated business services such as category management and management of promotions.\r\nFounded in 1","og:image":"https://old.roi4cio.com/uploads/roi/company/core-mark_logo.jpg"},"eventUrl":""},"supplier":{"id":4070,"title":"Carbon Black","logoURL":"https://old.roi4cio.com/uploads/roi/company/Carbon_Black.png","alias":"carbon-black","address":"","roles":[],"description":"Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 years, our leadership and software have outpaced increasingly sophisticated attacks.\r\nPioneers in the Market\r\nWe’re delivering a new generation of endpoint security, purposely designed to protect your organization from the most advanced cyberattacks. Our pioneering approach to application control, endpoint detection and response (EDR), and next-generation antivirus (NGAV) has been rigorously tested and proven by highly regarded third-party industry analysts. Some of this recognition is highlighted, below, under Awards.\r\nCustomer Driven\r\nThirty of the Fortune 100 rely on Carbon Black. Our diverse customer base includes Silicon Valley leaders in internet search, social media, transportation, government, finance, and higher education. Collectively, 3,000+ organizations trust us to protect more than 9 million endpoints around the world. With an eye on empowering every security team and protecting every endpoint, we stand true to our founding vision: To create a world safe from cyberattacks.","companyTypes":[],"products":{},"vendoredProductsCount":7,"suppliedProductsCount":7,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":4,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"https://www.carbonblack.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Carbon Black","keywords":"endpoint, security, Carbon, Black, world, more, cyberattacks, from","description":"<div>Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 y","og:title":"Carbon Black","og:description":"<div>Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 y","og:image":"https://old.roi4cio.com/uploads/roi/company/Carbon_Black.png"},"eventUrl":""},"vendors":[{"id":4070,"title":"Carbon Black","logoURL":"https://old.roi4cio.com/uploads/roi/company/Carbon_Black.png","alias":"carbon-black","address":"","roles":[],"description":"Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 years, our leadership and software have outpaced increasingly sophisticated attacks.\r\nPioneers in the Market\r\nWe’re delivering a new generation of endpoint security, purposely designed to protect your organization from the most advanced cyberattacks. Our pioneering approach to application control, endpoint detection and response (EDR), and next-generation antivirus (NGAV) has been rigorously tested and proven by highly regarded third-party industry analysts. Some of this recognition is highlighted, below, under Awards.\r\nCustomer Driven\r\nThirty of the Fortune 100 rely on Carbon Black. Our diverse customer base includes Silicon Valley leaders in internet search, social media, transportation, government, finance, and higher education. Collectively, 3,000+ organizations trust us to protect more than 9 million endpoints around the world. With an eye on empowering every security team and protecting every endpoint, we stand true to our founding vision: To create a world safe from cyberattacks.","companyTypes":[],"products":{},"vendoredProductsCount":7,"suppliedProductsCount":7,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":4,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"https://www.carbonblack.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Carbon Black","keywords":"endpoint, security, Carbon, Black, world, more, cyberattacks, from","description":"<div>Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 y","og:title":"Carbon Black","og:description":"<div>Carbon Black was founded by former members of the U.S. government’s elite team of offensive security hackers. Trained by the NSA and CIA, our founders possessed early insights into the tools and techniques of 21st century cyber hackers. For more than 15 y","og:image":"https://old.roi4cio.com/uploads/roi/company/Carbon_Black.png"},"eventUrl":""}],"products":[{"id":3565,"logo":false,"scheme":false,"title":"Carbon Black (CB) Response","vendorVerified":0,"rating":"0.00","implementationsCount":2,"suppliersCount":0,"alias":"carbon-black-cb-response","companyTypes":[],"description":"Enterprise security teams struggle to get their hands on the endpoint data they need to properly investigate and proactively hunt for abnormal behavior. Security and IT professionals lack the ability to see beyond suspicious activity and need a way to dive deeper into the data to make their own judgments.\r\nCB Response is an industry-leading incident response and threat hunting solution designed for security operations center (SOC) teams. CB Response continuously records and stores unfiltered endpoint data, so that security professionals can hunt threats in real time and visualize the complete attack kill chain. It leverages the CB Predictive Security Cloud’s aggregated threat intelligence, which is applied to the endpoint activity system of record for evidence and detection of these identified threats and patterns of behavior.\r\n<span style=\"font-weight: bold;\">Capabilities</span>\r\n<ul><li>Continuous and Centralized Recording</li><li>Live Response for Remote Remediation</li><li>Attack Chain Visualization and Search</li><li>Automation via Integrations and Open APIs</li></ul>\r\n<span style=\"font-weight: bold;\">Benefits</span>\r\n<ul><li>Faster end-to-end response and remediation</li><li>Accelerated IR and threat hunting with unfiltered endpoint visibility</li><li>Rapid identification of attacker activities and root cause</li><li>Secure remote access to infected endpoints for in-depth investigation</li><li>Better protection from future attacks through automated hunting</li><li>Unlimited retention and scale for the largest installations</li><li>Reduced IT headaches from reimaging and helpdesk tickets</li></ul>","shortDescription":"CB Response - Industry-Leading Incident Response and Threat Hunting.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":19,"sellingCount":17,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Carbon Black (CB) Response","keywords":"","description":"Enterprise security teams struggle to get their hands on the endpoint data they need to properly investigate and proactively hunt for abnormal behavior. Security and IT professionals lack the ability to see beyond suspicious activity and need a way to dive dee","og:title":"Carbon Black (CB) Response","og:description":"Enterprise security teams struggle to get their hands on the endpoint data they need to properly investigate and proactively hunt for abnormal behavior. Security and IT professionals lack the ability to see beyond suspicious activity and need a way to dive dee"},"eventUrl":"","translationId":3566,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3827,"logo":false,"scheme":false,"title":"Carbon Black (CB) Protection","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"alias":"carbon-black-cb-protection","companyTypes":[],"description":"Highly targeted assets demand perfect security, but can’t afford loss in performance. Critical systems are increasingly targeted because they contain the most valuable information. These systems cannot afford a moment of unscheduled downtime or performance degradation as they are the lifeblood of the organization. They often run on out-of-date or unsupported operating systems, which are costly to secure and support. The most common approach to defending these systems typically relies on layering multiple, ineffective security products, which is costly, creates risk and jeopardizes performance.\r\nCB Protection is an industry-leading application control product, used to lock down servers and critical systems, prevent unwanted changes and ensure continuous compliance with regulatory mandates. Leveraging cloud reputation services, IT-based trust policies and multiple sources of threat intelligence from the CB Predictive Security Cloud, CB Protection ensures that only trusted and approved software is allowed to execute on an organization’s critical systems and endpoints.<br />\r\nCB Protection combines application whitelisting, file integrity monitoring, full-featured device control and memory/tamper protection into a single agent. CB Protection watches for behavioral indicators of malicious activity and conducts continuous recording of attack details to provide rich visibility into everything suspicious that attackers attempt to do. With the addition of the File Delete feature, CB Protection is now a direct control for requirement 5 of PCI DSS, enabling customers to remove traditional antivirus without the need for undergoing the compensating control process.<br />\r\nSecurity teams can harden their new and legacy systems against all unwanted change, simplify the compliance process, and provide the best possible protection for corporate systems at enterprise scale. CB Protection is available through MSSPs or directly through on-premise.<br />\r\n<span style=\"font-weight: bold;\">Key Capabilities</span><br />\r\nCB Protection is a powerful positive security solution for data centers and critical systems that allows server admins to control change while consolidating agents. Using a ‘Default Deny’ approach, CB Protection reduces your attack surface and downtime by automating approval of trusted software and eliminating the burden of whitelist management.<br />\r\n<span style=\"font-style: italic;\">Lock Down Critical Systems</span><br />\r\nStop malware and non-malware attacks by preventing unwanted changes to your applications and files, providing you with the control over your environment that you need.<br />\r\n<span style=\"font-style: italic;\">Ensure Continuous Compliance</span><br />\r\nAccelerate compliance by meeting many of the requirements in regulatory standards and frameworks, such as PCI-DSS, HIPAA/HITECH, SOX, NERC CIP, GDPR and NIST 800-53.<br />\r\n<span style=\"font-style: italic;\">High Performance and Low Touch Application Control</span><br />\r\nBe confident that your solution is blocking the “bad” and allowing the “good” without interrupting daily operations.","shortDescription":"Carbon Black (CB) Protection: Application Control and Critical Infrastructure Protection","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":13,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Carbon Black (CB) Protection","keywords":"","description":"Highly targeted assets demand perfect security, but can’t afford loss in performance. Critical systems are increasingly targeted because they contain the most valuable information. These systems cannot afford a moment of unscheduled downtime or performance deg","og:title":"Carbon Black (CB) Protection","og:description":"Highly targeted assets demand perfect security, but can’t afford loss in performance. Critical systems are increasingly targeted because they contain the most valuable information. These systems cannot afford a moment of unscheduled downtime or performance deg"},"eventUrl":"","translationId":3828,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":220,"title":"United States","name":"USA"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"},{"id":10,"title":"Ensure Compliance"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":178,"title":"No control over data access"},{"id":370,"title":"No automated business processes"},{"id":371,"title":"No control over the state of communication channels"},{"id":385,"title":"Risk of data loss or damage"},{"id":387,"title":"Non-compliant with IT security requirements"},{"id":397,"title":"Insufficient risk management"}]}},"categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/hgghghg.png"},{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.carbonblack.com/wp-content/uploads/2018/12/cb-case-study-core-mark-intl.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":1091,"title":"Citrix ADC for a large Ukrainian e-commerce company","description":"<span style=\"font-style: italic;\">Description is not ready yet</span>","alias":"citrix-adc-for-a-large-ukrainian-e-commerce-company","roi":0,"seo":{"title":"Citrix ADC for a large Ukrainian e-commerce company","keywords":"","description":"<span style=\"font-style: italic;\">Description is not ready yet</span>","og:title":"Citrix ADC for a large Ukrainian e-commerce company","og:description":"<span style=\"font-style: italic;\">Description is not ready yet</span>"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":262,"title":"Softprom (supplier)","logoURL":"https://old.roi4cio.com/uploads/roi/company/SOFTPROM_blue_on_white_01.png","alias":"softprom-supplier","address":"","roles":[],"description":"<span style=\"font-weight: bold;\">Softprom</span> is a leading Value Added IT Distributor in the CIS and Eastern Europe markets which is trusted by more than 1200 partners. The company was founded in 1999 and today is represented in more than 30 countries.\r\n<span style=\"font-weight: bold;\">Softprom</span> provides professional services for testing, training, installation, implementation and technical support of IT solutions in IT Security, IT Infrastructure, Cloud Services, CAD and Graphic Design, Video Security.\r\nRead more: softprom.com","companyTypes":[],"products":{},"vendoredProductsCount":1,"suppliedProductsCount":66,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":21,"vendorImplementationsCount":0,"vendorPartnersCount":13,"supplierPartnersCount":1,"b4r":1,"categories":{},"companyUrl":"https://softprom.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Softprom (supplier)","keywords":"Softprom, trust, company, services, customers, vendors, solutions, software","description":"<span style=\"font-weight: bold;\">Softprom</span> is a leading Value Added IT Distributor in the CIS and Eastern Europe markets which is trusted by more than 1200 partners. The company was founded in 1999 and today is represented in more than 30 countries.\r\n<sp","og:title":"Softprom (supplier)","og:description":"<span style=\"font-weight: bold;\">Softprom</span> is a leading Value Added IT Distributor in the CIS and Eastern Europe markets which is trusted by more than 1200 partners. The company was founded in 1999 and today is represented in more than 30 countries.\r\n<sp","og:image":"https://old.roi4cio.com/uploads/roi/company/SOFTPROM_blue_on_white_01.png"},"eventUrl":""},"vendors":[{"id":182,"title":"Citrix","logoURL":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png","alias":"citrix","address":"","roles":[],"description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that Citrix received from Microsoft. The use of its own optimized ICA data transfer protocol allowed Citrix to successfully compete in the market with other powerful players. The company's flagship product is Citrix Presentation Server (now XenApp).<br /><br />In addition, the company offers a range of solutions for working with clouds and deploying virtual desktop infrastructures (VDI):<br /><br />Citrix Endpoint Management is a single end-to-end solution for managing mobile devices and applications for consistent productivity.<br /><br />Citrix Workspace is a platform for bringing all applications and data together in a secure, unified and personalized workspace\r\n<br />Citrix Cloud is a suite of cloud services that simplifies deployment and management of Citrix technologies, allowing you to extend existing software landscapes.<br /><br />Citrix also offers software tools for working with hybrid and multicloud environments.<br /><br />In 2005, Citrix acquired NetScaler, a networking company and also a hardware vendor. In 2007, the company acquired XenSource, a virtualization developer based on Xen, an open source hypervisor. Hundreds of thousands of customers worldwide use Citrix solutions. The company currently employs about 8,500 employees. Citrix is headquartered in Fort Lauderdale, Florida, USA. ","companyTypes":[],"products":{},"vendoredProductsCount":8,"suppliedProductsCount":8,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":9,"vendorImplementationsCount":11,"vendorPartnersCount":0,"supplierPartnersCount":6,"b4r":0,"categories":{},"companyUrl":"https://www.citrix.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Citrix","keywords":"company, Citrix, with, Microsoft, remote, 1995, software, partnership","description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:title":"Citrix","og:description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:image":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png"},"eventUrl":""}],"products":[{"id":3132,"logo":false,"scheme":false,"title":"Citrix ADC (Application Delivery Controller)","vendorVerified":0,"rating":"2.80","implementationsCount":4,"suppliersCount":0,"alias":"citrix-adc-application-delivery-controller","companyTypes":[],"description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Application delivery controllers are purpose-built networking appliances whose function is to improve the performance, security and resiliency of applications delivered over the web.</span></p>\r\n<p>Citrix ADC is an application delivery and load balancing solution that provides a high-quality user experience for your web, traditional, and cloud-native applications regardless of where they are hosted. It comes in a wide variety of form factors and deployment options without locking you into a single cloud. Pooled capacity licensing enables the movement of capacity among cloud deployments.</p>\r\n<p> </p>\r\n<p><span style=\"font-weight: bold;\">The main features of Citrix ADC:</span></p>\r\n<ul>\r\n<li>Provides industry-leading app delivery and load balancing</li>\r\n</ul>\r\n<ul>\r\n<li>Fully integrates with Cisco ACI; endorsed as a Cisco ACE replacement</li>\r\n</ul>\r\n<ul>\r\n<li>Offers the most comprehensive set of ADC features in the ACI ecosystem</li>\r\n</ul>\r\n<ul>\r\n<li>Enables automation and orchestration of network-critical services to boost agility</li>\r\n</ul>","shortDescription":"Citrix ADC is an application delivery and load balancing solution that provides a high-quality user experience for web, traditional, and cloud-native applications regardless of where they are hosted.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Citrix ADC (Application Delivery Controller)","keywords":"","description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Applicat","og:title":"Citrix ADC (Application Delivery Controller)","og:description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Applicat"},"eventUrl":"","translationId":3135,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":217,"title":"Ukraine","name":"UKR"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":7,"title":"Improve Customer Service"},{"id":252,"title":"Increase Customer Base"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":175,"title":"Aging IT infrastructure"},{"id":340,"title":"Low quality of customer service"},{"id":373,"title":"IT infrastructure does not meet business tasks"},{"id":400,"title":"High costs"}]}},"categories":[{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"","title":"Supplier's web site"}},"comments":[],"referencesCount":0},{"id":676,"title":"Citrix ADC for gas and electric company","description":"A paperless model won’t work if digital connections aren’t always available and secure. With its NetScaler solution, the LG&E and KU operations team can fully support the LG&E and KU corporate commitment to digital transformation. NetScaler appliances can also help the team drive even more paperless processes that help reduce errors, deliver greater time savings, and help maintain and improve compliance. Employees are empowered, and customers are more satisfied, by having consistent service and a faster return to service when outages occur. “We believe doing it electronically instead of on paper is better. And NetScaler helps us do it electronically,” says Bill Brumleve, System Administrator at LG&E and KU.\r\nCost savings and data-center consolidation\r\nWith the NetScaler SDX solution, cost savings come from more than just being paperless. Using the NetScaler SDX solution has allowed LG&E and KU to consolidate their data centers with fewer NetScaler appliances, which delivers significant cost savings. Consolidating to a single load-balancing vendor has also contributed to lower operational costs, as a result of decreased datacenter complexity and technical debt. The entire operation, with its 1.3 million customers, is now run using four NetScaler SDX 14030 appliances housed in two different data-center locations. And those NetScaler appliances are run on Intel Xeon processors, which contribute to outstanding performance in virtualized environments and high consolidation ratios.\r\nImproved user experience and IT productivity\r\nConsolidated load balancing with the NetScaler solution lets LG&E and KU deliver a better experience for field employees. It also has allowed LG&E and KU to improve field employee and IT productivity. Users can easily and reliably connect, and connections no longer fail as they occasionally had with the previous VPN solution. Users aren’t kept from getting their jobs done, and they don’t have to find time-consuming workarounds either. “Now, users get everything they need in a much easier way. The end user has a much smoother experience than before,” Brumleve says. With the NetScaler solution, the LG&E and KU IT team can focus on more strategic initiatives instead of managing application-access issues. “Better integration has helped make management of app delivery easier,” Brumleve says. \r\nWith the Intel Xeon processor E5 family powering its NetScaler solution, LG&E and KU optimizes performance based on workload demands at the server level. NetScaler appliances are optimized to squeeze the maximum capacity and support from Intel architecture and up to 55 MB of L3 cache on the Intel Xeon processor E5 v4 family. This lowers latency and accelerates performance, because it’s much faster for data to move through the L3 cache than through main system memory. By playing off of one another’s strengths, the Intel Xeon processor E5 v4 family and the NetScaler solution let Brumleve and his team move more data more quickly through the data center. ","alias":"citrix-adc-for-gas-and-electric-company","roi":0,"seo":{"title":"Citrix ADC for gas and electric company","keywords":"","description":"A paperless model won’t work if digital connections aren’t always available and secure. With its NetScaler solution, the LG&E and KU operations team can fully support the LG&E and KU corporate commitment to digital transformation. NetScaler appliances ","og:title":"Citrix ADC for gas and electric company","og:description":"A paperless model won’t work if digital connections aren’t always available and secure. With its NetScaler solution, the LG&E and KU operations team can fully support the LG&E and KU corporate commitment to digital transformation. NetScaler appliances "},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":182,"title":"Citrix","logoURL":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png","alias":"citrix","address":"","roles":[],"description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that Citrix received from Microsoft. The use of its own optimized ICA data transfer protocol allowed Citrix to successfully compete in the market with other powerful players. The company's flagship product is Citrix Presentation Server (now XenApp).<br /><br />In addition, the company offers a range of solutions for working with clouds and deploying virtual desktop infrastructures (VDI):<br /><br />Citrix Endpoint Management is a single end-to-end solution for managing mobile devices and applications for consistent productivity.<br /><br />Citrix Workspace is a platform for bringing all applications and data together in a secure, unified and personalized workspace\r\n<br />Citrix Cloud is a suite of cloud services that simplifies deployment and management of Citrix technologies, allowing you to extend existing software landscapes.<br /><br />Citrix also offers software tools for working with hybrid and multicloud environments.<br /><br />In 2005, Citrix acquired NetScaler, a networking company and also a hardware vendor. In 2007, the company acquired XenSource, a virtualization developer based on Xen, an open source hypervisor. Hundreds of thousands of customers worldwide use Citrix solutions. The company currently employs about 8,500 employees. Citrix is headquartered in Fort Lauderdale, Florida, USA. ","companyTypes":[],"products":{},"vendoredProductsCount":8,"suppliedProductsCount":8,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":9,"vendorImplementationsCount":11,"vendorPartnersCount":0,"supplierPartnersCount":6,"b4r":0,"categories":{},"companyUrl":"https://www.citrix.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Citrix","keywords":"company, Citrix, with, Microsoft, remote, 1995, software, partnership","description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:title":"Citrix","og:description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:image":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png"},"eventUrl":""},"vendors":[{"id":182,"title":"Citrix","logoURL":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png","alias":"citrix","address":"","roles":[],"description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that Citrix received from Microsoft. The use of its own optimized ICA data transfer protocol allowed Citrix to successfully compete in the market with other powerful players. The company's flagship product is Citrix Presentation Server (now XenApp).<br /><br />In addition, the company offers a range of solutions for working with clouds and deploying virtual desktop infrastructures (VDI):<br /><br />Citrix Endpoint Management is a single end-to-end solution for managing mobile devices and applications for consistent productivity.<br /><br />Citrix Workspace is a platform for bringing all applications and data together in a secure, unified and personalized workspace\r\n<br />Citrix Cloud is a suite of cloud services that simplifies deployment and management of Citrix technologies, allowing you to extend existing software landscapes.<br /><br />Citrix also offers software tools for working with hybrid and multicloud environments.<br /><br />In 2005, Citrix acquired NetScaler, a networking company and also a hardware vendor. In 2007, the company acquired XenSource, a virtualization developer based on Xen, an open source hypervisor. Hundreds of thousands of customers worldwide use Citrix solutions. The company currently employs about 8,500 employees. Citrix is headquartered in Fort Lauderdale, Florida, USA. ","companyTypes":[],"products":{},"vendoredProductsCount":8,"suppliedProductsCount":8,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":9,"vendorImplementationsCount":11,"vendorPartnersCount":0,"supplierPartnersCount":6,"b4r":0,"categories":{},"companyUrl":"https://www.citrix.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Citrix","keywords":"company, Citrix, with, Microsoft, remote, 1995, software, partnership","description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:title":"Citrix","og:description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:image":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png"},"eventUrl":""}],"products":[{"id":3132,"logo":false,"scheme":false,"title":"Citrix ADC (Application Delivery Controller)","vendorVerified":0,"rating":"2.80","implementationsCount":4,"suppliersCount":0,"alias":"citrix-adc-application-delivery-controller","companyTypes":[],"description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Application delivery controllers are purpose-built networking appliances whose function is to improve the performance, security and resiliency of applications delivered over the web.</span></p>\r\n<p>Citrix ADC is an application delivery and load balancing solution that provides a high-quality user experience for your web, traditional, and cloud-native applications regardless of where they are hosted. It comes in a wide variety of form factors and deployment options without locking you into a single cloud. Pooled capacity licensing enables the movement of capacity among cloud deployments.</p>\r\n<p> </p>\r\n<p><span style=\"font-weight: bold;\">The main features of Citrix ADC:</span></p>\r\n<ul>\r\n<li>Provides industry-leading app delivery and load balancing</li>\r\n</ul>\r\n<ul>\r\n<li>Fully integrates with Cisco ACI; endorsed as a Cisco ACE replacement</li>\r\n</ul>\r\n<ul>\r\n<li>Offers the most comprehensive set of ADC features in the ACI ecosystem</li>\r\n</ul>\r\n<ul>\r\n<li>Enables automation and orchestration of network-critical services to boost agility</li>\r\n</ul>","shortDescription":"Citrix ADC is an application delivery and load balancing solution that provides a high-quality user experience for web, traditional, and cloud-native applications regardless of where they are hosted.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Citrix ADC (Application Delivery Controller)","keywords":"","description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Applicat","og:title":"Citrix ADC (Application Delivery Controller)","og:description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Applicat"},"eventUrl":"","translationId":3135,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":5,"title":"Enhance Staff Productivity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":348,"title":"No centralized control over IT systems"},{"id":375,"title":"No support for mobile and remote users"},{"id":386,"title":"Risk of lost access to data and IT systems"}]}},"categories":[{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.citrix.com/customers/louisville-gas-and-electric-company-and-kentucky-utilities-company.html","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":976,"title":"Citrix NetScaler MPX7500 Enterprise for Ukrainian mobile operator","description":"<span style=\"font-style: italic; \">Description is not ready yet</span>","alias":"citrix-netscaler-mpx7500-enterprise-for-ukrainian-mobile-operator","roi":0,"seo":{"title":"Citrix NetScaler MPX7500 Enterprise for Ukrainian mobile operator","keywords":"","description":"<span style=\"font-style: italic; \">Description is not ready yet</span>","og:title":"Citrix NetScaler MPX7500 Enterprise for Ukrainian mobile operator","og:description":"<span style=\"font-style: italic; \">Description is not ready yet</span>"},"deal_info":"","user":{"id":503,"title":"MTS Ukraine","logoURL":"https://old.roi4cio.com/uploads/roi/company/MTS_Ukraina.png","alias":"mts-ukraina","address":"","roles":[],"description":" The network of PrJSC MTS Ukraine covers more than 98% of the territory of Ukraine, where 99% of the population lives. The company serves more than 21.59 million subscribers. The company owns licenses for the provision of mobile (GSM-900/1800, CDMA-450 standard), fixed and international/long-distance communications, and also provides international roaming services on five continents. Revenues for 2013 amounted to 9.965 billion hryvnias.\r\nOJSC Mobile TeleSystems is the largest mobile operator in Eastern and Central Europe. The consolidated subscriber base of the company, excluding the MTS Belarus subscriber base, is more than 100 million subscribers. MTS and its subsidiaries provide GSM services in Armenia, Belarus, Russia, Ukraine and Turkmenistan; in the UMTS standard - in Russia, Armenia, Belarus; in CDMA-450 standard - in Ukraine, in LTE standard - in Russia and Armenia. The company also provides fixed-line and cable television services in Russia and Ukraine.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":5,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://company.mts.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"MTS Ukraine","keywords":"России, стандарте, услуги, Армении, связи, Украине, Компания, более","description":" The network of PrJSC MTS Ukraine covers more than 98% of the territory of Ukraine, where 99% of the population lives. The company serves more than 21.59 million subscribers. The company owns licenses for the provision of mobile (GSM-900/1800, CDMA-450 standar","og:title":"MTS Ukraine","og:description":" The network of PrJSC MTS Ukraine covers more than 98% of the territory of Ukraine, where 99% of the population lives. The company serves more than 21.59 million subscribers. The company owns licenses for the provision of mobile (GSM-900/1800, CDMA-450 standar","og:image":"https://old.roi4cio.com/uploads/roi/company/MTS_Ukraina.png"},"eventUrl":""},"supplier":{"id":6315,"title":"Sitronics Telecom Solutions Ukraine","logoURL":"https://old.roi4cio.com/uploads/roi/company/sitronics.png","alias":"sitronics","address":"Kyiv, Ukraine","roles":[],"description":"<span style=\"font-weight: bold;\">Sitronics Telecom Solutions Ukraine</span> is a national supplier of integrated technology solutions. For over 25 years it has been helping its corporate clients build IT environments and networks to improve business results, and optimize the cost and the speed of their implementation. Sitronics Telecom Solutions Ukraine is engaged in the search for advanced technologies, their in-depth study and provides Ukrainian companies with the most effective solutions based on the products of leading manufacturers. It has experience in consulting, integrating IT and network infrastructure, delivering software and hardware, project management, implementation services, integration, and technical support.\r\nSitronics Telecom Solutions Ukraine is a partner of numerous suppliers of software and hardware, has the highest partner status of all key vendors: Cisco Gold Certified Partner, Oracle Platinum Level, Microsoft Partner, HP Enterprise Gold Partner, Dell EMC Gold Solution Provider, Intel Gold Technology Provider, APC Elite Data Center Partner and many more.\r\nSitronics Telecom Solutions Ukraine offers specialized systems for designing, managing and controlling networks, databases and data warehouses, engineering solutions, as well as solutions for monitoring, analyzing and optimizing IT infrastructure for a large business with complex infrastructure. For small and medium enterprises, we supply turnkey solutions for building a basic IT infrastructure, including cloud and hybrid systems. ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":133,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":11,"vendorImplementationsCount":0,"vendorPartnersCount":6,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.stsua.com/ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Sitronics Telecom Solutions Ukraine","keywords":"","description":"<span style=\"font-weight: bold;\">Sitronics Telecom Solutions Ukraine</span> is a national supplier of integrated technology solutions. For over 25 years it has been helping its corporate clients build IT environments and networks to improve business results, a","og:title":"Sitronics Telecom Solutions Ukraine","og:description":"<span style=\"font-weight: bold;\">Sitronics Telecom Solutions Ukraine</span> is a national supplier of integrated technology solutions. For over 25 years it has been helping its corporate clients build IT environments and networks to improve business results, a","og:image":"https://old.roi4cio.com/uploads/roi/company/sitronics.png"},"eventUrl":""},"vendors":[{"id":182,"title":"Citrix","logoURL":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png","alias":"citrix","address":"","roles":[],"description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that Citrix received from Microsoft. The use of its own optimized ICA data transfer protocol allowed Citrix to successfully compete in the market with other powerful players. The company's flagship product is Citrix Presentation Server (now XenApp).<br /><br />In addition, the company offers a range of solutions for working with clouds and deploying virtual desktop infrastructures (VDI):<br /><br />Citrix Endpoint Management is a single end-to-end solution for managing mobile devices and applications for consistent productivity.<br /><br />Citrix Workspace is a platform for bringing all applications and data together in a secure, unified and personalized workspace\r\n<br />Citrix Cloud is a suite of cloud services that simplifies deployment and management of Citrix technologies, allowing you to extend existing software landscapes.<br /><br />Citrix also offers software tools for working with hybrid and multicloud environments.<br /><br />In 2005, Citrix acquired NetScaler, a networking company and also a hardware vendor. In 2007, the company acquired XenSource, a virtualization developer based on Xen, an open source hypervisor. Hundreds of thousands of customers worldwide use Citrix solutions. The company currently employs about 8,500 employees. Citrix is headquartered in Fort Lauderdale, Florida, USA. ","companyTypes":[],"products":{},"vendoredProductsCount":8,"suppliedProductsCount":8,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":9,"vendorImplementationsCount":11,"vendorPartnersCount":0,"supplierPartnersCount":6,"b4r":0,"categories":{},"companyUrl":"https://www.citrix.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Citrix","keywords":"company, Citrix, with, Microsoft, remote, 1995, software, partnership","description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:title":"Citrix","og:description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:image":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png"},"eventUrl":""}],"products":[{"id":137,"logo":false,"scheme":false,"title":"Citrix Virtual Apps and Desktops (XenApp and XenDesktop)","vendorVerified":0,"rating":"2.40","implementationsCount":7,"suppliersCount":0,"alias":"citrix-virtual-apps-and-desktops-xenapp-and-xendesktop","companyTypes":[],"description":" Only Citrix provides a complete virtual app and desktop solution to meet all your business needs. Give employees the freedom to work from anywhere while cutting IT costs. Deliver Windows, Linux, and web business applications or full virtual desktops from any cloud—public, on-premises or hybrid—within a modern digital workspace.\r\n\r\n<span style=\"font-weight: bold; \">The main features of Citrix Virtual Apps and Desktops:</span>\r\n<ul><li>HDX technology for optimized user experience</li></ul>\r\n<ul><li>Virtual Windows, Linux and web applications</li></ul>\r\n<ul><li>Single management console for apps and desktops</li></ul>\r\n<ul><li>Centralized security in the data center</li></ul>\r\n<ul><li>FIPS and Common Criteria certified</li></ul>\r\n<ul><li>Single image provisioning technology </li></ul>\r\n<ul><li>VDI desktops</li></ul>\r\n<ul><li>Remote PC access</li></ul>\r\n\r\n<span style=\"font-weight: bold; \">Unifying editions across the Citrix product portfolio</span>\r\n<ul><li>Citrix is also unifying product editions across its portfolio – designating them Standard, Advanced, and Premium.</li></ul>\r\n<ul><li>XenApp Advanced edition now will map to Citrix Virtual Apps Standard edition</li></ul>\r\n<ul><li>XenApp Enterprise edition maps to Citrix Virtual Apps Advanced edition</li></ul>\r\n<ul><li>XenApp Platinum edition maps to Citrix Virtual Apps Premium edition</li></ul>\r\n<ul><li>XenDesktop VDI edition maps to Citrix Virtual Desktops Standard edition</li></ul>\r\n<ul><li>XenDesktop Enterprise edition maps to Citrix Virtual Apps and Desktops Advanced edition</li></ul>\r\n<ul><li>XenDesktop Platinum edition maps Citrix Virtual Apps and Desktops Premium edition</li></ul>\r\nView a detailed feature matrix","shortDescription":"Citrix Virtual Apps and Desktops are virtualization solutions that give IT control of virtual machines, applications, licensing, and security, while providing anywhere access for any device.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":20,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Citrix Virtual Apps and Desktops (XenApp and XenDesktop)","keywords":"Single, desktops, data, technology, XenApp, apps, applications, Published","description":" Only Citrix provides a complete virtual app and desktop solution to meet all your business needs. Give employees the freedom to work from anywhere while cutting IT costs. Deliver Windows, Linux, and web business applications or full virtual desktop","og:title":"Citrix Virtual Apps and Desktops (XenApp and XenDesktop)","og:description":" Only Citrix provides a complete virtual app and desktop solution to meet all your business needs. Give employees the freedom to work from anywhere while cutting IT costs. Deliver Windows, Linux, and web business applications or full virtual desktop"},"eventUrl":"","translationId":138,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":299,"title":"Application and User Session Virtualization","alias":"application-and-user-session-virtualization","description":"Application virtualization is a technology that allows you to separate the software from the operating system on which it operates. Fully virtualized software is not installed in the traditional sense, although the end-user at first glance can not see it, because the virtualized software works just as normal. The software in the execution process works just as if it interacted with the operating system directly and with all its resources, but can be isolated or executed in a sandbox with different levels of restriction.\r\nModern operating systems, such as Microsoft Windows and Linux, can include limited software virtualization. For example, Windows 7 has Windows XP mode that allows you to run Windows XP software on Windows 7 without any changes.\r\nUser session virtualization is a newer version of desktop virtualization that works at the operating system level. While normal virtualization of the desktop allows an operating system to be run by virtualizing the hardware of the desktop, RDS and App-V allow for the virtualization of the applications. User session virtualization lies between the two.\r\nA desktop has an operating system loaded on the base hardware. This can be either physical or virtual. The user session virtualization keeps track of all changes to the operating system that a user might make by encapsulating the configuration changes and associating them to the user account. This allows the specific changes to be applied to the underlying operating system without actually changing it. This allows several users to have completely different operating system configurations applied to base operating system installation.\r\nIf you are in a distributed desktop environment and there are local file servers available at each location, you can deploy virtualized user sessions in the form of redirected folders and roaming profiles.","materialsDescription":" <span style=\"font-weight: bold;\">Understanding application virtualization</span>\r\nApplication virtualization technology isolates applications from the underlying operating system and from other applications to increase compatibility and manageability. This application virtualization technology enables applications to be streamed from a centralized location into an isolation environment on the target device where they will execute. The application files, configuration, and settings are copied to the target device and the application execution at run time is controlled by the application virtualization layer. When executed, the application run time believes that it is interfacing directly with the operating system when, in fact, it is interfacing with a virtualization environment that proxies all requests to the operating system.\r\n<span style=\"font-weight: bold;\">Understanding session virtualization</span>\r\nSession virtualization uses application streaming to deliver applications to hosting servers in the datacenter. The Application then connects the user to the server. The application then executes entirely on the server. The user interacts with the application remotely by sending mouse-clicks and keystrokes to the server. The server then responds by sending screen updates back to the user’s device. Whereas application virtualization is limited to Windows-based operating systems, session virtualization allows any user on any operating system to access any application delivered by IT. As a result, the application enables Windows, Mac, Linux, iOS and Android devices to run any applications using session virtualization. Furthermore, session virtualization leverages server-side processing power which liberates IT from the endless cycle of PC hardware refreshes which are typically needed to support application upgrades when using traditional application deployment methods.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Application_and_User_Session_Virtualization__1_.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3132,"logo":false,"scheme":false,"title":"Citrix ADC (Application Delivery Controller)","vendorVerified":0,"rating":"2.80","implementationsCount":4,"suppliersCount":0,"alias":"citrix-adc-application-delivery-controller","companyTypes":[],"description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Application delivery controllers are purpose-built networking appliances whose function is to improve the performance, security and resiliency of applications delivered over the web.</span></p>\r\n<p>Citrix ADC is an application delivery and load balancing solution that provides a high-quality user experience for your web, traditional, and cloud-native applications regardless of where they are hosted. It comes in a wide variety of form factors and deployment options without locking you into a single cloud. Pooled capacity licensing enables the movement of capacity among cloud deployments.</p>\r\n<p> </p>\r\n<p><span style=\"font-weight: bold;\">The main features of Citrix ADC:</span></p>\r\n<ul>\r\n<li>Provides industry-leading app delivery and load balancing</li>\r\n</ul>\r\n<ul>\r\n<li>Fully integrates with Cisco ACI; endorsed as a Cisco ACE replacement</li>\r\n</ul>\r\n<ul>\r\n<li>Offers the most comprehensive set of ADC features in the ACI ecosystem</li>\r\n</ul>\r\n<ul>\r\n<li>Enables automation and orchestration of network-critical services to boost agility</li>\r\n</ul>","shortDescription":"Citrix ADC is an application delivery and load balancing solution that provides a high-quality user experience for web, traditional, and cloud-native applications regardless of where they are hosted.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Citrix ADC (Application Delivery Controller)","keywords":"","description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Applicat","og:title":"Citrix ADC (Application Delivery Controller)","og:description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Applicat"},"eventUrl":"","translationId":3135,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":217,"title":"Ukraine","name":"UKR"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":7,"title":"Improve Customer Service"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":373,"title":"IT infrastructure does not meet business tasks"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":393,"title":"Complex and non-transparent business processes"},{"id":397,"title":"Insufficient risk management"},{"id":400,"title":"High costs"}]}},"categories":[{"id":299,"title":"Application and User Session Virtualization","alias":"application-and-user-session-virtualization","description":"Application virtualization is a technology that allows you to separate the software from the operating system on which it operates. Fully virtualized software is not installed in the traditional sense, although the end-user at first glance can not see it, because the virtualized software works just as normal. The software in the execution process works just as if it interacted with the operating system directly and with all its resources, but can be isolated or executed in a sandbox with different levels of restriction.\r\nModern operating systems, such as Microsoft Windows and Linux, can include limited software virtualization. For example, Windows 7 has Windows XP mode that allows you to run Windows XP software on Windows 7 without any changes.\r\nUser session virtualization is a newer version of desktop virtualization that works at the operating system level. While normal virtualization of the desktop allows an operating system to be run by virtualizing the hardware of the desktop, RDS and App-V allow for the virtualization of the applications. User session virtualization lies between the two.\r\nA desktop has an operating system loaded on the base hardware. This can be either physical or virtual. The user session virtualization keeps track of all changes to the operating system that a user might make by encapsulating the configuration changes and associating them to the user account. This allows the specific changes to be applied to the underlying operating system without actually changing it. This allows several users to have completely different operating system configurations applied to base operating system installation.\r\nIf you are in a distributed desktop environment and there are local file servers available at each location, you can deploy virtualized user sessions in the form of redirected folders and roaming profiles.","materialsDescription":" <span style=\"font-weight: bold;\">Understanding application virtualization</span>\r\nApplication virtualization technology isolates applications from the underlying operating system and from other applications to increase compatibility and manageability. This application virtualization technology enables applications to be streamed from a centralized location into an isolation environment on the target device where they will execute. The application files, configuration, and settings are copied to the target device and the application execution at run time is controlled by the application virtualization layer. When executed, the application run time believes that it is interfacing directly with the operating system when, in fact, it is interfacing with a virtualization environment that proxies all requests to the operating system.\r\n<span style=\"font-weight: bold;\">Understanding session virtualization</span>\r\nSession virtualization uses application streaming to deliver applications to hosting servers in the datacenter. The Application then connects the user to the server. The application then executes entirely on the server. The user interacts with the application remotely by sending mouse-clicks and keystrokes to the server. The server then responds by sending screen updates back to the user’s device. Whereas application virtualization is limited to Windows-based operating systems, session virtualization allows any user on any operating system to access any application delivered by IT. As a result, the application enables Windows, Mac, Linux, iOS and Android devices to run any applications using session virtualization. Furthermore, session virtualization leverages server-side processing power which liberates IT from the endless cycle of PC hardware refreshes which are typically needed to support application upgrades when using traditional application deployment methods.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Application_and_User_Session_Virtualization__1_.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://ko.com.ua/mts_ukraina_podklyuchaet_magaziny_k_oblakam_68410","title":"Media"}},"comments":[],"referencesCount":0},{"id":791,"title":"Citrix Workspace for manufacturer of wind turbines","description":" <span style=\"font-weight: bold;\">Лидер ветроэнергетики смотрит в будущее</span>\r\nОснованная в 1898 году как кузнечная мастерская в сельской Дании, Vestas многократно меняла свою деятельность - от производства кухонных приборов до изготовления гидравлических кранов и промежуточных охладителей для турбонагнетателей. Сегодня это ведущий мировой поставщик ветряных турбин.\r\nВ такой инновационной компании ИТ-организация должна быть ключевым игроком. «<span style=\"font-style: italic;\">Ответственность за новаторство в сфере ИТ лежит на нас»,</span> - говорит Кристоффер Николайсен, ИТ-архитектор Vestas. <span style=\"font-style: italic;\">«ИТ-специалисты не могут просто сидеть в подвале, присматривая за серверами и следя за тем, чтобы все работало нормально».</span>\r\nРынок устойчивой энергетики быстро развивается, и Николайсен и его коллеги по ИТ помогают держать Vestas в игре, постоянно укрепляя конкурентные позиции компании.\r\nДля этого они полагаются на Citrix. Решения Citrix помогают повысить производительность, улучшить работу на рабочем месте и обеспечить безопасность информации. Более того, они поддерживают традицию Vestas в области инноваций и совершенства.<br /><br /><span style=\"font-weight: bold;\">Гибкие решения повышают производительность для всех</span>\r\nУ Vestas есть разнообразная группа сотрудников: от рабочих, которые шлифуют лезвия на фабрике до инженеров, путешествующих по миру. Программное обеспечение для виртуализации Citrix XenApp и XenDesktop обеспечивает гибкость, необходимую Vestas для повышения производительности всех из них. Например, до недавнего времени работники огромных турбинных заводов компании ходили по длинным производственным линиям, проверяли тысячи точек качества и все еще использовали бумагу для заметок. Благодаря технологии Citrix Vestas автоматизирует этот процесс и повышает производительность.\r\nVestas теперь может принимать приложения, обычно доступные только в Windows, и представлять их на любом устройстве. А благодаря решению Citrix XenMobile Vestas может управлять устройствами, приложениями и контентом на собственных устройствах (BYO) и корпоративных устройствах по всему миру.\r\n<span style=\"font-style: italic;\">«Работа - это не место; это то, что вы делаете »,</span> - говорит Николайсен. <span style=\"font-style: italic;\">«XenDesktop и XenApp позволяют нашим пользователям работать так, как им удобно, так и наиболее продуктивно».</span> И успехи последовали. Теперь вместо того, чтобы потратить недели на адаптацию к новой системе и стилю работы, сотрудники продуктивно работают с первого дня.<br /><br /><span style=\"font-weight: bold;\">Безопасное сотрудничество защищает работу с третьими лицами</span>\r\nVestas поставляет автоматизированные проекты высокой четкости (CAD) консультантам в разных странах. <span style=\"font-style: italic;\">«У нас есть инженеры по всему миру, которые разрабатывают наши турбины», </span>- говорит Николайсен. <span style=\"font-style: italic;\">«Но мы не хотим, чтобы наша интеллектуальная собственность передавалась конкурентам, чтобы они могли вывести на рынок новую турбину».</span>\r\nРешения Citrix не только позволяют третьим сторонам получить доступ к проектам. HDX 3D Pro, набор технологий ускорения графики, оптимизирует виртуализацию богатых графических приложений и обеспечивает безопасное удаленное взаимодействие в режиме реального времени с проектными данными.\r\nРешения Citrix также позволяют Vestas быстрее и безопаснее подключать внешних консультантов, поскольку сотрудники могут создавать инфраструктуру виртуальных рабочих столов и предоставлять ее, как только они в ней нуждаются.<br /><br /><span style=\"font-weight: bold;\">100-процентное время безотказной работы обеспечивает исключительный пользовательский опыт</span>\r\nЧтобы оставаться конкурентоспособными, сегодня компании должны использовать преимущества облака. Но это преимущество испаряется, если доставка приложений ненадежна, а время безотказной работы не составляет 100 процентов. Vestas использует технологию Citrix NetScaler App Delivery Controller для обеспечения бесперебойной работы приложений и безупречной производительности.\r\nVestas может предоставлять приложения для гибридных и многокристальных архитектур с исключительным пользовательским интерфейсом. <span style=\"font-style: italic;\">«NetScaler ADC - это способ перенести различные решения в облако и связать их все вместе»</span>, - говорит Николайсен. <span style=\"font-style: italic;\">«Это очень важно, потому что наше ERP-решение и некоторые из наших приложений Microsoft находятся в облаке. Кроме того, мы хотим перенести XenMobile в облако. Нам нужен NetScaler, чтобы связать все эти части вместе ».</span><br /><span style=\"font-weight: bold;\"><br />Гибкие продукты делают будущую технологию реальностью уже сейчас</span>\r\nБудущее ИТ находится в конференц-зале, а не в серверной. Он поддерживает инновации и предоставляет сотрудникам новые способы лучше выполнять свою работу. Он доставляет прямые и релевантные приложения и данные быстро. Это дает людям возможность сосредоточиться на своих задачах, а не заниматься сложным пользовательским интерфейсом.\r\nVestas использует решения Citrix, чтобы сделать это будущее реальностью. ИТ-отдел может предоставить работникам единообразный опыт, помогая им сосредоточиться на своей работе. Например, пользователи могут использовать систему планирования ресурсов предприятия (ERP) на виртуальном рабочем столе или мобильном устройстве, и оно выглядит как собственное приложение, даже если оно размещено в центре обработки данных Vestas.\r\n<span style=\"font-style: italic;\">«Мы многому учимся, просто слушая наших пользователей, а не рассказывая им, что делать», </span>- говорит Томас Даугор, ИТ-архитектор Vestas. <span style=\"font-style: italic;\">«Это легче сказать, чем сделать. Часто ИТ-команда настолько занята обслуживанием систем, что у них нет времени слушать, учиться и внедрять инновации. Технология Citrix делает это возможным.</span>\r\n<span style=\"font-style: italic;\">«Citrix избавила нас от некоторых операционных проблем, с которыми мы столкнулись, и высвободила время для наших ИТ-специалистов для работы с бизнесом и выяснения того, как создавать решения для поддержки бизнеса»,</span> - говорит Даугор. <span style=\"font-style: italic;\">«И когда ИТ могут помочь бизнесу, это здорово. Я бы предпочел сделать это, чем работать с серверами и исправлять программное обеспечение в течение всего дня ».</span><br /><br /><br />","alias":"citrix-workspace-for-manufacturer-of-wind-turbines","roi":0,"seo":{"title":"Citrix Workspace for manufacturer of wind turbines","keywords":"","description":" <span style=\"font-weight: bold;\">Лидер ветроэнергетики смотрит в будущее</span>\r\nОснованная в 1898 году как кузнечная мастерская в сельской Дании, Vestas многократно меняла свою деятельность - от производства кухонных приборов до изготовления гидравлических к","og:title":"Citrix Workspace for manufacturer of wind turbines","og:description":" <span style=\"font-weight: bold;\">Лидер ветроэнергетики смотрит в будущее</span>\r\nОснованная в 1898 году как кузнечная мастерская в сельской Дании, Vestas многократно меняла свою деятельность - от производства кухонных приборов до изготовления гидравлических к"},"deal_info":"","user":{"id":5420,"title":"Vestas","logoURL":"https://old.roi4cio.com/uploads/roi/company/Vestas.jpeg","alias":"vestas","address":"","roles":[],"description":" Vestas Wind Systems A/S is a Danish manufacturer, seller, installer, and servicer of wind turbines founded in 1945. The company operates manufacturing plants in Denmark, Germany, India, Italy, Romania, the United Kingdom, Spain, Sweden, Norway, Australia, China, and the United States.\r\nVestas lives on the cutting edge. Founded in 1898 as a blacksmith shop in rural Denmark, it has reinvented itself many times—from manufacturing kitchen appliances to making hydraulic cranes and intercoolers for turbochargers. Today it is the world’s leading wind turbine supplier.\r\nVestas designs, manufactures, installs, and services wind turbines across the globe, and with 101 GW of wind turbines in 80 countries, it has installed more wind power than anyone else.\r\nThrough its industry-leading smart data capabilities and unparalleled 86 GW of wind turbines under service, Vestas uses data to interpret, forecast, and exploit wind resources and deliver best-in-class wind power solutions. Together with its customers, Vestas’ more than 24,600 employees are bringing the world sustainable energy solutions to power a bright future.<br /><br />","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.vestas.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Vestas","keywords":"","description":" Vestas Wind Systems A/S is a Danish manufacturer, seller, installer, and servicer of wind turbines founded in 1945. The company operates manufacturing plants in Denmark, Germany, India, Italy, Romania, the United Kingdom, Spain, Sweden, Norway, Australia","og:title":"Vestas","og:description":" Vestas Wind Systems A/S is a Danish manufacturer, seller, installer, and servicer of wind turbines founded in 1945. The company operates manufacturing plants in Denmark, Germany, India, Italy, Romania, the United Kingdom, Spain, Sweden, Norway, Australia","og:image":"https://old.roi4cio.com/uploads/roi/company/Vestas.jpeg"},"eventUrl":""},"supplier":{"id":182,"title":"Citrix","logoURL":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png","alias":"citrix","address":"","roles":[],"description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that Citrix received from Microsoft. The use of its own optimized ICA data transfer protocol allowed Citrix to successfully compete in the market with other powerful players. The company's flagship product is Citrix Presentation Server (now XenApp).<br /><br />In addition, the company offers a range of solutions for working with clouds and deploying virtual desktop infrastructures (VDI):<br /><br />Citrix Endpoint Management is a single end-to-end solution for managing mobile devices and applications for consistent productivity.<br /><br />Citrix Workspace is a platform for bringing all applications and data together in a secure, unified and personalized workspace\r\n<br />Citrix Cloud is a suite of cloud services that simplifies deployment and management of Citrix technologies, allowing you to extend existing software landscapes.<br /><br />Citrix also offers software tools for working with hybrid and multicloud environments.<br /><br />In 2005, Citrix acquired NetScaler, a networking company and also a hardware vendor. In 2007, the company acquired XenSource, a virtualization developer based on Xen, an open source hypervisor. Hundreds of thousands of customers worldwide use Citrix solutions. The company currently employs about 8,500 employees. Citrix is headquartered in Fort Lauderdale, Florida, USA. ","companyTypes":[],"products":{},"vendoredProductsCount":8,"suppliedProductsCount":8,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":9,"vendorImplementationsCount":11,"vendorPartnersCount":0,"supplierPartnersCount":6,"b4r":0,"categories":{},"companyUrl":"https://www.citrix.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Citrix","keywords":"company, Citrix, with, Microsoft, remote, 1995, software, partnership","description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:title":"Citrix","og:description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:image":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png"},"eventUrl":""},"vendors":[{"id":182,"title":"Citrix","logoURL":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png","alias":"citrix","address":"","roles":[],"description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that Citrix received from Microsoft. The use of its own optimized ICA data transfer protocol allowed Citrix to successfully compete in the market with other powerful players. The company's flagship product is Citrix Presentation Server (now XenApp).<br /><br />In addition, the company offers a range of solutions for working with clouds and deploying virtual desktop infrastructures (VDI):<br /><br />Citrix Endpoint Management is a single end-to-end solution for managing mobile devices and applications for consistent productivity.<br /><br />Citrix Workspace is a platform for bringing all applications and data together in a secure, unified and personalized workspace\r\n<br />Citrix Cloud is a suite of cloud services that simplifies deployment and management of Citrix technologies, allowing you to extend existing software landscapes.<br /><br />Citrix also offers software tools for working with hybrid and multicloud environments.<br /><br />In 2005, Citrix acquired NetScaler, a networking company and also a hardware vendor. In 2007, the company acquired XenSource, a virtualization developer based on Xen, an open source hypervisor. Hundreds of thousands of customers worldwide use Citrix solutions. The company currently employs about 8,500 employees. Citrix is headquartered in Fort Lauderdale, Florida, USA. ","companyTypes":[],"products":{},"vendoredProductsCount":8,"suppliedProductsCount":8,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":9,"vendorImplementationsCount":11,"vendorPartnersCount":0,"supplierPartnersCount":6,"b4r":0,"categories":{},"companyUrl":"https://www.citrix.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Citrix","keywords":"company, Citrix, with, Microsoft, remote, 1995, software, partnership","description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:title":"Citrix","og:description":"Citrix was founded in 1989. The company specializes in virtualization technologies, cloud computing and network security.<br /><br />Citrix has become a renowned provider of multi-user solutions. The company's key advantage was the OS source code license that ","og:image":"https://old.roi4cio.com/uploads/roi/company/Citrix_Systems_logo.png"},"eventUrl":""}],"products":[{"id":137,"logo":false,"scheme":false,"title":"Citrix Virtual Apps and Desktops (XenApp and XenDesktop)","vendorVerified":0,"rating":"2.40","implementationsCount":7,"suppliersCount":0,"alias":"citrix-virtual-apps-and-desktops-xenapp-and-xendesktop","companyTypes":[],"description":" Only Citrix provides a complete virtual app and desktop solution to meet all your business needs. Give employees the freedom to work from anywhere while cutting IT costs. Deliver Windows, Linux, and web business applications or full virtual desktops from any cloud—public, on-premises or hybrid—within a modern digital workspace.\r\n\r\n<span style=\"font-weight: bold; \">The main features of Citrix Virtual Apps and Desktops:</span>\r\n<ul><li>HDX technology for optimized user experience</li></ul>\r\n<ul><li>Virtual Windows, Linux and web applications</li></ul>\r\n<ul><li>Single management console for apps and desktops</li></ul>\r\n<ul><li>Centralized security in the data center</li></ul>\r\n<ul><li>FIPS and Common Criteria certified</li></ul>\r\n<ul><li>Single image provisioning technology </li></ul>\r\n<ul><li>VDI desktops</li></ul>\r\n<ul><li>Remote PC access</li></ul>\r\n\r\n<span style=\"font-weight: bold; \">Unifying editions across the Citrix product portfolio</span>\r\n<ul><li>Citrix is also unifying product editions across its portfolio – designating them Standard, Advanced, and Premium.</li></ul>\r\n<ul><li>XenApp Advanced edition now will map to Citrix Virtual Apps Standard edition</li></ul>\r\n<ul><li>XenApp Enterprise edition maps to Citrix Virtual Apps Advanced edition</li></ul>\r\n<ul><li>XenApp Platinum edition maps to Citrix Virtual Apps Premium edition</li></ul>\r\n<ul><li>XenDesktop VDI edition maps to Citrix Virtual Desktops Standard edition</li></ul>\r\n<ul><li>XenDesktop Enterprise edition maps to Citrix Virtual Apps and Desktops Advanced edition</li></ul>\r\n<ul><li>XenDesktop Platinum edition maps Citrix Virtual Apps and Desktops Premium edition</li></ul>\r\nView a detailed feature matrix","shortDescription":"Citrix Virtual Apps and Desktops are virtualization solutions that give IT control of virtual machines, applications, licensing, and security, while providing anywhere access for any device.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":20,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Citrix Virtual Apps and Desktops (XenApp and XenDesktop)","keywords":"Single, desktops, data, technology, XenApp, apps, applications, Published","description":" Only Citrix provides a complete virtual app and desktop solution to meet all your business needs. Give employees the freedom to work from anywhere while cutting IT costs. Deliver Windows, Linux, and web business applications or full virtual desktop","og:title":"Citrix Virtual Apps and Desktops (XenApp and XenDesktop)","og:description":" Only Citrix provides a complete virtual app and desktop solution to meet all your business needs. Give employees the freedom to work from anywhere while cutting IT costs. Deliver Windows, Linux, and web business applications or full virtual desktop"},"eventUrl":"","translationId":138,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":299,"title":"Application and User Session Virtualization","alias":"application-and-user-session-virtualization","description":"Application virtualization is a technology that allows you to separate the software from the operating system on which it operates. Fully virtualized software is not installed in the traditional sense, although the end-user at first glance can not see it, because the virtualized software works just as normal. The software in the execution process works just as if it interacted with the operating system directly and with all its resources, but can be isolated or executed in a sandbox with different levels of restriction.\r\nModern operating systems, such as Microsoft Windows and Linux, can include limited software virtualization. For example, Windows 7 has Windows XP mode that allows you to run Windows XP software on Windows 7 without any changes.\r\nUser session virtualization is a newer version of desktop virtualization that works at the operating system level. While normal virtualization of the desktop allows an operating system to be run by virtualizing the hardware of the desktop, RDS and App-V allow for the virtualization of the applications. User session virtualization lies between the two.\r\nA desktop has an operating system loaded on the base hardware. This can be either physical or virtual. The user session virtualization keeps track of all changes to the operating system that a user might make by encapsulating the configuration changes and associating them to the user account. This allows the specific changes to be applied to the underlying operating system without actually changing it. This allows several users to have completely different operating system configurations applied to base operating system installation.\r\nIf you are in a distributed desktop environment and there are local file servers available at each location, you can deploy virtualized user sessions in the form of redirected folders and roaming profiles.","materialsDescription":" <span style=\"font-weight: bold;\">Understanding application virtualization</span>\r\nApplication virtualization technology isolates applications from the underlying operating system and from other applications to increase compatibility and manageability. This application virtualization technology enables applications to be streamed from a centralized location into an isolation environment on the target device where they will execute. The application files, configuration, and settings are copied to the target device and the application execution at run time is controlled by the application virtualization layer. When executed, the application run time believes that it is interfacing directly with the operating system when, in fact, it is interfacing with a virtualization environment that proxies all requests to the operating system.\r\n<span style=\"font-weight: bold;\">Understanding session virtualization</span>\r\nSession virtualization uses application streaming to deliver applications to hosting servers in the datacenter. The Application then connects the user to the server. The application then executes entirely on the server. The user interacts with the application remotely by sending mouse-clicks and keystrokes to the server. The server then responds by sending screen updates back to the user’s device. Whereas application virtualization is limited to Windows-based operating systems, session virtualization allows any user on any operating system to access any application delivered by IT. As a result, the application enables Windows, Mac, Linux, iOS and Android devices to run any applications using session virtualization. Furthermore, session virtualization leverages server-side processing power which liberates IT from the endless cycle of PC hardware refreshes which are typically needed to support application upgrades when using traditional application deployment methods.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Application_and_User_Session_Virtualization__1_.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":449,"logo":false,"scheme":false,"title":"Citrix Endpoint Management (XenMobile)","vendorVerified":0,"rating":"2.80","implementationsCount":7,"suppliersCount":0,"alias":"citrixendpointmanagementxenmobile","companyTypes":[],"description":"Endpoint Management provides Mobile Device Management (MDM) and Mobile App Management (MAM).<br /><br /><span style=\"font-weight: bold;\">MDM features of Endpoint Management let you:</span>\r\n<ul> <li>Deploy device policies and apps.</li> </ul>\r\n<ul> <li>Retrieve asset inventories.</li> </ul>\r\n<ul> <li>Carry out actions on devices, such as a device wipe.</li> </ul>\r\n\r\n<span style=\"font-weight: bold;\">MAM features of Endpoint Management let you:</span>\r\n<ul> <li>Secure apps and data on BYO mobile devices.</li> </ul>\r\n<ul> <li>Deliver enterprise mobile apps.</li> </ul>\r\n<ul> <li>Lock apps and wipe their data.</li> </ul>\r\n\r\n<span style=\"font-weight: bold;\">Withi a combination of MDM and MAM features, you can:</span>\r\n<ul> <li>Manage a corporate-issued device by using MDM</li> </ul>\r\n<ul> <li>Deploy device policies and apps</li> </ul>\r\n<ul> <li>Retrieve an asset inventory</li> </ul>\r\n<ul> <li>Wipe devices</li> </ul>\r\n<ul> <li>Deliver enterprise mobile apps</li> </ul>\r\n<ul> <li>Lock apps and wipe the data on devices</li> </ul>","shortDescription":"Citrix Endpoint Management (formerly XenMobile) is a solution for managing endpoints, offering mobile device management (MDM) and mobile application management (MAM) capabilities. \r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Citrix Endpoint Management (XenMobile)","keywords":"management, devices, with, endpoint, unified, workspace, device, Simplify","description":"Endpoint Management provides Mobile Device Management (MDM) and Mobile App Management (MAM).<br /><br /><span style=\"font-weight: bold;\">MDM features of Endpoint Management let you:</span>\r\n<ul> <li>Deploy device policies and apps.</li> </ul>\r\n<ul> <li>Retriev","og:title":"Citrix Endpoint Management (XenMobile)","og:description":"Endpoint Management provides Mobile Device Management (MDM) and Mobile App Management (MAM).<br /><br /><span style=\"font-weight: bold;\">MDM features of Endpoint Management let you:</span>\r\n<ul> <li>Deploy device policies and apps.</li> </ul>\r\n<ul> <li>Retriev"},"eventUrl":"","translationId":1062,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":449,"logo":false,"scheme":false,"title":"Citrix Endpoint Management (XenMobile)","vendorVerified":0,"rating":"2.80","implementationsCount":7,"suppliersCount":0,"alias":"citrixendpointmanagementxenmobile","companyTypes":[],"description":"Endpoint Management provides Mobile Device Management (MDM) and Mobile App Management (MAM).<br /><br /><span style=\"font-weight: bold;\">MDM features of Endpoint Management let you:</span>\r\n<ul> <li>Deploy device policies and apps.</li> </ul>\r\n<ul> <li>Retrieve asset inventories.</li> </ul>\r\n<ul> <li>Carry out actions on devices, such as a device wipe.</li> </ul>\r\n\r\n<span style=\"font-weight: bold;\">MAM features of Endpoint Management let you:</span>\r\n<ul> <li>Secure apps and data on BYO mobile devices.</li> </ul>\r\n<ul> <li>Deliver enterprise mobile apps.</li> </ul>\r\n<ul> <li>Lock apps and wipe their data.</li> </ul>\r\n\r\n<span style=\"font-weight: bold;\">Withi a combination of MDM and MAM features, you can:</span>\r\n<ul> <li>Manage a corporate-issued device by using MDM</li> </ul>\r\n<ul> <li>Deploy device policies and apps</li> </ul>\r\n<ul> <li>Retrieve an asset inventory</li> </ul>\r\n<ul> <li>Wipe devices</li> </ul>\r\n<ul> <li>Deliver enterprise mobile apps</li> </ul>\r\n<ul> <li>Lock apps and wipe the data on devices</li> </ul>","shortDescription":"Citrix Endpoint Management (formerly XenMobile) is a solution for managing endpoints, offering mobile device management (MDM) and mobile application management (MAM) capabilities. \r\n","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Citrix Endpoint Management (XenMobile)","keywords":"management, devices, with, endpoint, unified, workspace, device, Simplify","description":"Endpoint Management provides Mobile Device Management (MDM) and Mobile App Management (MAM).<br /><br /><span style=\"font-weight: bold;\">MDM features of Endpoint Management let you:</span>\r\n<ul> <li>Deploy device policies and apps.</li> </ul>\r\n<ul> <li>Retriev","og:title":"Citrix Endpoint Management (XenMobile)","og:description":"Endpoint Management provides Mobile Device Management (MDM) and Mobile App Management (MAM).<br /><br /><span style=\"font-weight: bold;\">MDM features of Endpoint Management let you:</span>\r\n<ul> <li>Deploy device policies and apps.</li> </ul>\r\n<ul> <li>Retriev"},"eventUrl":"","translationId":1062,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3132,"logo":false,"scheme":false,"title":"Citrix ADC (Application Delivery Controller)","vendorVerified":0,"rating":"2.80","implementationsCount":4,"suppliersCount":0,"alias":"citrix-adc-application-delivery-controller","companyTypes":[],"description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Application delivery controllers are purpose-built networking appliances whose function is to improve the performance, security and resiliency of applications delivered over the web.</span></p>\r\n<p>Citrix ADC is an application delivery and load balancing solution that provides a high-quality user experience for your web, traditional, and cloud-native applications regardless of where they are hosted. It comes in a wide variety of form factors and deployment options without locking you into a single cloud. Pooled capacity licensing enables the movement of capacity among cloud deployments.</p>\r\n<p> </p>\r\n<p><span style=\"font-weight: bold;\">The main features of Citrix ADC:</span></p>\r\n<ul>\r\n<li>Provides industry-leading app delivery and load balancing</li>\r\n</ul>\r\n<ul>\r\n<li>Fully integrates with Cisco ACI; endorsed as a Cisco ACE replacement</li>\r\n</ul>\r\n<ul>\r\n<li>Offers the most comprehensive set of ADC features in the ACI ecosystem</li>\r\n</ul>\r\n<ul>\r\n<li>Enables automation and orchestration of network-critical services to boost agility</li>\r\n</ul>","shortDescription":"Citrix ADC is an application delivery and load balancing solution that provides a high-quality user experience for web, traditional, and cloud-native applications regardless of where they are hosted.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Citrix ADC (Application Delivery Controller)","keywords":"","description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Applicat","og:title":"Citrix ADC (Application Delivery Controller)","og:description":"<p><span style=\"color: #616161;\">ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.<br />Applicat"},"eventUrl":"","translationId":3135,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3406,"logo":false,"scheme":false,"title":"Citrix Workspace","vendorVerified":0,"rating":"2.70","implementationsCount":2,"suppliersCount":0,"alias":"citrix-workspace","companyTypes":[],"description":"<p>With new workstyles and complex IT environments, it’s increasingly frustrating for people to get work done in a productive way. Employees are forced to remember numerous logins as they switch between applications—not to mention the time they can waste searching across locations for information. This is all while dealing with performance and security issues that can further hinder the employee experience. Citrix Workspace is the only solution that delivers a unified, secure and intelligent workspace that lets people do their best work while maintaining a high-quality user experience.</p>\r\n<p>With Citrix Workspace users get a seamless work experience regardless of the type of app, device, network, or location, without a lot of extra steps. IT maintains control and visibility of SaaS, mobile, virtual, and web apps with a simple and integrated solution that enhances user experience, giving them the best tool to work efficiently. <a class=\"external-link-new-window\" title=\"Opens internal link in current window\" href=\"https://www.citrix.com/products/citrix-workspace/\" target=\"_blank\" rel=\"noopener\">Compare </a>below to see which product best suits your business needs.</p>\r\n<p><span style=\"font-weight: bold;\">Citrix Workspace</span></p>\r\n<ul>\r\n<li>Provides employees a single, actionable view into all of their systems.</li>\r\n</ul>\r\n<ul>\r\n<li>Breaks down complex SaaS applications into single-purpose streamlined workflows.</li>\r\n</ul>\r\n<ul>\r\n<li>Automates work by pushing important information and tasks to any device, intranet or messenger.</li>\r\n</ul>\r\n<p><span style=\"font-weight: bold;\">Services included</span></p>\r\n<ul>\r\n<li>Citrix Virtual Apps and Desktops (formerly XenApp and XenDesktop Service)</li>\r\n</ul>\r\n<ul>\r\n<li>Citrix Endpoint Management (formerly XenMobile Service)</li>\r\n</ul>\r\n<ul>\r\n<li>Citrix Content Collaboration (ShareFile integration)</li>\r\n</ul>\r\n<ul>\r\n<li>Citrix Access Control</li>\r\n</ul>\r\n<ul>\r\n<li>Citrix Analytics</li>\r\n</ul>","shortDescription":"Combine the benefits of app and desktop virtualization, endpoint management, content collaboration and web/SaaS access control to deliver the secure digital workspace your business needs.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":3,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Citrix Workspace","keywords":"","description":"<p>With new workstyles and complex IT environments, it’s increasingly frustrating for people to get work done in a productive way. Employees are forced to remember numerous logins as they switch between applications—not to mention the time they can","og:title":"Citrix Workspace","og:description":"<p>With new workstyles and complex IT environments, it’s increasingly frustrating for people to get work done in a productive way. Employees are forced to remember numerous logins as they switch between applications—not to mention the time they can"},"eventUrl":"","translationId":3407,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":3,"title":"MDM - Mobile Device Management","alias":"mdm-mobile-device-management","description":" <span style=\"font-weight: bold; \">Mobile device management (MDM)</span> is an industry term for the administration of mobile devices, such as smartphones, tablet computers and laptops. Device management system is usually implemented with the use of a third party product that has management features for particular vendors of mobile devices.\r\nMDM is typically a deployment of a combination of on-device applications and configurations, corporate policies and certificates, and backend infrastructure, for the purpose of simplifying and enhancing the IT management of end user devices. In modern corporate IT environments, the sheer number and diversity of managed devices (and user behavior) has motivated device management tools that allow the management of devices and users in a consistent and scalable way. The overall role of MDM is to increase device supportability, security, and corporate functionality while maintaining some user flexibility.\r\nMany organizations administer devices and applications using MDM products/services. Mobile device management software primarily deals with corporate data segregation, securing emails, securing corporate documents on devices, enforcing corporate policies, integrating and managing mobile devices including laptops and handhelds of various categories. MDM implementations may be either on-premises or cloud-based.\r\nMDM functionality can include over-the-air distribution of applications, data and configuration settings for all types of mobile devices, including mobile phones, smartphones, tablet computers, ruggedized mobile computers, mobile printers, mobile POS devices, etc. Most recently laptops and desktops have been added to the list of systems supported as Mobile Device Management becomes more about basic device management and less about the mobile platform itself. \r\nSome of the <span style=\"font-weight: bold; \">core functions</span> of mobile management software include:\r\n<ul><li>Ensuring that diverse user equipment is configured to a consistent standard/supported set of applications, functions, or corporate policies</li><li>Updating equipment, applications, functions, or policies in a scalable manner</li><li>Ensuring that users use applications in a consistent and supportable manner</li><li>Ensuring that equipment performs consistently</li><li>Monitoring and tracking equipment (e.g. location, status, ownership, activity)</li><li>Being able to efficiently diagnose and troubleshoot equipment remotely</li></ul>\r\nDevice management solutions are leveraged for both company-owned and employee-owned (Bring Your Own Device) devices across the enterprise or mobile devices owned by consumers. Consumer demand for BYOD is now requiring a greater effort for MDM and increased security for both the devices and the enterprise they connect to, especially since employers and employees have different expectations concerning the types of restrictions that should be applied to mobile devices.\r\nBy controlling and protecting the data and configuration settings of all mobile devices in a network, enterprise device management software can reduce support costs and business risks. The intent of MDM is to optimize the functionality and security of a mobile communications network while minimizing cost and downtime.\r\nWith mobile devices becoming ubiquitous and applications flooding the market, mobile monitoring is growing in importance. The use of mobile device management across continues to grow at a steady pace, and is likely to register a compound annual growth rate (CAGR) of nearly 23% through 2028. The US will continue to be the largest market for mobile device management globally. ","materialsDescription":"<h1 class=\"align-center\">How Mobile Device Management works?</h1>\r\nMobile device management relies on endpoint software called an MDM agent and an MDM server that lives in a data center. IT administrators configure policies through the MDM server's management console, and the server then pushes those policies over the air to the MDM agent on the device. The agent applies the policies to the device by communicating with application programming interfaces (APIs) built directly into the device operating system.\r\nSimilarly, IT administrators can deploy applications to managed devices through the MDM server. Mobile software management emerged in the early 2000s as a way to control and secure the personal digital assistants and smartphones that business workers began to use. The consumer smartphone boom that started with the launch of the Apple iPhone in 2007 led to the bring your own device trend, which fueled further interest in MDM.\r\nModern MDM management software supports not only smartphones but also tablets, Windows 10 and macOS computers and even some internet of things devices. The practice of using MDM to control PCs is known as unified endpoint management.\r\n<h1 class=\"align-center\">Key Benefits of Mobile Device Management Software</h1>\r\n<span style=\"font-weight: bold;\">Reduce IT Administration.</span> Instead of manually configuring and testing each new mobile device, mobile device software takes care of the repetitive tasks for you. That gives IT staff more time to work on challenging projects that improve productivity.<span style=\"font-weight: bold;\"></span> \r\n<span style=\"font-weight: bold;\">Improve End-user Productivity. </span>Mobile device management helps end users become more productive because the process of requesting new mobile devices can be cut down from days to hours. Once end users have the device in their hands, mobile device management program helps them get set up on their corporate network much faster. That means less time waiting to get access to email, internal websites, and calendars.<span style=\"font-weight: bold;\"></span> \r\n<span style=\"font-weight: bold;\">Reduce IT Risk.</span> Mobile devices, especially if your organization allows “Bring Your Own Device” (BYOD), create increased risk exposures. Typically, IT managers respond to these risks in one of two ways, neither of which help. First, you may say “no” to mobile device requests. That’s a fast way to become unpopular. Second, you may take a manual approach to review and oversee each device.<span style=\"font-weight: bold;\"></span> \r\n<span style=\"font-weight: bold;\">Enable Enterprise Growth. </span>If your enterprise added a thousand employees this quarter through hiring, acquisition, or other changes, could IT handle the challenge? If you’re honest, you can probably imagine going through plenty of struggles and missing SLAs. That kind of disappointment and missed service expectations make end users respect IT less. \r\nBy using enterprise device management thoroughly, you'll enable enterprise growth. You'll have the systems and processes to manage 100 users or 10,000 users. That means IT will be perceived as enabling growth not standing in the way.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_MDM_Mobile_Device_Management.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":5,"title":"Enhance Staff Productivity"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":7,"title":"Improve Customer Service"},{"id":254,"title":"Centralize management"},{"id":307,"title":"Enhance Competitive Ability"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":177,"title":"Decentralized IT systems"},{"id":178,"title":"No control over data access"},{"id":340,"title":"Low quality of customer service"},{"id":370,"title":"No automated business processes"},{"id":375,"title":"No support for mobile and remote users"},{"id":378,"title":"Low employee productivity"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":398,"title":"Poor communication and coordination among staff"}]}},"categories":[{"id":299,"title":"Application and User Session Virtualization","alias":"application-and-user-session-virtualization","description":"Application virtualization is a technology that allows you to separate the software from the operating system on which it operates. Fully virtualized software is not installed in the traditional sense, although the end-user at first glance can not see it, because the virtualized software works just as normal. The software in the execution process works just as if it interacted with the operating system directly and with all its resources, but can be isolated or executed in a sandbox with different levels of restriction.\r\nModern operating systems, such as Microsoft Windows and Linux, can include limited software virtualization. For example, Windows 7 has Windows XP mode that allows you to run Windows XP software on Windows 7 without any changes.\r\nUser session virtualization is a newer version of desktop virtualization that works at the operating system level. While normal virtualization of the desktop allows an operating system to be run by virtualizing the hardware of the desktop, RDS and App-V allow for the virtualization of the applications. User session virtualization lies between the two.\r\nA desktop has an operating system loaded on the base hardware. This can be either physical or virtual. The user session virtualization keeps track of all changes to the operating system that a user might make by encapsulating the configuration changes and associating them to the user account. This allows the specific changes to be applied to the underlying operating system without actually changing it. This allows several users to have completely different operating system configurations applied to base operating system installation.\r\nIf you are in a distributed desktop environment and there are local file servers available at each location, you can deploy virtualized user sessions in the form of redirected folders and roaming profiles.","materialsDescription":" <span style=\"font-weight: bold;\">Understanding application virtualization</span>\r\nApplication virtualization technology isolates applications from the underlying operating system and from other applications to increase compatibility and manageability. This application virtualization technology enables applications to be streamed from a centralized location into an isolation environment on the target device where they will execute. The application files, configuration, and settings are copied to the target device and the application execution at run time is controlled by the application virtualization layer. When executed, the application run time believes that it is interfacing directly with the operating system when, in fact, it is interfacing with a virtualization environment that proxies all requests to the operating system.\r\n<span style=\"font-weight: bold;\">Understanding session virtualization</span>\r\nSession virtualization uses application streaming to deliver applications to hosting servers in the datacenter. The Application then connects the user to the server. The application then executes entirely on the server. The user interacts with the application remotely by sending mouse-clicks and keystrokes to the server. The server then responds by sending screen updates back to the user’s device. Whereas application virtualization is limited to Windows-based operating systems, session virtualization allows any user on any operating system to access any application delivered by IT. As a result, the application enables Windows, Mac, Linux, iOS and Android devices to run any applications using session virtualization. Furthermore, session virtualization leverages server-side processing power which liberates IT from the endless cycle of PC hardware refreshes which are typically needed to support application upgrades when using traditional application deployment methods.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/Application_and_User_Session_Virtualization__1_.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"},{"id":3,"title":"MDM - Mobile Device Management","alias":"mdm-mobile-device-management","description":" <span style=\"font-weight: bold; \">Mobile device management (MDM)</span> is an industry term for the administration of mobile devices, such as smartphones, tablet computers and laptops. Device management system is usually implemented with the use of a third party product that has management features for particular vendors of mobile devices.\r\nMDM is typically a deployment of a combination of on-device applications and configurations, corporate policies and certificates, and backend infrastructure, for the purpose of simplifying and enhancing the IT management of end user devices. In modern corporate IT environments, the sheer number and diversity of managed devices (and user behavior) has motivated device management tools that allow the management of devices and users in a consistent and scalable way. The overall role of MDM is to increase device supportability, security, and corporate functionality while maintaining some user flexibility.\r\nMany organizations administer devices and applications using MDM products/services. Mobile device management software primarily deals with corporate data segregation, securing emails, securing corporate documents on devices, enforcing corporate policies, integrating and managing mobile devices including laptops and handhelds of various categories. MDM implementations may be either on-premises or cloud-based.\r\nMDM functionality can include over-the-air distribution of applications, data and configuration settings for all types of mobile devices, including mobile phones, smartphones, tablet computers, ruggedized mobile computers, mobile printers, mobile POS devices, etc. Most recently laptops and desktops have been added to the list of systems supported as Mobile Device Management becomes more about basic device management and less about the mobile platform itself. \r\nSome of the <span style=\"font-weight: bold; \">core functions</span> of mobile management software include:\r\n<ul><li>Ensuring that diverse user equipment is configured to a consistent standard/supported set of applications, functions, or corporate policies</li><li>Updating equipment, applications, functions, or policies in a scalable manner</li><li>Ensuring that users use applications in a consistent and supportable manner</li><li>Ensuring that equipment performs consistently</li><li>Monitoring and tracking equipment (e.g. location, status, ownership, activity)</li><li>Being able to efficiently diagnose and troubleshoot equipment remotely</li></ul>\r\nDevice management solutions are leveraged for both company-owned and employee-owned (Bring Your Own Device) devices across the enterprise or mobile devices owned by consumers. Consumer demand for BYOD is now requiring a greater effort for MDM and increased security for both the devices and the enterprise they connect to, especially since employers and employees have different expectations concerning the types of restrictions that should be applied to mobile devices.\r\nBy controlling and protecting the data and configuration settings of all mobile devices in a network, enterprise device management software can reduce support costs and business risks. The intent of MDM is to optimize the functionality and security of a mobile communications network while minimizing cost and downtime.\r\nWith mobile devices becoming ubiquitous and applications flooding the market, mobile monitoring is growing in importance. The use of mobile device management across continues to grow at a steady pace, and is likely to register a compound annual growth rate (CAGR) of nearly 23% through 2028. The US will continue to be the largest market for mobile device management globally. ","materialsDescription":"<h1 class=\"align-center\">How Mobile Device Management works?</h1>\r\nMobile device management relies on endpoint software called an MDM agent and an MDM server that lives in a data center. IT administrators configure policies through the MDM server's management console, and the server then pushes those policies over the air to the MDM agent on the device. The agent applies the policies to the device by communicating with application programming interfaces (APIs) built directly into the device operating system.\r\nSimilarly, IT administrators can deploy applications to managed devices through the MDM server. Mobile software management emerged in the early 2000s as a way to control and secure the personal digital assistants and smartphones that business workers began to use. The consumer smartphone boom that started with the launch of the Apple iPhone in 2007 led to the bring your own device trend, which fueled further interest in MDM.\r\nModern MDM management software supports not only smartphones but also tablets, Windows 10 and macOS computers and even some internet of things devices. The practice of using MDM to control PCs is known as unified endpoint management.\r\n<h1 class=\"align-center\">Key Benefits of Mobile Device Management Software</h1>\r\n<span style=\"font-weight: bold;\">Reduce IT Administration.</span> Instead of manually configuring and testing each new mobile device, mobile device software takes care of the repetitive tasks for you. That gives IT staff more time to work on challenging projects that improve productivity.<span style=\"font-weight: bold;\"></span> \r\n<span style=\"font-weight: bold;\">Improve End-user Productivity. </span>Mobile device management helps end users become more productive because the process of requesting new mobile devices can be cut down from days to hours. Once end users have the device in their hands, mobile device management program helps them get set up on their corporate network much faster. That means less time waiting to get access to email, internal websites, and calendars.<span style=\"font-weight: bold;\"></span> \r\n<span style=\"font-weight: bold;\">Reduce IT Risk.</span> Mobile devices, especially if your organization allows “Bring Your Own Device” (BYOD), create increased risk exposures. Typically, IT managers respond to these risks in one of two ways, neither of which help. First, you may say “no” to mobile device requests. That’s a fast way to become unpopular. Second, you may take a manual approach to review and oversee each device.<span style=\"font-weight: bold;\"></span> \r\n<span style=\"font-weight: bold;\">Enable Enterprise Growth. </span>If your enterprise added a thousand employees this quarter through hiring, acquisition, or other changes, could IT handle the challenge? If you’re honest, you can probably imagine going through plenty of struggles and missing SLAs. That kind of disappointment and missed service expectations make end users respect IT less. \r\nBy using enterprise device management thoroughly, you'll enable enterprise growth. You'll have the systems and processes to manage 100 users or 10,000 users. That means IT will be perceived as enabling growth not standing in the way.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_MDM_Mobile_Device_Management.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.citrix.ru/customers/vestas-en.html","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":311,"title":"Dr.Web Desktop Security Suite for insurance company","description":"Description is not ready yet","alias":"drweb-desktop-security-suite-for-insurance-company","roi":0,"seo":{"title":"Dr.Web Desktop Security Suite for insurance company","keywords":"","description":"Description is not ready yet","og:title":"Dr.Web Desktop Security Suite for insurance company","og:description":"Description is not ready yet"},"deal_info":"","user":{"id":3909,"title":"GARANT-AUTO","logoURL":"https://old.roi4cio.com/uploads/roi/company/GARANT-AVTO.gif","alias":"garant-avto","address":"","roles":[],"description":" "GARANT-AVTO" is one of the leading companies in the insurance industry in Ukraine, providing insurance for businesses and individuals.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://www.garant-auto.com.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"GARANT-AUTO","keywords":"GARANT-AUTO","description":" "GARANT-AVTO" is one of the leading companies in the insurance industry in Ukraine, providing insurance for businesses and individuals.","og:title":"GARANT-AUTO","og:description":" "GARANT-AVTO" is one of the leading companies in the insurance industry in Ukraine, providing insurance for businesses and individuals.","og:image":"https://old.roi4cio.com/uploads/roi/company/GARANT-AVTO.gif"},"eventUrl":""},"supplier":{"id":193,"title":"Yursoft","logoURL":"https://old.roi4cio.com/uploads/roi/company/Screen_Shot_2017-06-28_at_74101_PM.png","alias":"jursoft","address":"","roles":[],"description":"Yursoft is an experienced software reseller","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":42,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":1,"vendorImplementationsCount":0,"vendorPartnersCount":3,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://www.yursoft.com.ua/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Yursoft","keywords":"Yursoft, reseller, software, experienced","description":"Yursoft is an experienced software reseller","og:title":"Yursoft","og:description":"Yursoft is an experienced software reseller","og:image":"https://old.roi4cio.com/uploads/roi/company/Screen_Shot_2017-06-28_at_74101_PM.png"},"eventUrl":""},"vendors":[{"id":2794,"title":"Dr.Web","logoURL":"https://old.roi4cio.com/uploads/roi/company/Dr.Web.png","alias":"drweb","address":"","roles":[],"description":"Dr.Web is a Russian anti-malware company and the name of its flagship software suite. First released in 1992, it became the first anti-virus service in Russia.\r\n\r\nThe company also offers anti-spam solutions and is used by Yandex, Russia's biggest search provider, to scan e-mail attachments. There is also an add-on for all major browsers which checks links with the online version of Dr Web.\r\n\r\nDr.Web has withdrawn from AV tests such as Virus Bulletin VB100% around 2008 stating that they no longer represent the ability to counteract contemporary malware threats.\r\n\r\nSource: https://en.wikipedia.org/wiki/Dr._Web","companyTypes":[],"products":{},"vendoredProductsCount":3,"suppliedProductsCount":3,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":1,"vendorPartnersCount":0,"supplierPartnersCount":3,"b4r":0,"categories":{},"companyUrl":"http://www.drweb.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Dr.Web","keywords":"Russia, company, also, such, around, VB100, Virus, Bulletin","description":"Dr.Web is a Russian anti-malware company and the name of its flagship software suite. First released in 1992, it became the first anti-virus service in Russia.\r\n\r\nThe company also offers anti-spam solutions and is used by Yandex, Russia's biggest search provid","og:title":"Dr.Web","og:description":"Dr.Web is a Russian anti-malware company and the name of its flagship software suite. First released in 1992, it became the first anti-virus service in Russia.\r\n\r\nThe company also offers anti-spam solutions and is used by Yandex, Russia's biggest search provid","og:image":"https://old.roi4cio.com/uploads/roi/company/Dr.Web.png"},"eventUrl":""}],"products":[{"id":1005,"logo":false,"scheme":false,"title":"Dr.Web Desktop Security Suite","vendorVerified":0,"rating":"2.40","implementationsCount":1,"suppliersCount":0,"alias":"drweb-desktop-security-suite","companyTypes":[],"description":"Dr.Web products:\r\n\r\n Dr.Web for Windows (32&64 bit versions)\r\n Dr.Web KATANA (32&64 bit versions)\r\n Dr.Web for Linux (32&64 bit versions)\r\n Dr.Web for OS X (32&64 bit versions)\r\n Dr.Web Console scanners\r\n Dr.Web Control Center","shortDescription":"Dr.Web Desktop Security Suite - Protection of workstations, embedded system clients, clients of terminal and virtual servers.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":3,"sellingCount":1,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Dr.Web Desktop Security Suite","keywords":"versions, 3264, Console, scanners, Control, Center, KATANA, Suite","description":"Dr.Web products:\r\n\r\n Dr.Web for Windows (32&64 bit versions)\r\n Dr.Web KATANA (32&64 bit versions)\r\n Dr.Web for Linux (32&64 bit versions)\r\n Dr.Web for OS X (32&64 bit versions)\r\n ","og:title":"Dr.Web Desktop Security Suite","og:description":"Dr.Web products:\r\n\r\n Dr.Web for Windows (32&64 bit versions)\r\n Dr.Web KATANA (32&64 bit versions)\r\n Dr.Web for Linux (32&64 bit versions)\r\n Dr.Web for OS X (32&64 bit versions)\r\n "},"eventUrl":"","translationId":1006,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":217,"title":"Ukraine","name":"UKR"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":336,"title":"Risk or Leaks of confidential information"}]}},"categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices). The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Endpoint_security.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"","title":"Media"}},"comments":[],"referencesCount":0},{"id":278,"title":"Forcepoint Advanced Malware Detection, Forcepoint Email Security Cloud, Forcepoint Web Security Cloud for a food and beverage company","description":"OVERVIEW\r\nCrediton Dairy, based in the heart of Devon in southern England, is a food and beverage company that produces a variety of milk drinks. The company is best known for its “Moo Milk” and “Dairy Pride” brands and has products in 13,500 food retail stores nationwide, making it one of the UK’s leading dairy beverage companies. Its chairman, Neil Kennedy, was presented with the prestigious SW Dairy Industry Award for his outstanding contribution towards the development of the British dairy market.\r\nIn 2012, dairy companies Arla Foods UK and Milk Link were given approval to merge by the European Commission (EC). A condition for the approval of the merger was that Crediton Dairy operate as a separate business. Benjamin Evans, formerly with Milk Link, became IT Manager for Crediton Dairy. \r\nCHALLENGE\r\nEvans’ initial task was to implement a web security solution that addressed both security and business challenges Crediton Dairy had been struggling with at the time. Its network had seen continuous attacks from external threats masking as an insider in order to in ltrate and steal sensitive data. These threats would often be in the form of sophisticated ransomware and other advanced threats, with delivery methods that shifted between web and email channels in search of a weakness. Suspicious URLs sent to employees from Director-level positions and phony invitations to download a PDF instructing users to “please pay invoice” are just a few examples Evans saw rsthand within a few weeks of joining the company.\r\nSome attacks were being successfully filtered by the Office 365 Outlook client, but only to the extent of being redirected into a “junk” folder. Nothing was in place to effectively identify or classify information. Crediton Dairy also lacked a solution that delivered real- time security ratings to web or email traffic. \r\nAfter determining the security included in Office 365 was not up to the task, the challenge was to build a security posture from the ground-up— starting with web—that wouldn’t break the budget. With only a small team to work with, Evans began searching for cloud-based security solutions. On-premises appliances were out of the question —he simply didn’t have the resources to install and manage additional hardware. \r\nSOLUTION\r\nCrediton Dairy assessed multiple web security providers, including Barracuda Networks. But according to Evans, Barracuda Networks couldn’t meet their strict functionality or budgetary requirements.\r\n“There were a few let downs on the way the Barracuda URL filtering worked. It just didn’t feel like home.”\r\n— Evans\r\nAs a former Milk Link employee, Evans was familiar with the virtualized classification capabilities and hassle-free maintenance of the Forcepoint Web Security Cloud solution; it was the company’s primary solution for web security.\r\nFollowing Evans’ recommendation, Forcepoint Web Security Cloud went through a Proof of Concept (POC) at Crediton Dairy. It exceeded all expectations. Evans noted that other cloud versions on the market were too “light” in functionality, compared to the high level of protection with Forcepoint.\r\n“The Forcepoint solution offered more options around the Cloud. Rather than just black-listing or white-listing URLs and email addresses, Forcepoint ticked all of our boxes for functionality.”\r\n— Evans\r\nDeployment was straightforward and simple and the Forcepoint support team was there for Evans whenever needed.\r\n“The Forcepoint support team was very good. When we were originally getting set up, my account manager and the support team took control, had a look where any issues might be, configured the solution, and got it up and running while taking me through some of the new features.”\r\n— Evans\r\nCrediton Dairy’s IT department has always embraced innovation and new technologies. It was one of the first to adopt Office 365 when it became available in the UK. However, because Office 365 comes with only basic security features, it doesn’t properly secure the average working email environment. This was, unfortunately, the case for Crediton Dairy.\r\n“We were starting to see a bit more spam coming through Office 365, compared to where it was when it first came out. We started to look at the email side of Forcepoint, for sure.”\r\n— Evans\r\nEvans and Crediton Dairy chose to implement Forcepoint Email Security Cloud as well as Forcepoint Advanced Malware Detection for Email, incorporating cloud-hosted protection that surpasses the capability of on-premises sandboxes. Evans admits, it was a “no- brainer” for his organization.\r\n“Forcepoint Email Security Cloud has stopped anything suspicious from coming in and I can visibly see what is being stopped and what we’re being protected from. We’re protected and it’s one of those insurance policies that every company needs.”\r\n— Evans\r\nThe Crediton Dairy team took advantage of an easy cloud deployment by simply adding the Forcepoint Email Security Cloud to an already deployed Forcepoint Web Security Cloud for coordinated defenses against advanced threats. The deployment of Forcepoint Email Security Cloud was accomplished overnight. Evans and his team began the process on a Friday evening and nished Saturday. \r\nRESULTS\r\nForcepoint Web Security Cloud solutions met all of Crediton Dairy’s functionality and quality requirements without them having to purchase additional hardware. Staying within budget has freed up resources for other projects. At the same time, Forcepoint Email Security Cloud solution has empowered Crediton Dairy to safely embrace new technologies such as Office 365 and enjoy all of its ef ciencies and cost savings.\r\nEvans recalls how well Forcepoint Cloud solutions integrate well with Active Directory and enhance and complement the Office 365 solution already in place.\r\n“Forcepoint is able to work seamlessly with Office 365. We don’t see any problems at all when we run the two together.”\r\n— Evans\r\nAn easy deployment of Forcepoint Web Security Cloud and Forcepoint Email Security Cloud solutions have paved the way for Crediton Dairy to continue to evolve and innovate with safety and con dence.\r\nCrediton Dairy has relied on Forcepoint security solutions since 2015. ","alias":"forcepoint-advanced-malware-detection-forcepoint-email-security-cloud-forcepoint-web-security-cloud-for-a-food-and-beverage-company","roi":0,"seo":{"title":"Forcepoint Advanced Malware Detection, Forcepoint Email Security Cloud, Forcepoint Web Security Cloud for a food and beverage company","keywords":"Forcepoint, Evans, Crediton, Dairy, Cloud, Security, with, security","description":"OVERVIEW\r\nCrediton Dairy, based in the heart of Devon in southern England, is a food and beverage company that produces a variety of milk drinks. The company is best known for its “Moo Milk” and “Dairy Pride” brands and has products in 13,500 food retail store","og:title":"Forcepoint Advanced Malware Detection, Forcepoint Email Security Cloud, Forcepoint Web Security Cloud for a food and beverage company","og:description":"OVERVIEW\r\nCrediton Dairy, based in the heart of Devon in southern England, is a food and beverage company that produces a variety of milk drinks. The company is best known for its “Moo Milk” and “Dairy Pride” brands and has products in 13,500 food retail store"},"deal_info":"","user":{"id":3869,"title":"Crediton Dairy","logoURL":"https://old.roi4cio.com/uploads/roi/company/Crediton_Dairy.jpg","alias":"crediton-dairy","address":"","roles":[],"description":"Crediton Dairy is one of the UK’s leading dairy drinks businesses producing a comprehensive range of fresh flavoured and functional chilled milk drinks, as well as long life milks & creams. Located in the heart of Devon, we are dedicated to producing great tasting dairy products made from British milk supplied by our group of local, family-run, dairy farms.\r\n We’re independently owned, financially strong and professionally run and focused on adding value to everything we do. To this end we constantly challenge ourselves:\r\nto do better;\r\nto listen to and meet the needs of our customers and consumers;\r\nto value and build strong relationships with our people, partners and farmer suppliers; and\r\nto act responsibly, ethically and treat others as we would want to be treated.\r\nOur great tasting milk drinks are for everyone from growing families to fitness fanatics. Our products are consumed in homes, restaurants and on-the-go across the country. From retailer own-label to our fast-growing Moo brand you’ll find Crediton Dairy products in over 13,500 food retail stores nationwide. We’re also a leading supplier of milks and creams across the foodservice and wholesale sectors. But we aren’t stopping there and we’re working on exciting new product innovations and formats to move the dairy drinks category forward.\r\nAll of this comes out of our well invested dairy situated in the middle of Devon, a county which is of course synonymous with dairy farming and great tasting dairy products and at Crediton Dairy we’re incredibly proud to be continuing this tradition.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://www.creditondairy.co.uk/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Crediton Dairy","keywords":"Dairy, Crediton","description":"Crediton Dairy is one of the UK’s leading dairy drinks businesses producing a comprehensive range of fresh flavoured and functional chilled milk drinks, as well as long life milks & creams. Located in the heart of Devon, we are dedicated to producing great ta","og:title":"Crediton Dairy","og:description":"Crediton Dairy is one of the UK’s leading dairy drinks businesses producing a comprehensive range of fresh flavoured and functional chilled milk drinks, as well as long life milks & creams. Located in the heart of Devon, we are dedicated to producing great ta","og:image":"https://old.roi4cio.com/uploads/roi/company/Crediton_Dairy.jpg"},"eventUrl":""},"supplier":{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""},"vendors":[{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""}],"products":[{"id":938,"logo":false,"scheme":false,"title":"Forcepoint Email Security","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"forcepoint-email-security","companyTypes":[],"description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Security integrates powerful analytics and advanced malware sandboxing for inbound protection, content filtering for outbound data control and email encryption for secure communications.<br />Forcepoint Email Security Cloud’s proactive URL Wrapping and Phishing Education secure email wherever users need access, even on mobile devices. Our unrivaled cloud infrastructure delivers phishing, malware and DLP protection for Microsoft Office 365™ and other popular email systems.<br /><br /><span style=\"font-weight: bold;\">The Forcepoint Email Security advantage</span><br />\r\n<span style=\"font-style: italic;\">Real-time threat protection</span><br />\r\nReal-time threat protection uses a unique blend of detection technologies, including machine learning, sandboxing, and predictive analytics to effectively stop advanced threats such as ransomware.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Protection against highly evasive zero-day threats</span><br />\r\nGet advanced malware detection (sandboxing) with our full system emulation sandbox. Deep content inspection reveals highly evasive zero-day threat with no false positives.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Powerful encryption for additional protection</span><br />\r\nEncrypt sensitive email conversations and enhance mobile security by controlling sensitive attachments access by device.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Incident risk ranking to find the greatest risks</span><br />\r\nIncidents are correlated across multiple events to identify true cumulative risk trends and activity. A risk score is included to help security teams identify the greatest risks based on real-time activity.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Integrated data loss prevention</span><br />\r\nIntegrated industry-leading data loss prevention stops data infiltration and exfiltration capabilities.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Unique phishing education feature</span><br />\r\nUse Forcepoint Email Security’s unique phishing education features to help users adopt best practices and identify those who need additional training to improve their security awareness.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Complete out-of-the-box solution</span><br />\r\nForcepoint Email Security includes DLP, URL wrapping, and other capabilities that are considered premium "add-ons" or upgrades by many competitors, delivering the most comprehensive inbound and outbound defenses out of the box.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Deployment flexibility</span><br />\r\nHow you deploy our email security solution is up to you. Choose from a range of physical and virtual appliances to leverage existing hardware, cloud deployment, or hybrid environments.","shortDescription":"Forcepoint Email Security identifies targeted attacks, high-risk users and insider threats, while empowering mobile workers and the safe adoption of new technologies like Office 365 and Box Enterprise","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":8,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Email Security","keywords":"Cloud, Forcepoint, Security, email, Email, attacks, threats, advanced","description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Se","og:title":"Forcepoint Email Security","og:description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Se"},"eventUrl":"","translationId":939,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":954,"logo":false,"scheme":false,"title":"Forcepoint Advanced Malware Detection","vendorVerified":0,"rating":"2.00","implementationsCount":1,"suppliersCount":0,"alias":"forcepoint-advanced-malware-detection","companyTypes":[],"description":"<strong>DETECT EVASIVE MALWARE OTHERS CANNOT SEE</strong>\r\nIt’s become increasingly difficult to identify the malware components of advanced threats, mostly due to the evolution of evasion tactics and technology by criminal and nation-state threat actors.\r\n<strong>Unmatched Accuracy</strong>\r\nForcepoint Advanced Malware Detection technology is unmatched in security efficacy. Even highly evasive threats are revealed through Deep Content Inspection of activity at multiple levels, dormant code, and other indicators often overlooked by traditional sandbox technologies.\r\n<strong>Zero-False Positives</strong>\r\nEliminate the distraction of False Positive results with AMD. This means your incident response team can spend its limited time responding to actual threats, not chasing down false positives and searching for indicators of compromise (IOCs).\r\n<strong>Global Threat Intelligence</strong>\r\nForcepoint sends threat intelligence updates containing the characteristics, behaviors and associated IOCs of every malicious object curated and analyzed within the global service. This allows for faster identification of previously-seen threats, new threats that reuse objects, and streamlines the analysis, detection and response to previously unseen threats.\r\n<strong>DEEP CONTENT INSPECTION – A STEP BEYOND SANDBOXING</strong>\r\nAs with sandboxing, Forcepoint Advanced Malware Detection provides a simulated environment for malware execution; that is where any similarity ends.\r\n<strong>A Complete Environment</strong>\r\nTraditional sandboxes have visibility down to the operating system level only. Forcepoint offers a unique isolation and inspection environment that simulates an entire host including the CPU, system memory and all devices. Deep Content Inspection interacts with malware to observe all the actions it might take within this complete environment, and even identifies ‘dormant code’ for special analysis.\r\n<strong>Malware Interaction</strong>\r\nSandbox-only solutions provide a relatively static environment, limiting the malicious ‘behavior’ they may uncover. Because Forcepoint Advanced Malware Detection interacts with malware, it observes every action that it might take, even when those actions are delegated to the operating system or other programs. In addition, this tool identifies potentially malicious ‘dormant code’ that the malware does not execute.\r\n<strong>Extensive Malware Detail Exposure</strong>\r\nA comprehensive solution must do more than just stop advanced malware. Correlated incident information prioritizes the most significant threats in your network without combing through massive log files. Full attack chain visibility enables your incident response team to quickly understand the nature of the attack, making your scarce security resources more efficient.\r\n<strong>MALWARE DETECTION ACROSS CHANNELS</strong>\r\nThreat actors will find and exploit any available point of entry. Forcepoint Advanced Malware Detection integrates with other defenses, complimenting their own security capabilities to frustrate attacker efforts across multiple channels. The resulting shared intelligence improves overall visibility and strengthens each point of defense.\r\nForcepoint Web Security is a (cloud or hybrid deployed) Secure Web Gateway that stops advanced threats from getting in and sensitive data from getting out – whether an organization’s users are in the office, working from home or on the road. Forcepoint Advanced Malware Detection integrates with Web Security as an additional defense against zero-day and other advanced, evasive malware.\r\nIts cutting-edge classification engine, global threat intelligence, advanced malware detection and enterprise-class DLP work together to make strong security easy to deploy. It delivers real-time web protection for increasingly mobile workforces and can share policies and context with Email Security to thwart advanced, coordinated web and email attacks with complete inbound and outbound defenses.\r\nForcepoint Email Security stops spam and phishing emails that introduce ransomware and other advanced threats before they can infect systems with malware. Forcepoint Advanced Malware Detection integrates with Email Security as an additional defense against zero-day and other advanced, evasive malware.\r\nThe comprehensive defenses of Forcepoint Email Security integrate: highly effective analytics, URL Wrapping, Phishing education, and advanced malware detection for inbound protection—as well as integrated DLP as an outbound control and email encryption for secure communications.\r\nOperating on the security industry’s most secure cloud infrastructure, Forcepoint Email Security delivers unparalleled phishing, malware and DLP protection for Microsoft Office 365 and other popular email systems.\r\nForcepoint Next Generation Firewall (NGFW) connects and protects people and their data throughout offices, branches, and the cloud – all with the greatest efficiency, availability and security. It applies multiple scanning techniques to files found in network traffic, allowing administrators to tailor granular levels of security to the specific needs of each connection. Forcepoint Advanced Malware Detection integrates with Forcepoint NGFW as an additional defense against zero-day and other advanced, evasive malware.\r\nForcepoint NGFW can deploy, monitor, and update thousands of firewalls, VPNs and IPSs from a single console – cutting network operating expenses up to 50%. It eliminates downtime with high-availability clustering and Multi-Link networking, block attacks, and manages encrypted traffic without hurting performance. As the pioneer in Advanced Evasion Technique (AET) defenses and proxy technologies for mission-critical applications, Forcepoint NGFW gives you security without compromise.\r\nForcepoint CASB delivers visibility and control over cloud applications and helps eliminate the security and compliance blind spots created in a cloud-first world. It quickly discovers unsanctioned cloud applications and assesses their associated risks, as well as the ability to control how sanctioned cloud applications such as Office 365, Google Suite, Salesforce, Box, Dropbox and others are used in order to prevent the loss of critical intellectual property.\r\nWith Forcepoint CASB, organizations can truly embrace the Cloud by ensuring that their users are not engaging in risky behaviors - without slowing them down.\r\n ","shortDescription":"Forcepoint Advanced Malware Detection - detecting and stoping the most evasive, Advanced Malware Threats","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":2,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Advanced Malware Detection","keywords":"Forcepoint, malware, with, Malware, advanced, security, threats, Advanced","description":"<strong>DETECT EVASIVE MALWARE OTHERS CANNOT SEE</strong>\r\nIt’s become increasingly difficult to identify the malware components of advanced threats, mostly due to the evolution of evasion tactics and technology by criminal and nation-state threat actors","og:title":"Forcepoint Advanced Malware Detection","og:description":"<strong>DETECT EVASIVE MALWARE OTHERS CANNOT SEE</strong>\r\nIt’s become increasingly difficult to identify the malware components of advanced threats, mostly due to the evolution of evasion tactics and technology by criminal and nation-state threat actors"},"eventUrl":"","translationId":955,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":826,"title":"Sandbox","alias":"sandbox","description":" In computer security, a "sandbox" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.\r\nIn the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code, without allowing the software to harm the host device.","materialsDescription":" <span style=\"font-weight: bold;\">What is the sandbox?</span>\r\nThe sandbox is like a ''virtual machine'', which runs on the device. It is a section of the device, for which a user account has been set in the system. In this section, programs can be started, data can be collected and services can be provided, which are not available within the system of the router. Inside the sandbox, the environment is like it is inside a Linux PC. The sandbox is an area separate from the router part of the system, which ensures that the router can fulfill its task without interference from the sandbox.\r\n<span style=\"font-weight: bold;\">What is the use of the sandbox?</span>\r\nBesides its actual tasks, the device can fulfill additional tasks via sandbox. Without the sandbox, these tasks would have to be carried out by an additional industrial computer.\r\nNot having to install and run the computer saves space inside the switching cabinet, money, as additional hardware is not required, and energy, which also reduces industrial waste heat. The device establishes the connection into the internet or to the control center. The programs in the sandbox use this connection. The configuration of the connection to the internet or to the control center can be set comfortably via the web interface.\r\n<span style=\"font-weight: bold;\">Which things can you NOT do with the sandbox?</span>\r\nAll the things that do require root permissions on the device.\r\nIt is not possible to execute commands or programs, which require root rights. Examples for such commands or programs are the raw connections (like ICMP - "ping"). This ensures that the device doesn't interfere with its tasks.\r\n<span style=\"font-weight: bold;\">Which hardware interfaces are available in the sandbox?</span>\r\nSerial interface, Ethernet of the LAN connection (4-port-switch), WAN connection depending on the make of the device (LAN, GPRS, EDGE, UMTS, PSTN and ISDN).\r\nVia the web interface, you can assign the serial interface to be used by applications in the sandbox. If assigned to the sandbox, the serial interface is not available for the device. In this case, neither serial-Ethernet-gateway nor the connection of a further, redundant communication device will be possible. The LAN, as well as the WAN connection, can be used in the way they are configured for the device. Network settings can be configured via the web interface and not via the sandbox. Depending on the configuration and the type of the device also the sandbox can communicate in various ways via LAN, GPRS, EDGE, UMTS, PSTN or ISDN.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon-sandbox.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1473,"logo":false,"scheme":false,"title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud","vendorVerified":0,"rating":"2.40","implementationsCount":2,"suppliersCount":0,"alias":"forcepoint-email-security-cloud-forcepoint-web-security-cloud","companyTypes":[],"description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today’s attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware. Forcepoint Email Security gives you the security you need by protecting you against multi-stage advanced threats that exploit email to penetrate your IT environment.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Forcepoint Email Security applies real-time behavioral sandboxing, enterprise-grade DLP and other advanced defense technologies to prevent leaks of sensitive information, empowering your workers — in the office or on the road — as you safely adopt technologies like Microsoft Office 365. In addition, detect phishing and secure email wherever users need access, even on mobile devices, through features like Phishing Education and URL Wrapping.</span>\r\nYour business and data are under constant attack. Traditional filtering and antivirus products no longer provide sufficient protection, and many web security solutions can’t address advanced threats as they occur.\r\n\r\nForcepoint Web Security provides advanced, real-time threat defense to stop advanced threats and prevent data loss. It provides robust protection through context- and content-aware defenses, coupled with integrated Cloud Access Security Broker (CASB) functionality, to provide control and visibility for cloud applications on both on-premises and roaming users. The combination of industry-leading web protection, CASB functionality and enterprise DLP delivers protection at a value no other vendor can match.","shortDescription":"Forcepoint Email Security Cloud (formerly TRITON AP-EMAIL Cloud) - Protecting from spam, phishing & ransomware attacks wherever email is accessed","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud","keywords":"Security, advanced, Forcepoint, protection, threats, like, Email, Cloud","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today’s attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware. Forcepoint Email Security gives y","og:title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today’s attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware. Forcepoint Email Security gives y"},"eventUrl":"","translationId":1473,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1630,"logo":false,"scheme":false,"title":"Forcepoint Web Security","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"forcepoint-web-security","companyTypes":[],"description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’t backhaul traffic or pay for appliances.\r\nForcepoint Web Security is built on a multi-tenant platform and deployed globally on the industry’s most secure cloud platform. And because every environment is different, Forcepoint Web Security can be deployed as a hybrid solution in combination with a Forcepoint Next Generation Firewall, providing protection for every user, everywhere.\r\n<span style=\"font-weight: bold;\">Highly secured and always available Forcepoint cloud</span>\r\nExtend web protection to roaming users with global coverage from the industry’s only certified global cloud infrastructure (ISO 27001, 27018, CSA STAR) for protecting every user from advanced threats.\r\n<span style=\"font-weight: bold;\">Empower the anytime, anywhere global workforce</span>\r\nForcepoint’s patent-pending Direct Connect Endpoint™ technology allows for unparalleled speed and connectivity for roaming users, eliminating latencies with a proxy-less endpoint.\r\n<span style=\"font-weight: bold;\">The features, API, and ports of a cloud security solution</span>\r\nForcepoint Web Security includes features typically found in as-a-service only cloud security product—but that’s just the start. Our enterprise-grade gateway appliance includes an SSL decryption mirror port and ingest API for additional threat feeds.\r\n<span style=\"font-weight: bold;\">Unrivaled threat protection with Forcepoint ACE</span>\r\nForcepoint’s Advanced Classification Engine (ACE) identifies threats with over 10,000 analytics, machine learning, behavioral baselines, and other advanced techniques maintained through real-time global threat intelligence.\r\n<span style=\"font-weight: bold;\">Superior real-time reporting—simplified</span>\r\nStreamline your workflow with easy-to-use drag-and-drop reporting, delivered in real-time through an interactive interface—all in a centralized system.\r\n<span style=\"font-weight: bold;\">Remove layers of latency</span>\r\nGo direct. Unlike other cloud solutions, Forcepoint has direct peering partners, critical to the security and productivity of a global workforce and its shared data.\r\n\r\n<span style=\"font-weight: bold;\">Key features:</span><span style=\"font-style: italic;\"></span>\r\n<span style=\"font-weight: bold;\">Integrated CASB functionality</span><br />Easily extend visibility and control to cloud applications, from shadow IT reporting to full control via inline (proxy) mode.\r\n<span style=\"font-weight: bold;\">Not just URL filtering</span>\r\nDon’t need your traffic forwarded to the cloud? Enable URL filtering in our leading Next Generation Firewall (NGFW), allowing for granular controls based on users and applications.\r\n<span style=\"font-weight: bold;\">Streamline compliance</span>\r\nMeet the highest certification standards across data privacy laws and residency requirements in different jurisdictions—while allowing users to keep doing good things.\r\n<span style=\"font-weight: bold;\">Expand internet access for roaming users</span>\r\nApply different policies when an employee connects from corporate and non-corporate locations with Forcepoint Web Security.\r\n<span style=\"font-weight: bold;\">Security and protection beyond the endpoint</span>\r\nExtend your existing policies to mobile devices and protect them from Advanced Threats, mobile malware, phishing attacks, spoofing, and more with Web Security.\r\n<span style=\"font-weight: bold;\">ThreatSeeker Intelligence</span>\r\nUnite over 900 million endpoints (including inputs from Facebook), and with Forcepoint ACE security defenses, analyze up to five billion requests per day. This is the core collective intelligence for all Forcepoint products—managed by Forcepoint Security Labs.\r\n<span style=\"font-weight: bold;\">Enterprise-grade DLP protection</span>\r\nForcepoint’s 9x Magic Quadrant leading DLP and integrated Incident Risk Ranking (IRR) can protect your data from people-based security incidents, including risk caused by accidental, compromised, and malicious insiders.\r\n<span style=\"font-weight: bold;\">Eliminate crippling false malware with AMD</span>\r\nCloud sandboxing allows you to optimize remediation efforts for incident response teams with comprehensive and actionable intelligence—providing 100% efficacy in malware detection.","shortDescription":"Forcepoint Web Security provides robust protection through content aware defenses and cloud app discovery and monitoring, reducing risks to sensitive data for both on premise and mobile users.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":17,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Web Security","keywords":"data, Forcepoint, theft, Security, your, content, within, include","description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’","og:title":"Forcepoint Web Security","og:description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’"},"eventUrl":"","translationId":1561,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":74,"title":"United Kingdom","name":"GBR"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":178,"title":"No control over data access"},{"id":281,"title":"No IT security guidelines"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":344,"title":"Malware infection via Internet, email, storage devices"}]}},"categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"},{"id":826,"title":"Sandbox","alias":"sandbox","description":" In computer security, a "sandbox" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.\r\nIn the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code, without allowing the software to harm the host device.","materialsDescription":" <span style=\"font-weight: bold;\">What is the sandbox?</span>\r\nThe sandbox is like a ''virtual machine'', which runs on the device. It is a section of the device, for which a user account has been set in the system. In this section, programs can be started, data can be collected and services can be provided, which are not available within the system of the router. Inside the sandbox, the environment is like it is inside a Linux PC. The sandbox is an area separate from the router part of the system, which ensures that the router can fulfill its task without interference from the sandbox.\r\n<span style=\"font-weight: bold;\">What is the use of the sandbox?</span>\r\nBesides its actual tasks, the device can fulfill additional tasks via sandbox. Without the sandbox, these tasks would have to be carried out by an additional industrial computer.\r\nNot having to install and run the computer saves space inside the switching cabinet, money, as additional hardware is not required, and energy, which also reduces industrial waste heat. The device establishes the connection into the internet or to the control center. The programs in the sandbox use this connection. The configuration of the connection to the internet or to the control center can be set comfortably via the web interface.\r\n<span style=\"font-weight: bold;\">Which things can you NOT do with the sandbox?</span>\r\nAll the things that do require root permissions on the device.\r\nIt is not possible to execute commands or programs, which require root rights. Examples for such commands or programs are the raw connections (like ICMP - "ping"). This ensures that the device doesn't interfere with its tasks.\r\n<span style=\"font-weight: bold;\">Which hardware interfaces are available in the sandbox?</span>\r\nSerial interface, Ethernet of the LAN connection (4-port-switch), WAN connection depending on the make of the device (LAN, GPRS, EDGE, UMTS, PSTN and ISDN).\r\nVia the web interface, you can assign the serial interface to be used by applications in the sandbox. If assigned to the sandbox, the serial interface is not available for the device. In this case, neither serial-Ethernet-gateway nor the connection of a further, redundant communication device will be possible. The LAN, as well as the WAN connection, can be used in the way they are configured for the device. Network settings can be configured via the web interface and not via the sandbox. Depending on the configuration and the type of the device also the sandbox can communicate in various ways via LAN, GPRS, EDGE, UMTS, PSTN or ISDN.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon-sandbox.png"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://www.forcepoint.com/resources/case-study/crediton-dairy","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":281,"title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud for a global food provider","description":"Our goal was to keep everything as simple as possible, not complicated. Forcepoint™, in comparison with other systems, clearly, offered the best solution. \r\nWolfgang Allgäuer\r\nIT Infrastructure Manager OSI Food Solutions\r\nHave similar needs?\r\nOVERVIEW\r\nOSI Group, LLC (OSI) provides products and supplies for the food industry, worldwide. It supplies beef, pork, poultry and seafood, as well as vegetable, dough, fruit and cheese-based products. OSI is a well-known supplier for global food chains such as Subway, Starbucks, Pizza Hut and McDonalds. The company is based in Aurora, Illinois with additional offices in the United Kingdom, Germany and China. \r\nCHALLENGE\r\nEmail is a high-priority service for OSI due to its extensive use across all international locations. OSI experienced a strong uptick in the volume of threatening inbound emails containing malicious links or fraudulent content. These attacks were becoming more sophisticated and equally catastrophic. Employee carelessness with regards to email protocol became an easy way for hackers to inflict damage and steal confidential information. Additionally, the basic anti-spam solution that OSI had initially installed was strictly limited to on-premises protection and was unable provide the scalability necessary to protect a growing workforce of remote employees.\r\nOSI needed a solution to thwart phishing attacks, provide web protection and enforce usage policies that would ensure the security of its roaming users operating in any network. Reducing downtime while delivering a superior performance was prioritized to increase employee productivity and protect OSI’s reputation.\r\n“Our network continued to be compromised, which was significantly frustrating our administration. Therefore, we looked into the market for a new solution which would get rid of these issues once and for all.“\r\n— Wolfgang Allgäuer, IT Infrastructure Manager, OSI \r\nSOLUTION\r\nWhile searching for a new solution, OSI strived to avoid the expense of future on-site installations. With that in mind, Allgäuer and his colleagues concentrated their purchasing criteria exclusively on cloud-based security. They turned to long-term, trusted partner, EyeT Secure Technologies, in Ottobrunn, located near Munich.\r\nEyeT, specializing in IT security consulting, training and licensing, recommended the use of cloud-based email security from Forcepoint. TRITON AP-EMAIL Cloud (now Forcepoint Cloud Email Security) secures the communication channel most often used in the early stages of an advanced attack, empowering mobile workers and the safe adoption of new technologies without the need for additional hardware.\r\n“Deployment was quite simple. We only had to adjust the channels of communication to the Cloud and customize the MX records. That took a maximum of half a day to complete.”\r\n— Allgäuer\r\nEmpowering mobile workers was a large part of the Forcepoint project—about 60% of OSI’s endpoints are laptops, which are constantly connecting to third-party networks. Convinced by the success of TRITON AP-EMAIL Cloud, OSI implemented TRITON AP-WEB Cloud (now Forcepoint Cloud Web Security), which works effortlessly to protect roaming users operating out of any network.\r\n“If our employees connect from outside the corporate network, they now go through the web security solution seamlessly, as if they never left the office.”\r\n— Allgäuer\r\nThe OSI security team in Germany is responsible for securing all of OSI’s European offices. In this critical role, OSI security has the responsibility of creating uniform standards for protecting the organization’s reputation and assets. It must, therefore, deploy solutions that maximize Content Security across an entire infrastructure. TRITON AP-EMAIL Cloud and TRITON AP-WEB Cloud share a common architecture that unifies management and provides visibility into real-time global activity.\r\n“Our goal was to keep everything as simple as possible, not complicated. Forcepoint, in comparison with other systems, clearly offered the best solution.”\r\n— Allgäuer\r\nRESULTS\r\nBy deploying Forcepoint’s Cloud security solutions, OSI has drastically decreased the administrative burden on its IT team. The TRITON architecture ensures full unified management and coordination of inbound and outbound defenses across OSI gateways.\r\n“Our employees no longer receive emails that might contain malicious content and the solution requires little attention which makes a considerable difference to our IT administrators. We are very pleased with the Forcepoint solution.”\r\n— Allgäuer\r\nOSI was so convinced of these benefits that, to date, approximately 75% of its European locations now have a deployed security solution from Forcepoint. In addition, Allgäuer has confirmed that Forcepoint will be used as a pan-European standard for OSI moving forward. OSI Food Solutions has relied on Forcepoint security solutions since 2010. ","alias":"forcepoint-email-security-cloud-forcepoint-web-security-cloud-for-a-global-food-provider","roi":0,"seo":{"title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud for a global food provider","keywords":"Forcepoint, Cloud, solution, security, Allgäuer, that, TRITON, Security","description":"Our goal was to keep everything as simple as possible, not complicated. Forcepoint™, in comparison with other systems, clearly, offered the best solution. \r\nWolfgang Allgäuer\r\nIT Infrastructure Manager OSI Food Solutions\r\nHave similar needs?\r\nOVERVIEW\r\nOSI Gr","og:title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud for a global food provider","og:description":"Our goal was to keep everything as simple as possible, not complicated. Forcepoint™, in comparison with other systems, clearly, offered the best solution. \r\nWolfgang Allgäuer\r\nIT Infrastructure Manager OSI Food Solutions\r\nHave similar needs?\r\nOVERVIEW\r\nOSI Gr"},"deal_info":"","user":{"id":3872,"title":"OSI Group","logoURL":"https://old.roi4cio.com/uploads/roi/company/OSI_Group.jpg","alias":"osi-group","address":"","roles":[],"description":" OSI is the premier global supplier of custom value-added food products to the world’s leading foodservice and retail food brands. As one of the largest privately held companies in the United States, we offer unparalleled resources and reach.\r\nThe extensive capabilities of OSI, including custom food product development and global food supply chain management from sourcing through processing and distribution, allow us to deliver custom food products that fit your operation and maximize your opportunity.\r\nWith more than 65 facilities and 20,000 employees in 17 countries focused on making high quality custom food products, OSI can support your operation’s global presence or future growth with responsiveness and consistency. We can help ensure that your customers have a quality experience nearly anywhere in the world.\r\nSource: https://www.linkedin.com/company/osi-industries/about/","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"http://www.osigroup.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"OSI Group","keywords":"Group","description":" OSI is the premier global supplier of custom value-added food products to the world’s leading foodservice and retail food brands. As one of the largest privately held companies in the United States, we offer unparalleled resources and reach.\r\nThe extensive ca","og:title":"OSI Group","og:description":" OSI is the premier global supplier of custom value-added food products to the world’s leading foodservice and retail food brands. As one of the largest privately held companies in the United States, we offer unparalleled resources and reach.\r\nThe extensive ca","og:image":"https://old.roi4cio.com/uploads/roi/company/OSI_Group.jpg"},"eventUrl":""},"supplier":{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""},"vendors":[{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""}],"products":[{"id":1473,"logo":false,"scheme":false,"title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud","vendorVerified":0,"rating":"2.40","implementationsCount":2,"suppliersCount":0,"alias":"forcepoint-email-security-cloud-forcepoint-web-security-cloud","companyTypes":[],"description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today’s attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware. Forcepoint Email Security gives you the security you need by protecting you against multi-stage advanced threats that exploit email to penetrate your IT environment.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Forcepoint Email Security applies real-time behavioral sandboxing, enterprise-grade DLP and other advanced defense technologies to prevent leaks of sensitive information, empowering your workers — in the office or on the road — as you safely adopt technologies like Microsoft Office 365. In addition, detect phishing and secure email wherever users need access, even on mobile devices, through features like Phishing Education and URL Wrapping.</span>\r\nYour business and data are under constant attack. Traditional filtering and antivirus products no longer provide sufficient protection, and many web security solutions can’t address advanced threats as they occur.\r\n\r\nForcepoint Web Security provides advanced, real-time threat defense to stop advanced threats and prevent data loss. It provides robust protection through context- and content-aware defenses, coupled with integrated Cloud Access Security Broker (CASB) functionality, to provide control and visibility for cloud applications on both on-premises and roaming users. The combination of industry-leading web protection, CASB functionality and enterprise DLP delivers protection at a value no other vendor can match.","shortDescription":"Forcepoint Email Security Cloud (formerly TRITON AP-EMAIL Cloud) - Protecting from spam, phishing & ransomware attacks wherever email is accessed","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":9,"sellingCount":18,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud","keywords":"Security, advanced, Forcepoint, protection, threats, like, Email, Cloud","description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today’s attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware. Forcepoint Email Security gives y","og:title":"Forcepoint Email Security Cloud, Forcepoint Web Security Cloud","og:description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">Today’s attempts to compromise email channels have evolved from simple spam and phishing attempts to more advanced threats like ransomware. Forcepoint Email Security gives y"},"eventUrl":"","translationId":1473,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":54,"title":"Germany","name":"DEU"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":178,"title":"No control over data access"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":344,"title":"Malware infection via Internet, email, storage devices"}]}},"categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"https://www.forcepoint.com/resources/case-study/osi-food-solutions","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":831,"title":"Forcepoint Email Security, Forcepoint Web Security for an agri-food leader Amadori’","description":"<span style=\"color: rgb(97, 97, 97); \"><span style=\"font-style: italic;\">"We are able to control costs and plan more efficiently by using Forcepoint solutions”,</span> - Gianluca Giovannetti, Chief Information Officer Amadori Group<br /></span>\r\n<span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold;\">Amadori Enhances Security by Consolidating on Forcepoint</span><br />Agri-food leader Amadori’s success is based on the way it manages the entire integrated production chain including farms, feed producers, hatcheries, and food processing plants. The company decided to take the same integrated approach to cybersecurity with Forcepoint.<br /><br /><span style=\"font-weight: bold;\">Challenges</span><br /></span>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">New channels for internal and external collaboration required a security upgrade</span></li></ul>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Spam help desk support calls required too much time to handle</span></li></ul>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Increasing number of users working off-site, sometimes in public areas, with little protection led to new security risks</span></li></ul>\r\n<span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold;\">Approach</span><br /></span>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Forcepoint Email Security Cloud to eliminate spam and malware before it reaches the company network</span></li></ul>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Forcepoint Web Security to protect both office and remote workers from phishing sites, spyware, and malicious code</span></li></ul>\r\n<span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold;\">Results</span><br /></span>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Users and the company can take advantage of new external collaboration tools safely</span></li></ul>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Eliminated need for help desk to manually check blocked emails; instead users receive a daily report of emails quarantined, freeing up help desk time to focus on more pressing priorities</span></li></ul>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Consolidating on Forcepoint for all its key needs enabled the organization to reduce total cost of ownership and administrative overheads, while increasing planning efficiency.</span></li></ul>","alias":"forcepoint-email-security-forcepoint-web-security-for-an-agri-food-leader-amadori","roi":0,"seo":{"title":"Forcepoint Email Security, Forcepoint Web Security for an agri-food leader Amadori’","keywords":"","description":"<span style=\"color: rgb(97, 97, 97); \"><span style=\"font-style: italic;\">"We are able to control costs and plan more efficiently by using Forcepoint solutions”,</span> - Gianluca Giovannetti, Chief Information Officer Amadori Group<br /></span>\r\n<sp","og:title":"Forcepoint Email Security, Forcepoint Web Security for an agri-food leader Amadori’","og:description":"<span style=\"color: rgb(97, 97, 97); \"><span style=\"font-style: italic;\">"We are able to control costs and plan more efficiently by using Forcepoint solutions”,</span> - Gianluca Giovannetti, Chief Information Officer Amadori Group<br /></span>\r\n<sp"},"deal_info":"","user":{"id":5737,"title":"Amadori","logoURL":"https://old.roi4cio.com/uploads/roi/company/amadori-logo.png","alias":"amadori","address":"","roles":[],"description":" Amadori is one of the leading companies in the Italian agro-food sector, an innovative company and specialist in the poultry market. The turnover in 2014 was more than 1,2 billion euros. The Company, founded forty years ago in San Vittore di Cesena, relies on collaboration with over 7,200 workers and has industrial plants, subsidiaries and branches all over Italy.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.amadori.it/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Amadori","keywords":"","description":" Amadori is one of the leading companies in the Italian agro-food sector, an innovative company and specialist in the poultry market. The turnover in 2014 was more than 1,2 billion euros. The Company, founded forty years ago in San Vittore di Cesena, relies on","og:title":"Amadori","og:description":" Amadori is one of the leading companies in the Italian agro-food sector, an innovative company and specialist in the poultry market. The turnover in 2014 was more than 1,2 billion euros. The Company, founded forty years ago in San Vittore di Cesena, relies on","og:image":"https://old.roi4cio.com/uploads/roi/company/amadori-logo.png"},"eventUrl":""},"supplier":{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""},"vendors":[{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""}],"products":[{"id":938,"logo":false,"scheme":false,"title":"Forcepoint Email Security","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"forcepoint-email-security","companyTypes":[],"description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Security integrates powerful analytics and advanced malware sandboxing for inbound protection, content filtering for outbound data control and email encryption for secure communications.<br />Forcepoint Email Security Cloud’s proactive URL Wrapping and Phishing Education secure email wherever users need access, even on mobile devices. Our unrivaled cloud infrastructure delivers phishing, malware and DLP protection for Microsoft Office 365™ and other popular email systems.<br /><br /><span style=\"font-weight: bold;\">The Forcepoint Email Security advantage</span><br />\r\n<span style=\"font-style: italic;\">Real-time threat protection</span><br />\r\nReal-time threat protection uses a unique blend of detection technologies, including machine learning, sandboxing, and predictive analytics to effectively stop advanced threats such as ransomware.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Protection against highly evasive zero-day threats</span><br />\r\nGet advanced malware detection (sandboxing) with our full system emulation sandbox. Deep content inspection reveals highly evasive zero-day threat with no false positives.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Powerful encryption for additional protection</span><br />\r\nEncrypt sensitive email conversations and enhance mobile security by controlling sensitive attachments access by device.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Incident risk ranking to find the greatest risks</span><br />\r\nIncidents are correlated across multiple events to identify true cumulative risk trends and activity. A risk score is included to help security teams identify the greatest risks based on real-time activity.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Integrated data loss prevention</span><br />\r\nIntegrated industry-leading data loss prevention stops data infiltration and exfiltration capabilities.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Unique phishing education feature</span><br />\r\nUse Forcepoint Email Security’s unique phishing education features to help users adopt best practices and identify those who need additional training to improve their security awareness.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Complete out-of-the-box solution</span><br />\r\nForcepoint Email Security includes DLP, URL wrapping, and other capabilities that are considered premium "add-ons" or upgrades by many competitors, delivering the most comprehensive inbound and outbound defenses out of the box.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Deployment flexibility</span><br />\r\nHow you deploy our email security solution is up to you. Choose from a range of physical and virtual appliances to leverage existing hardware, cloud deployment, or hybrid environments.","shortDescription":"Forcepoint Email Security identifies targeted attacks, high-risk users and insider threats, while empowering mobile workers and the safe adoption of new technologies like Office 365 and Box Enterprise","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":8,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Email Security","keywords":"Cloud, Forcepoint, Security, email, Email, attacks, threats, advanced","description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Se","og:title":"Forcepoint Email Security","og:description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Se"},"eventUrl":"","translationId":939,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1630,"logo":false,"scheme":false,"title":"Forcepoint Web Security","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"forcepoint-web-security","companyTypes":[],"description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’t backhaul traffic or pay for appliances.\r\nForcepoint Web Security is built on a multi-tenant platform and deployed globally on the industry’s most secure cloud platform. And because every environment is different, Forcepoint Web Security can be deployed as a hybrid solution in combination with a Forcepoint Next Generation Firewall, providing protection for every user, everywhere.\r\n<span style=\"font-weight: bold;\">Highly secured and always available Forcepoint cloud</span>\r\nExtend web protection to roaming users with global coverage from the industry’s only certified global cloud infrastructure (ISO 27001, 27018, CSA STAR) for protecting every user from advanced threats.\r\n<span style=\"font-weight: bold;\">Empower the anytime, anywhere global workforce</span>\r\nForcepoint’s patent-pending Direct Connect Endpoint™ technology allows for unparalleled speed and connectivity for roaming users, eliminating latencies with a proxy-less endpoint.\r\n<span style=\"font-weight: bold;\">The features, API, and ports of a cloud security solution</span>\r\nForcepoint Web Security includes features typically found in as-a-service only cloud security product—but that’s just the start. Our enterprise-grade gateway appliance includes an SSL decryption mirror port and ingest API for additional threat feeds.\r\n<span style=\"font-weight: bold;\">Unrivaled threat protection with Forcepoint ACE</span>\r\nForcepoint’s Advanced Classification Engine (ACE) identifies threats with over 10,000 analytics, machine learning, behavioral baselines, and other advanced techniques maintained through real-time global threat intelligence.\r\n<span style=\"font-weight: bold;\">Superior real-time reporting—simplified</span>\r\nStreamline your workflow with easy-to-use drag-and-drop reporting, delivered in real-time through an interactive interface—all in a centralized system.\r\n<span style=\"font-weight: bold;\">Remove layers of latency</span>\r\nGo direct. Unlike other cloud solutions, Forcepoint has direct peering partners, critical to the security and productivity of a global workforce and its shared data.\r\n\r\n<span style=\"font-weight: bold;\">Key features:</span><span style=\"font-style: italic;\"></span>\r\n<span style=\"font-weight: bold;\">Integrated CASB functionality</span><br />Easily extend visibility and control to cloud applications, from shadow IT reporting to full control via inline (proxy) mode.\r\n<span style=\"font-weight: bold;\">Not just URL filtering</span>\r\nDon’t need your traffic forwarded to the cloud? Enable URL filtering in our leading Next Generation Firewall (NGFW), allowing for granular controls based on users and applications.\r\n<span style=\"font-weight: bold;\">Streamline compliance</span>\r\nMeet the highest certification standards across data privacy laws and residency requirements in different jurisdictions—while allowing users to keep doing good things.\r\n<span style=\"font-weight: bold;\">Expand internet access for roaming users</span>\r\nApply different policies when an employee connects from corporate and non-corporate locations with Forcepoint Web Security.\r\n<span style=\"font-weight: bold;\">Security and protection beyond the endpoint</span>\r\nExtend your existing policies to mobile devices and protect them from Advanced Threats, mobile malware, phishing attacks, spoofing, and more with Web Security.\r\n<span style=\"font-weight: bold;\">ThreatSeeker Intelligence</span>\r\nUnite over 900 million endpoints (including inputs from Facebook), and with Forcepoint ACE security defenses, analyze up to five billion requests per day. This is the core collective intelligence for all Forcepoint products—managed by Forcepoint Security Labs.\r\n<span style=\"font-weight: bold;\">Enterprise-grade DLP protection</span>\r\nForcepoint’s 9x Magic Quadrant leading DLP and integrated Incident Risk Ranking (IRR) can protect your data from people-based security incidents, including risk caused by accidental, compromised, and malicious insiders.\r\n<span style=\"font-weight: bold;\">Eliminate crippling false malware with AMD</span>\r\nCloud sandboxing allows you to optimize remediation efforts for incident response teams with comprehensive and actionable intelligence—providing 100% efficacy in malware detection.","shortDescription":"Forcepoint Web Security provides robust protection through content aware defenses and cloud app discovery and monitoring, reducing risks to sensitive data for both on premise and mobile users.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":17,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Web Security","keywords":"data, Forcepoint, theft, Security, your, content, within, include","description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’","og:title":"Forcepoint Web Security","og:description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’"},"eventUrl":"","translationId":1561,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":387,"title":"Non-compliant with IT security requirements"}]}},"categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.forcepoint.com/resources/case-study/amadori","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":614,"title":"Forcepoint Email Security, Forcepoint Web Security for IT company","description":"To meet the company’s stringent security needs, Alphawest has been using Forcepoint Web and Email Security since 2012. The solution supplements traditional reputation-based filtering needs with intelligent content inspection and advanced analytics.\r\n<blockquote>“Maintaining a separate solution is inefficient and, frankly, frustrating. Adopting a hybrid web and email security solution from Forcepoint has given us the best of both worlds. It delivers great IT management efficiencies because a single management console configures both the cloud services and our internal appliances. So you do everything once and you are protected twice. But at the same time, it ensures we maintain those multiple lines of defense. It is redundancy without replication.”</blockquote>\r\n— Watts","alias":"forcepoint-email-security-forcepoint-web-security-for-it-company","roi":0,"seo":{"title":"Forcepoint Email Security, Forcepoint Web Security for IT company","keywords":"","description":"To meet the company’s stringent security needs, Alphawest has been using Forcepoint Web and Email Security since 2012. The solution supplements traditional reputation-based filtering needs with intelligent content inspection and advanced analytics.\r\n<blockquot","og:title":"Forcepoint Email Security, Forcepoint Web Security for IT company","og:description":"To meet the company’s stringent security needs, Alphawest has been using Forcepoint Web and Email Security since 2012. The solution supplements traditional reputation-based filtering needs with intelligent content inspection and advanced analytics.\r\n<blockquot"},"deal_info":"","user":{"id":5041,"title":"Alphawest","logoURL":"https://old.roi4cio.com/uploads/roi/company/Alphawest.jpg","alias":"alphawest","address":"","roles":[],"description":"With a history dating back to the mid-1980s, a period of public listing on the Australian Stock Exchange and the 2005 high-profile acquisition by SingTel Optus, Alphawest is one of Australia’s best-known ICT support organizations. Headquartered in Sydney, it provides systems development and provisioning, managed and other support services to clients across Australia.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Alphawest","keywords":"","description":"With a history dating back to the mid-1980s, a period of public listing on the Australian Stock Exchange and the 2005 high-profile acquisition by SingTel Optus, Alphawest is one of Australia’s best-known ICT support organizations. Headquartered in Sydney, it p","og:title":"Alphawest","og:description":"With a history dating back to the mid-1980s, a period of public listing on the Australian Stock Exchange and the 2005 high-profile acquisition by SingTel Optus, Alphawest is one of Australia’s best-known ICT support organizations. Headquartered in Sydney, it p","og:image":"https://old.roi4cio.com/uploads/roi/company/Alphawest.jpg"},"eventUrl":""},"supplier":{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""},"vendors":[{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""}],"products":[{"id":938,"logo":false,"scheme":false,"title":"Forcepoint Email Security","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"forcepoint-email-security","companyTypes":[],"description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Security integrates powerful analytics and advanced malware sandboxing for inbound protection, content filtering for outbound data control and email encryption for secure communications.<br />Forcepoint Email Security Cloud’s proactive URL Wrapping and Phishing Education secure email wherever users need access, even on mobile devices. Our unrivaled cloud infrastructure delivers phishing, malware and DLP protection for Microsoft Office 365™ and other popular email systems.<br /><br /><span style=\"font-weight: bold;\">The Forcepoint Email Security advantage</span><br />\r\n<span style=\"font-style: italic;\">Real-time threat protection</span><br />\r\nReal-time threat protection uses a unique blend of detection technologies, including machine learning, sandboxing, and predictive analytics to effectively stop advanced threats such as ransomware.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Protection against highly evasive zero-day threats</span><br />\r\nGet advanced malware detection (sandboxing) with our full system emulation sandbox. Deep content inspection reveals highly evasive zero-day threat with no false positives.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Powerful encryption for additional protection</span><br />\r\nEncrypt sensitive email conversations and enhance mobile security by controlling sensitive attachments access by device.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Incident risk ranking to find the greatest risks</span><br />\r\nIncidents are correlated across multiple events to identify true cumulative risk trends and activity. A risk score is included to help security teams identify the greatest risks based on real-time activity.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Integrated data loss prevention</span><br />\r\nIntegrated industry-leading data loss prevention stops data infiltration and exfiltration capabilities.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Unique phishing education feature</span><br />\r\nUse Forcepoint Email Security’s unique phishing education features to help users adopt best practices and identify those who need additional training to improve their security awareness.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Complete out-of-the-box solution</span><br />\r\nForcepoint Email Security includes DLP, URL wrapping, and other capabilities that are considered premium "add-ons" or upgrades by many competitors, delivering the most comprehensive inbound and outbound defenses out of the box.<span style=\"font-style: italic;\"></span>\r\n<span style=\"font-style: italic;\">Deployment flexibility</span><br />\r\nHow you deploy our email security solution is up to you. Choose from a range of physical and virtual appliances to leverage existing hardware, cloud deployment, or hybrid environments.","shortDescription":"Forcepoint Email Security identifies targeted attacks, high-risk users and insider threats, while empowering mobile workers and the safe adoption of new technologies like Office 365 and Box Enterprise","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":8,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Email Security","keywords":"Cloud, Forcepoint, Security, email, Email, attacks, threats, advanced","description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Se","og:title":"Forcepoint Email Security","og:description":"Forcepoint Email Security is a protecting from spam, phishing & ransomware attacks wherever email is accessed.\r\nDetect spam, phishing and other APTs with comprehensive defenses to stop advanced threats like ransomware before they start. Forcepoint Email Se"},"eventUrl":"","translationId":939,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1630,"logo":false,"scheme":false,"title":"Forcepoint Web Security","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"forcepoint-web-security","companyTypes":[],"description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’t backhaul traffic or pay for appliances.\r\nForcepoint Web Security is built on a multi-tenant platform and deployed globally on the industry’s most secure cloud platform. And because every environment is different, Forcepoint Web Security can be deployed as a hybrid solution in combination with a Forcepoint Next Generation Firewall, providing protection for every user, everywhere.\r\n<span style=\"font-weight: bold;\">Highly secured and always available Forcepoint cloud</span>\r\nExtend web protection to roaming users with global coverage from the industry’s only certified global cloud infrastructure (ISO 27001, 27018, CSA STAR) for protecting every user from advanced threats.\r\n<span style=\"font-weight: bold;\">Empower the anytime, anywhere global workforce</span>\r\nForcepoint’s patent-pending Direct Connect Endpoint™ technology allows for unparalleled speed and connectivity for roaming users, eliminating latencies with a proxy-less endpoint.\r\n<span style=\"font-weight: bold;\">The features, API, and ports of a cloud security solution</span>\r\nForcepoint Web Security includes features typically found in as-a-service only cloud security product—but that’s just the start. Our enterprise-grade gateway appliance includes an SSL decryption mirror port and ingest API for additional threat feeds.\r\n<span style=\"font-weight: bold;\">Unrivaled threat protection with Forcepoint ACE</span>\r\nForcepoint’s Advanced Classification Engine (ACE) identifies threats with over 10,000 analytics, machine learning, behavioral baselines, and other advanced techniques maintained through real-time global threat intelligence.\r\n<span style=\"font-weight: bold;\">Superior real-time reporting—simplified</span>\r\nStreamline your workflow with easy-to-use drag-and-drop reporting, delivered in real-time through an interactive interface—all in a centralized system.\r\n<span style=\"font-weight: bold;\">Remove layers of latency</span>\r\nGo direct. Unlike other cloud solutions, Forcepoint has direct peering partners, critical to the security and productivity of a global workforce and its shared data.\r\n\r\n<span style=\"font-weight: bold;\">Key features:</span><span style=\"font-style: italic;\"></span>\r\n<span style=\"font-weight: bold;\">Integrated CASB functionality</span><br />Easily extend visibility and control to cloud applications, from shadow IT reporting to full control via inline (proxy) mode.\r\n<span style=\"font-weight: bold;\">Not just URL filtering</span>\r\nDon’t need your traffic forwarded to the cloud? Enable URL filtering in our leading Next Generation Firewall (NGFW), allowing for granular controls based on users and applications.\r\n<span style=\"font-weight: bold;\">Streamline compliance</span>\r\nMeet the highest certification standards across data privacy laws and residency requirements in different jurisdictions—while allowing users to keep doing good things.\r\n<span style=\"font-weight: bold;\">Expand internet access for roaming users</span>\r\nApply different policies when an employee connects from corporate and non-corporate locations with Forcepoint Web Security.\r\n<span style=\"font-weight: bold;\">Security and protection beyond the endpoint</span>\r\nExtend your existing policies to mobile devices and protect them from Advanced Threats, mobile malware, phishing attacks, spoofing, and more with Web Security.\r\n<span style=\"font-weight: bold;\">ThreatSeeker Intelligence</span>\r\nUnite over 900 million endpoints (including inputs from Facebook), and with Forcepoint ACE security defenses, analyze up to five billion requests per day. This is the core collective intelligence for all Forcepoint products—managed by Forcepoint Security Labs.\r\n<span style=\"font-weight: bold;\">Enterprise-grade DLP protection</span>\r\nForcepoint’s 9x Magic Quadrant leading DLP and integrated Incident Risk Ranking (IRR) can protect your data from people-based security incidents, including risk caused by accidental, compromised, and malicious insiders.\r\n<span style=\"font-weight: bold;\">Eliminate crippling false malware with AMD</span>\r\nCloud sandboxing allows you to optimize remediation efforts for incident response teams with comprehensive and actionable intelligence—providing 100% efficacy in malware detection.","shortDescription":"Forcepoint Web Security provides robust protection through content aware defenses and cloud app discovery and monitoring, reducing risks to sensitive data for both on premise and mobile users.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":17,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Web Security","keywords":"data, Forcepoint, theft, Security, your, content, within, include","description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’","og:title":"Forcepoint Web Security","og:description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’"},"eventUrl":"","translationId":1561,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":387,"title":"Non-compliant with IT security requirements"}]}},"categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.forcepoint.com/sites/default/files/case_study_downloads/casestudy_alphawest_en_0.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":618,"title":"Forcepoint URL Filtering, Forcepoint Web Security for logistics","description":"The need to define clearer roles and protocols pushed FERCAM to adopt the Forcepoint Web Security solution:\r\n<blockquote>“We analyzed various offers but our decision was based on the ease of use, the speed of implementation and, above all, the granularity of Forcepoint technology. Today we not only utilize effective and up to date blacklists, but we can determine which portions or services within a particular site to make available or which to block.”</blockquote>\r\n— Albiero\r\nFERCAM managed to define policies for specific user categories while appropriately filtering access to specific web sites or pages. Increased network restrictions will always cause blowback from its most frequent users. However, it did not take long for this staff to accept the increased security after appreciating an overall improved performance.","alias":"forcepoint-url-filtering-forcepoint-web-security-for-logistics","roi":0,"seo":{"title":"Forcepoint URL Filtering, Forcepoint Web Security for logistics","keywords":"","description":"The need to define clearer roles and protocols pushed FERCAM to adopt the Forcepoint Web Security solution:\r\n<blockquote>“We analyzed various offers but our decision was based on the ease of use, the speed of implementation and, above all, the granularity of F","og:title":"Forcepoint URL Filtering, Forcepoint Web Security for logistics","og:description":"The need to define clearer roles and protocols pushed FERCAM to adopt the Forcepoint Web Security solution:\r\n<blockquote>“We analyzed various offers but our decision was based on the ease of use, the speed of implementation and, above all, the granularity of F"},"deal_info":"","user":{"id":5044,"title":"FERCAM","logoURL":"https://old.roi4cio.com/uploads/roi/company/fercam_logo.jpg","alias":"fercam","address":"","roles":[],"description":"Fercam is a family-owned logistics operator with nearly $600 million in annual revenue. The company has 900,000 square meters of warehouses in 32 next generation centers and employs about 1,688 direct and 1,800 indirect personnel. FERCAM operates 50 branches in Italy, 22 in the European Union and 3 in the Mediterranean Basin (Morocco, Tunisia and Turkey), making use of an efficient worldwide network of correspondents and partners.<br />Additionally, FERCAM operates in multiple fields of transport and logistics with specialized services: FERCAM Transport for road and rail, FERCAM Air & Ocean, and FERCAM Logistics and Distribution dedicated to the management of the entire supply chain of its customers.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.fercam.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"FERCAM","keywords":"","description":"Fercam is a family-owned logistics operator with nearly $600 million in annual revenue. The company has 900,000 square meters of warehouses in 32 next generation centers and employs about 1,688 direct and 1,800 indirect personnel. FERCAM operates 50 branches i","og:title":"FERCAM","og:description":"Fercam is a family-owned logistics operator with nearly $600 million in annual revenue. The company has 900,000 square meters of warehouses in 32 next generation centers and employs about 1,688 direct and 1,800 indirect personnel. FERCAM operates 50 branches i","og:image":"https://old.roi4cio.com/uploads/roi/company/fercam_logo.jpg"},"eventUrl":""},"supplier":{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""},"vendors":[{"id":178,"title":"Forcepoint","logoURL":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png","alias":"forcepoint","address":"Forcepoint Title","roles":[],"description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-domain solutions, the company is also known as Websense, Raytheon | Websense. </span>\r\n<span lang=\"en\"> Forcepoint solutions protect users, data and computing networks from attacks, as well as accidental and deliberate information leaks throughout the entire life cycle. Forcepoint protects data everywhere - in the office, on the road, in the cloud. This simplifies regulatory compliance and optimizes the cost of security solutions. Forcepoint allows you to focus on prioritization by automating day-to-day operations. </span>\r\n<span lang=\"en\">Forcepoint's clients include Fortune 500 and FTSE 100 leaders: AT&T, Deutsche Telecom, Canon, McDonanld's, UPS, Sheraton, Merill Lynch, Bank of America, PepsiCo Inc. and many others.</span> ","companyTypes":[],"products":{},"vendoredProductsCount":15,"suppliedProductsCount":15,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":15,"vendorImplementationsCount":16,"vendorPartnersCount":0,"supplierPartnersCount":8,"b4r":0,"categories":{},"companyUrl":"www.forcepoint.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Forcepoint","keywords":"Forcepoint, from, Websense, Raytheon, security, data, employees, browsing","description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:title":"Forcepoint","og:description":"<span lang=\"en\">Forcepoint is an American multinational software corporation headquartered in Austin, Texas USA. The company is a subsidiary of Raytheon Technologies, which currently develops computer security and privacy software, CASB, firewalls and cross-do","og:image":"https://old.roi4cio.com/uploads/roi/company/forcepoint_logo.png"},"eventUrl":""}],"products":[{"id":1630,"logo":false,"scheme":false,"title":"Forcepoint Web Security","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"forcepoint-web-security","companyTypes":[],"description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’t backhaul traffic or pay for appliances.\r\nForcepoint Web Security is built on a multi-tenant platform and deployed globally on the industry’s most secure cloud platform. And because every environment is different, Forcepoint Web Security can be deployed as a hybrid solution in combination with a Forcepoint Next Generation Firewall, providing protection for every user, everywhere.\r\n<span style=\"font-weight: bold;\">Highly secured and always available Forcepoint cloud</span>\r\nExtend web protection to roaming users with global coverage from the industry’s only certified global cloud infrastructure (ISO 27001, 27018, CSA STAR) for protecting every user from advanced threats.\r\n<span style=\"font-weight: bold;\">Empower the anytime, anywhere global workforce</span>\r\nForcepoint’s patent-pending Direct Connect Endpoint™ technology allows for unparalleled speed and connectivity for roaming users, eliminating latencies with a proxy-less endpoint.\r\n<span style=\"font-weight: bold;\">The features, API, and ports of a cloud security solution</span>\r\nForcepoint Web Security includes features typically found in as-a-service only cloud security product—but that’s just the start. Our enterprise-grade gateway appliance includes an SSL decryption mirror port and ingest API for additional threat feeds.\r\n<span style=\"font-weight: bold;\">Unrivaled threat protection with Forcepoint ACE</span>\r\nForcepoint’s Advanced Classification Engine (ACE) identifies threats with over 10,000 analytics, machine learning, behavioral baselines, and other advanced techniques maintained through real-time global threat intelligence.\r\n<span style=\"font-weight: bold;\">Superior real-time reporting—simplified</span>\r\nStreamline your workflow with easy-to-use drag-and-drop reporting, delivered in real-time through an interactive interface—all in a centralized system.\r\n<span style=\"font-weight: bold;\">Remove layers of latency</span>\r\nGo direct. Unlike other cloud solutions, Forcepoint has direct peering partners, critical to the security and productivity of a global workforce and its shared data.\r\n\r\n<span style=\"font-weight: bold;\">Key features:</span><span style=\"font-style: italic;\"></span>\r\n<span style=\"font-weight: bold;\">Integrated CASB functionality</span><br />Easily extend visibility and control to cloud applications, from shadow IT reporting to full control via inline (proxy) mode.\r\n<span style=\"font-weight: bold;\">Not just URL filtering</span>\r\nDon’t need your traffic forwarded to the cloud? Enable URL filtering in our leading Next Generation Firewall (NGFW), allowing for granular controls based on users and applications.\r\n<span style=\"font-weight: bold;\">Streamline compliance</span>\r\nMeet the highest certification standards across data privacy laws and residency requirements in different jurisdictions—while allowing users to keep doing good things.\r\n<span style=\"font-weight: bold;\">Expand internet access for roaming users</span>\r\nApply different policies when an employee connects from corporate and non-corporate locations with Forcepoint Web Security.\r\n<span style=\"font-weight: bold;\">Security and protection beyond the endpoint</span>\r\nExtend your existing policies to mobile devices and protect them from Advanced Threats, mobile malware, phishing attacks, spoofing, and more with Web Security.\r\n<span style=\"font-weight: bold;\">ThreatSeeker Intelligence</span>\r\nUnite over 900 million endpoints (including inputs from Facebook), and with Forcepoint ACE security defenses, analyze up to five billion requests per day. This is the core collective intelligence for all Forcepoint products—managed by Forcepoint Security Labs.\r\n<span style=\"font-weight: bold;\">Enterprise-grade DLP protection</span>\r\nForcepoint’s 9x Magic Quadrant leading DLP and integrated Incident Risk Ranking (IRR) can protect your data from people-based security incidents, including risk caused by accidental, compromised, and malicious insiders.\r\n<span style=\"font-weight: bold;\">Eliminate crippling false malware with AMD</span>\r\nCloud sandboxing allows you to optimize remediation efforts for incident response teams with comprehensive and actionable intelligence—providing 100% efficacy in malware detection.","shortDescription":"Forcepoint Web Security provides robust protection through content aware defenses and cloud app discovery and monitoring, reducing risks to sensitive data for both on premise and mobile users.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":17,"sellingCount":10,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint Web Security","keywords":"data, Forcepoint, theft, Security, your, content, within, include","description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’","og:title":"Forcepoint Web Security","og:description":"Forcepoint Web Security provides industry-leading reporting, sandboxing and DLP capabilities, and stops more advanced, non-signature threats to your data than any other solution – including Blue Coat, Cisco and Zscaler. And because it is cloud hosted, you won’"},"eventUrl":"","translationId":1561,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1614,"logo":false,"scheme":false,"title":"Forcepoint URL Filtering","vendorVerified":0,"rating":"3.00","implementationsCount":1,"suppliersCount":0,"alias":"forcepoint-url-filtering","companyTypes":[],"description":"Forcepoint URL Filtering is the industry’s most effective, continually up-to-date web filtering solution. Powered by our ThreatSeeker Intelligence, Forcepoint URL Filtering collects and analyzes up to 5 billion incidents every day (from over 155 countries), producing updated threat analytics for Forcepoint solutions at up to 3.2 updates per second.\r\nForcepoint URL Filtering blocks web threats to reduce malware infections, decrease help desk incidents and provide relief to valuable IT resources. Forcepoint URL Filtering is an easy-to-deploy, transparent filter and security solution that avoids the complexity of a proxy gateway. It’s equipped with more than 120 security and web filtering categories, hundreds of web application and protocol controls, and 60-plus reports with customization and role-based access.<br /><br /><span style=\"font-weight: bold;\">The Forcepoint Advantage</span><br />\r\n<span style=\"font-style: italic;\">Web filtering with ThreatSeeker threat intelligence</span><br />\r\nIdentify threats with over 10,000 analytics, machine learning and other advanced techniques maintained through real-time global threat intelligence with Forcepoint Web Security.<br />\r\n<span style=\"font-style: italic;\">Granular user behavior analysis and productivity reporting</span><br />\r\nMore than 60 reports with customization and role-based access.<br />\r\n<span style=\"font-style: italic;\">Customizable allowed/denied url filters</span><br />\r\nUtilize both timed and/or permanent web filters for managing access to websites.<br />\r\n<span style=\"font-style: italic;\">Industry-leading web security policy controls</span><br />\r\nMore than 120 security and content categories","shortDescription":"The Forcepoint URL Filtering solution blocks Web threats to reduce malware infections, decrease help desk incidents and free up valuable IT resources.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":5,"sellingCount":4,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Forcepoint URL Filtering","keywords":"Forcepoint, more, TRITON, security, than, role-based, unified, reporting","description":"Forcepoint URL Filtering is the industry’s most effective, continually up-to-date web filtering solution. Powered by our ThreatSeeker Intelligence, Forcepoint URL Filtering collects and analyzes up to 5 billion incidents every day (from over 155 countries), pr","og:title":"Forcepoint URL Filtering","og:description":"Forcepoint URL Filtering is the industry’s most effective, continually up-to-date web filtering solution. Powered by our ThreatSeeker Intelligence, Forcepoint URL Filtering collects and analyzes up to 5 billion incidents every day (from over 155 countries), pr"},"eventUrl":"","translationId":1588,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":336,"title":"Risk or Leaks of confidential information"},{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"},{"id":485,"title":"Web security","alias":"web-security","description":" Web security basically means protecting a website or web application by detecting, preventing and responding to cyber threats.\r\nWebsites and web applications are just as prone to security breaches as physical homes, stores, and government locations. Unfortunately, cybercrime happens every day, and great web security measures are needed to protect websites and web applications from becoming compromised.\r\nThat’s exactly what web security does – it is a system of protection measures and protocols that can protect your website or web application from being hacked or entered by unauthorized personnel. This integral division of Information Security is vital to the protection of websites, web applications, and web services. Anything that is applied over the Internet should have some form of web security to protect it.\r\nThere are a lot of factors that go into web security and web protection. Any website or application that is secure is surely backed by different types of checkpoints and techniques for keeping it safe.\r\nThere are a variety of security standards that must be followed at all times, and these standards are implemented and highlighted by the OWASP. Most experienced web developers from top cybersecurity companies will follow the standards of the OWASP as well as keep a close eye on the Web Hacking Incident Database to see when, how, and why different people are hacking different websites and services.\r\nEssential steps in protecting web apps from attacks include applying up-to-date encryption, setting proper authentication, continuously patching discovered vulnerabilities, avoiding data theft by having secure software development practices. The reality is that clever attackers may be competent enough to find flaws even in a fairly robust secured environment, and so a holistic security strategy is advised.\r\nThere are different types of technologies available for maintaining the best security standards. Some popular technical solutions for testing, building, and preventing threats include black and white box testing tools, fuzzing tools, WAF, security or vulnerability scanners, password cracking tools, and so on.","materialsDescription":" <span style=\"font-weight: bold; \">What is Malware?</span>\r\nThe name malware is short for ‘malicioussoftware’. Malware includes any software program that has been created to perform an unauthorised — and often harmful — action on a user’s device. Examples of malware include:\r\n<ul><li>Computer viruses</li><li>Word and Excel macro viruses</li><li>Boot sector viruses</li><li>Script viruses — including batch, Windows shell, Java and others</li><li>Keyloggers</li><li>Password stealers</li><li>Backdoor Trojan viruses</li><li>Other Trojan viruses</li><li>Crimeware</li><li>Spyware</li><li>Adware... and many other types of malicious software programs</li></ul>\r\n<span style=\"font-weight: bold; \">What is the difference between a computer virus and a worm?</span>\r\n<span style=\"font-weight: bold; \">Computer virus.</span> This is a type of malicious program that can replicate itself — so that it can spread from file to file on a computer, and can also spread from one computer to another. Computer viruses are often programmed to perform damaging actions — such as corrupting or deleting data. The longer a virus remains undetected on your machine, the greater the number of infected files that may be on your computer.\r\n<span style=\"font-weight: bold; \">Worms.</span> Worms are generally considered to be a subset of computer viruses — but with some specific differences:\r\n<ul><li>A worm is a computer program that replicates, but does not infect other files.</li><li>The worm will install itself once on a computer — and then look for a way to spread to other computers.</li><li>Whereas a virus is a set of code that adds itself to existing files, a worm exists as a separate, standalone file.</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Trojan virus?</span>\r\nA Trojan is effectively a program that pretends to be legitimate software — but, when launched, it will perform a harmful action. Unlike computer viruses and worms, Trojans cannot spread by themselves. Typically, Trojans are installed secretly and they deliver their malicious payload without the user’s knowledge.\r\nCybercriminals use many different types of Trojans — and each has been designed to perform a specific malicious function. The most common are:\r\n<ul><li>Backdoor Trojans (these often include a keylogger)</li><li>Trojan Spies</li><li>Password stealing Trojans</li><li>Trojan Proxies — that convert your computer into a spam distribution machine</li></ul>\r\n<span style=\"font-weight: bold; \">Why are Trojan viruses called Trojans?</span>\r\nIn Greek mythology — during the Trojan war — the Greeks used subterfuge to enter the city of Troy. The Greeks constructed a massive wooden horse — and, unaware that the horse contained Greek soldiers, the Trojans pulled the horse into the city. At night, the Greek soldiers escaped from the horse and opened the city gates — for the Greek army to enter Troy.\r\nToday, Trojan viruses use subterfuge to enter unsuspecting users’ computers and devices.\r\n<span style=\"font-weight: bold; \">What is a Keylogger?</span>\r\nA keylogger is a program that can record what you type on your computer keyboard. Criminals use keyloggers to obtain confidential data — such as login details, passwords, credit card numbers, PINs and other items. Backdoor Trojans typically include an integrated keylogger.\r\n<span style=\"font-weight: bold; \">What is Phishing?</span>\r\nPhishing is a very specific type of cybercrime that is designed to trick you into disclosing valuable information — such as details about your bank account or credit cards. Often, cybercriminals will create a fake website that looks just like a legitimate site — such as a bank’s official website. The cybercriminal will try to trick you into visiting their fake site — typically by sending you an email that contains a hyperlink to the fake site. When you visit the fake website, it will generally ask you to type in confidential data — such as your login, password or PIN.\r\n<span style=\"font-weight: bold; \">What is Spyware?</span>\r\nSpyware is software that is designed to collect your data and send it to a third party — without your knowledge or consent. Spyware programs will often:\r\n<ul><li>Monitor the keys you press on your keyboard — using a keylogger</li><li>Collect confidential information — such as your passwords, credit card numbers, PIN numbers and more</li><li>Gather — or ‘harvest’ — email addresses from your computer</li><li>Track your Internet browsing habits</li></ul>\r\n<span style=\"font-weight: bold; \">What is a Rootkit?</span>\r\nRootkits are programs that hackers use in order to evade detection while trying to gain unauthorised access to a computer. Rootkits have been used increasingly as a form of stealth to hide Trojan virus activity. When installed on a computer, rootkits are invisible to the user and also take steps to avoid being detected by security software.\r\nThe fact that many people log into their computers with administrator rights — rather than creating a separate account with restricted access — makes it easier for cybercriminals to install a rootkit.\r\n<span style=\"font-weight: bold; \">What is a Botnet?</span>\r\nA botnet is a network of computers controlled by cybercriminals using a Trojan virus or other malicious program.\r\n<span style=\"font-weight: bold;\">What is a DDoS attack?</span>\r\nA Distributed-Denial-of-Service (DDoS) attack is similar to a DoS. However, a DDoS attack is conducted using multiple machines. Usually, for a DDoS attack, the hacker will use one security compromised computer as the ‘master’ machine that co-ordinates the attack by other ‘zombie machines’. Typically, the cybercriminal will compromise the security on the master and all of the zombie machines, by exploiting a vulnerability in an application on each computer — to install a Trojan or other piece of malicious code.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/security-web-application-security.png"},{"id":24,"title":"DLP - Data Leak Prevention","alias":"dlp-data-leak-prevention","description":"Data leak prevention (DLP) is a suite of technologies aimed at stemming the loss of sensitive information that occurs in enterprises across the globe. By focusing on the location, classification and monitoring of information at rest, in use and in motion, this solution can go far in helping an enterprise get a handle on what information it has, and in stopping the numerous leaks of information that occur each day. DLP is not a plug-and-play solution. The successful implementation of this technology requires significant preparation and diligent ongoing maintenance. Enterprises seeking to integrate and implement DLP should be prepared for a significant effort that, if done correctly, can greatly reduce risk to the organization. Those implementing the solution must take a strategic approach that addresses risks, impacts and mitigation steps, along with appropriate governance and assurance measures.","materialsDescription":" <span style=\"font-weight: bold;\">How to protect the company from internal threats associated with leakage of confidential information?</span>\r\nIn order to protect against any threat, you must first realize its presence. Unfortunately, not always the management of companies is able to do this if it comes to information security threats. The key to successfully protecting against information leaks and other threats lies in the skillful use of both organizational and technical means of monitoring personnel actions.\r\n<span style=\"font-weight: bold;\">How should the personnel management system in the company be organized to minimize the risks of leakage of confidential information?</span>\r\nA company must have a special employee responsible for information security, and a large department must have a department directly reporting to the head of the company.\r\n<span style=\"font-weight: bold;\">Which industry representatives are most likely to encounter confidential information leaks?</span>\r\nMore than others, representatives of such industries as industry, energy, and retail trade suffer from leaks. Other industries traditionally exposed to leakage risks — banking, insurance, IT — are usually better at protecting themselves from information risks, and for this reason they are less likely to fall into similar situations.\r\n<span style=\"font-weight: bold;\">What should be adequate measures to protect against leakage of information for an average company?</span>\r\nFor each organization, the question of protection measures should be worked out depending on the specifics of its work, but developing information security policies, instructing employees, delineating access to confidential data and implementing a DLP system are necessary conditions for successful leak protection for any organization. Among all the technical means to prevent information leaks, the DLP system is the most effective today, although its choice must be taken very carefully to get the desired result. So, it should control all possible channels of data leakage, support automatic detection of confidential information in outgoing traffic, maintain control of work laptops that temporarily find themselves outside the corporate network...\r\n<span style=\"font-weight: bold;\">Is it possible to give protection against information leaks to outsourcing?</span>\r\nFor a small company, this may make sense because it reduces costs. However, it is necessary to carefully select the service provider, preferably before receiving recommendations from its current customers.\r\n<span style=\"font-weight: bold;\">What data channels need to be monitored to prevent leakage of confidential information?</span>\r\nAll channels used by employees of the organization - e-mail, Skype, HTTP World Wide Web protocol ... It is also necessary to monitor the information recorded on external storage media and sent to print, plus periodically check the workstation or laptop of the user for files that are there saying should not.\r\n<span style=\"font-weight: bold;\">What to do when the leak has already happened?</span>\r\nFirst of all, you need to notify those who might suffer - silence will cost your reputation much more. Secondly, you need to find the source and prevent further leakage. Next, you need to assess where the information could go, and try to somehow agree that it does not spread further. In general, of course, it is easier to prevent the leakage of confidential information than to disentangle its consequences.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Data_Leak_Prevention.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.forcepoint.com/resources/case-study/fercam","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":684,"title":"Fortinet for Industrial manufacturing","description":"In 2004, GEMÜ ran a trial of the Fortinet FortiGate next generation firewall against other vendors’ solutions. The performance and capabilities of the FortiGate proved to be a perfect match with the company’s evaluation criteria, and models from the range were deployed across all locations.\r\n“From the outset, the FortiGates provided the protection we needed, were very intuitive to manage, quick to learn, and straightforward in terms of interpreting their findings,” reflected Scharpfenecker. “It’s proved to be a great product line that has continued to scale and meet our needs ever since.”\r\nToday, GEMÜ relies not only on FortiGates but further leverages the comprehensive Fortinet Security Fabric through its deployment of FortiMail-VM, FortiWeb-VM, FortiSandbox, FortiAP, and FortiWifi, in conjunction with the FortiGuard Services Bundle. \r\nHaving a unified console for all of its Fortinet solutions enables GEMÜ’s IT department to operate efficiently. “The team enjoys the same familiar syntax across all our different units – from small to large – it’s the same interface across everything,” noted Scharpfenecker, “And that is an enormous contributor in keeping our IT organization lean and effective.”\r\nHe concluded, “We have never been disappointed by a Fortinet product. The combined set of capabilities across the entire Fortinet Security Fabric gives GEMÜ a significant security advantage.\r\n“Fortinet helps GEMÜ keep the lights on around the world!” ","alias":"fortinet-for-industrial-manufacturing","roi":0,"seo":{"title":"Fortinet for Industrial manufacturing","keywords":"","description":"In 2004, GEMÜ ran a trial of the Fortinet FortiGate next generation firewall against other vendors’ solutions. The performance and capabilities of the FortiGate proved to be a perfect match with the company’s evaluation criteria, and models from the range were","og:title":"Fortinet for Industrial manufacturing","og:description":"In 2004, GEMÜ ran a trial of the Fortinet FortiGate next generation firewall against other vendors’ solutions. The performance and capabilities of the FortiGate proved to be a perfect match with the company’s evaluation criteria, and models from the range were"},"deal_info":"","user":{"id":5074,"title":"GEMÜ","logoURL":"https://old.roi4cio.com/uploads/roi/company/GEMUE.jpg","alias":"gemue","address":"","roles":[],"description":"GEMÜ Gebrüder Müller Apparatebau GmbH & Co. KG is a group of companies that specialize in valve, process and control technologies for industrial applications including sterile environments. The company has locations spanning 50 countries through a network of subsidiaries and trading partners, as well as manufacturing sites in Switzerland, France, Brazil and China. Even with 1,600 employees and 400,000 product options, GEMÜ still retains all of the advantages of its family-business culture.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"GEMÜ","keywords":"","description":"GEMÜ Gebrüder Müller Apparatebau GmbH & Co. KG is a group of companies that specialize in valve, process and control technologies for industrial applications including sterile environments. The company has locations spanning 50 countries through a network ","og:title":"GEMÜ","og:description":"GEMÜ Gebrüder Müller Apparatebau GmbH & Co. KG is a group of companies that specialize in valve, process and control technologies for industrial applications including sterile environments. The company has locations spanning 50 countries through a network ","og:image":"https://old.roi4cio.com/uploads/roi/company/GEMUE.jpg"},"eventUrl":""},"supplier":{"id":8760,"title":"Hidden supplier","logoURL":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg","alias":"skrytyi-postavshchik","address":"","roles":[],"description":" Supplier Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":76,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden supplier","keywords":"","description":" Supplier Information is confidential ","og:title":"Hidden supplier","og:description":" Supplier Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg"},"eventUrl":""},"vendors":[{"id":690,"title":"Fortinet","logoURL":"https://old.roi4cio.com/uploads/roi/company/fortiner_logo.png","alias":"fortinet","address":"","roles":[],"description":"<span lang=\"en\">Fortinet is an American multinational corporation founded in 2000. The main office is located in Sunnyvale (California, USA). The company specializes in the development and promotion of software, solutions and services in the field of information security. Among the most requested solutions are next generation firewalls (NGFW), antivirus software, intrusion prevention and endpoint security systems, and a number of other products. In terms of revenue, Fortinet has consistently ranked in the top five of all network security companies. In 2020, the company's turnover exceeded $ 3 billion, and the number of customers exceeded half a million. By the beginning of 2021, the company had more than 700 patents in the field of information security, and about 200 more patents were pending. Fortinet employed about 8,300 people as of early 2021.</span>\r\n\r\n<span lang=\"en\">FortiGate's flagship enterprise firewall platform supports a wide range of next-generation security and networking features. It comes in a variety of sizes and form factors, making it easily adaptable to any environment. Fortinet's proprietary Security Fabric integrates and automates the entire infrastructure, delivering unmatched security and visibility to every network segment and device, be it a virtual machine or physical device, in the cloud or on-premises. The company also runs the NSE training and certification program and operates the Network Security Academy, which supports universities offering information security courses.</span>","companyTypes":[],"products":{},"vendoredProductsCount":9,"suppliedProductsCount":9,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":21,"b4r":0,"categories":{},"companyUrl":"www.fortinet.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Fortinet","keywords":"Fortinet, security, public, among, others, company, appliances, million","description":"<span lang=\"en\">Fortinet is an American multinational corporation founded in 2000. The main office is located in Sunnyvale (California, USA). The company specializes in the development and promotion of software, solutions and services in the field of informati","og:title":"Fortinet","og:description":"<span lang=\"en\">Fortinet is an American multinational corporation founded in 2000. The main office is located in Sunnyvale (California, USA). The company specializes in the development and promotion of software, solutions and services in the field of informati","og:image":"https://old.roi4cio.com/uploads/roi/company/fortiner_logo.png"},"eventUrl":""}],"products":[{"id":174,"logo":false,"scheme":false,"title":"Fortinet FortiGate NGFW","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"fortigate","companyTypes":[],"description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\nFortinet NGFWs reduce cost and complexity by eliminating points products and consolidating industry-leading security capabilities such as secure sockets layer (SSL) inspection including the latest TLS1.3, web filtering, intrusion prevention system (IPS) to provide fully visibility and protect any edge. Fortinet NGFWs uniquely meet the performance needs of hyperscale and hybrid IT architectures, enabling organizations to deliver optimal user experience, and manage security risks for better business continuity.\r\nFortiGate next-generation firewalls inspect traffic at hyperscale as it enters and leaves the network. These inspections happen at unparalleled speed, scale, and performance to ensure that only legitimate traffic is allowed, all without degrading user experience or creating costly downtime.\r\nAs an integral part of the Fortinet Security Fabric, FortiGate NGFWs can communicate within the comprehensive Fortinet security portfolio as well as third-party security solutions in a multivendor environment. FortiGate NGFWs seamlessly integrate with artificial intelligence (AI)-driven FortiGuard and FortiSandbox services to protect against known and zero-day threats and improve operational efficiency through integration with Fabric Management Center.","shortDescription":"FortiGate is a Top-rated security—NSS Labs “Recommended”. Comprehensive security in one, simplified solution. Flexible deployment options fit your unique requirements","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiGate NGFW","keywords":"security, network, your, FortiGate, deployments, small, platform, across","description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\n","og:title":"Fortinet FortiGate NGFW","og:description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\n"},"eventUrl":"","translationId":175,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":49,"title":"VPN - Virtual Private Network","alias":"vpn-virtual-private-network","description":"A <span style=\"font-weight: bold; \">virtual private network (VPN)</span> extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g. a laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common though not an inherent part of a VPN connection.\r\nAt its most basic level, VPN tunneling creates a point-to-point connection that cannot be accessed by unauthorized users. To actually create the VPN tunnel, the endpoint device needs to be running a VPN client (software application) locally or in the cloud. The VPN client runs in the background and is not noticeable to the end user unless there are performance issues.\r\nThe performance of a VPN can be affected by a variety of factors, among them the speed of users' internet connections, the types of protocols an internet service provider may use and the type of encryption the VPN uses. In the enterprise, performance can also be affected by poor quality of service (QoS) outside the control of an organization's information technology (IT) department.\r\nConsumers use a virtual private network software to protect their online activity and identity. By using an anonymous VPN service, a user's Internet traffic and data remain encrypted, which prevents eavesdroppers from sniffing Internet activity. Personal VPN services are especially useful when accessing public Wi-Fi hotspots because the public wireless services might not be secure. In addition to public Wi-Fi security, it also provides consumers with uncensored Internet access and can help prevent data theft and unblock websites.\r\nCompanies and organizations will typically use a VPN security to communicate confidentially over a public network and to send voice, video or data. It is also an excellent option for remote workers and organizations with global offices and partners to share data in a private manner.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Types of VPNs</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Remote access VPN</span>. Remote access VPN clients connect to a VPN gateway server on the organization's network. The gateway requires the device to authenticate its identity before granting access to internal network resources such as file servers, printers and intranets. This type of VPN usually relies on either IP Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Site-to-site VPN.</span> In contrast, a site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another location. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier MPLS clouds rather than the public internet as the transport for site-to-site VPNs. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Mobile VPN.</span> In a mobile VPN, a VPN server still sits at the edge of the company network, enabling secure tunneled access by authenticated, authorized VPN clients. Mobile VPN tunnels are not tied to physical IP addresses, however. Instead, each tunnel is bound to a logical IP address. That logical IP address sticks to the mobile device no matter where it may roam.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Hardware</span>. It offer a number of advantages over the software-based VPN. In addition to enhanced security, hardware VPNs can provide load balancing to handle large client loads. Administration is managed through a Web browser interface. A hardware VPN is more expensive than a software VPN. Because of the cost, hardware VPNs are a more realistic option for large businesses than for small businesses or branch offices. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN appliance.</span> A VPN appliance, also known as a VPN gateway appliance, is a network device equipped with enhanced security features. Also known as an SSL (Secure Sockets Layer) VPN appliance, it is in effect a router that provides protection, authorization, authentication and encryption for VPNs.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Dynamic multipoint virtual private network (DMVPN</span>). A dynamic multipoint virtual private network (DMVPN) is a secure network that exchanges data between sites without needing to pass traffic through an organization's headquarter virtual private network (VPN) server or router. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Reconnect.</span> VPN Reconnect is a feature of Windows 7 and Windows Server 2008 R2 that allows a virtual private network connection to remain open during a brief interruption of Internet service. Usually, when a computing device using a VPN connection drops its Internet connection, the end user has to manually reconnect to the VPN. VPN Reconnect keeps the VPN tunnel open for a configurable amount of time so when Internet service is restored, the VPN connection is automatically restored as well. </li></ul>\r\n<p class=\"align-left\"> </p>","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is VPN software?</span></h1>\r\n<span style=\"font-weight: normal;\"></span>VPN software is a tool that allows users to create a secure, encrypted connection over a computer network such as the Internet. The platform was developed to allow for secure access to business applications and other resources.\r\n<header><h1 class=\"align-center\"><span style=\"font-weight: normal;\">How does VPN software work?</span></h1></header>\r\n<p class=\"align-left\">So what does VPN do? Basically, a VPN is a group of computers or networks, which are connected over the Internet. For businesses, VPN services serve as avenues for getting access to networks when they are not physically on the same network. Such a service can also be used to encrypt communications over public networks.</p>\r\n<p class=\"align-left\">VPNs are usually deployed through local installation or by logging on to a service’s website. To give you an idea as to how VPN works, the software allows your computer to basically exchange keys with a remote server, through which all data traffic is encrypted and kept secure, safe from prying eyes. It lets you browse the Internet without the worry of being tracked, monitored and identified without permission. A VPN also helps in accessing blocked sites and in circumventing censorship.</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What are the features of VPN software?</span></h1>\r\n<p class=\"align-left\">There are a variety of ways by which you can determine what VPN suits you. Here are some features of software VPN solutions and buying factors that you should consider:<br /><br /></p>\r\n<ul><li><span style=\"font-weight: bold;\">Privacy</span>: You should know what kind of privacy you really need. Is it for surfing, downloading or simply accessing blocked sites? Best of VPN programs offer one or more of these capabilities.</li><li><span style=\"font-weight: bold;\">Software/features</span>: Platforms should not be limited to ease of use, they should include features such as kill switches and DNS leak prevention tools which provide a further layer of protection.</li><li><span style=\"font-weight: bold;\">Security</span>: One should consider the level of security that a service offers. This can prevent hackers and agencies from accessing your data.</li><li><span style=\"font-weight: bold;\">Cross-platform support</span>: A VPN solution should be able to run on any device. To do this, setup guides for different platforms should be provided by the vendor.</li><li><span style=\"font-weight: bold;\">The number of servers/countries</span>: For these services, the more servers VPN there are, the better the service. This allows users to connect from virtually all over the world. It will also enable them to change their locations at will.</li><li><span style=\"font-weight: bold;\">Speed</span>: It’s common knowledge that using VPN comes with reduction in Internet speed. This is due to the fact that signals need to travel long distances and the demands of the encryption and decryption processes. Choose a service that has minimal impact on Internet speed.</li><li><span style=\"font-weight: bold;\">Simultaneous connections</span>: Many services allow users to use only one device at a time. However, many VPN service providers allow customers to connect multiple devices all at the same time.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VPN_-_Virtual_Private_Network.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1606,"logo":false,"scheme":false,"title":"Fortinet FortiWeb: Web Application Firewall (WAF)","vendorVerified":0,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"alias":"fortiweb-web-application-firewall-waf","companyTypes":[],"description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advanced multi-layered and correlated approach, FortiWeb provides complete security for your external and internal web-based applications from the OWASP Top 10 and many other threats. At the heart of FortiWeb are its dual-layer AI-based detection engines that intelligently detect threats with nearly no false positive detections.\r\n<span style=\"font-weight: bold;\">Features and Benefits</span>\r\n<ul> <li>Proven Web Application Protection. FortiWeb protects against all the OWASP Top-10 threats, DDoS attacks and many others to defend your mission critical web-based applications</li> <li>AI-based Threat Detection. In addition to regular signature updates and many other layers of defenses, FortiWeb’s AI-based, dual-layer machine learning engines protect against zero-day attacks</li> <li>Security Fabric Integration. Integration with FortiGate firewalls and FortiSandbox deliver protection from advanced persistent threats</li> <li>Advanced Visual Analytics. FortiWeb’s visual reporting tools provide detailed analyses of attack sources, types and other elements that provide insights not available with other WAF solutions </li> <li>False Positive Mitigation Tools. Advanced tools that minimize the day-to-day management of policies and exception lists to ensure only unwanted traffic is blocked</li> <li>Hardware-based Acceleration. FortiWeb delivers industry-leading protected WAF throughputs and blazing fast secure traffic encryption/decryption</li> </ul>","shortDescription":"FortiWeb is a web application firewall (WAF) that protects hosted applications from attacks that target known and unknown exploits using multi-layered and correlated detection methods.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiWeb: Web Application Firewall (WAF)","keywords":"","description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advan","og:title":"Fortinet FortiWeb: Web Application Firewall (WAF)","og:description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advan"},"eventUrl":"","translationId":1607,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1745,"logo":false,"scheme":false,"title":"Fortinet FortiMail Secure Email Gateway","vendorVerified":0,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"alias":"fortinet-fortimail-secure-email-gateway","companyTypes":[],"description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. Gartner asserts that "Advanced threats (such as ransomware and business email compromise) are easily the signature-based and reputation-based prevention mechanisms that a secure email gateway (SEG) has traditionally used." FortiMail Email security utilizes the latest technologies and security services from FortiGuard Labs to deliver consistently top-rated protection from common and advanced threats while integrating robust data protection capabilities to avoid data loss.\r\n<span style=\"font-weight: bold;\">FortiMail Product Details</span>\r\nOrganizations typically select FortiMail email security to shield users, and ultimately data, from a wide range of cyber threats. These include: ever growing volumes of unwanted spam, socially-engineered phishing and business email compromise, accelerating variants of ransomware and other malware, increasingly targeted attacks from adversaries of all kinds, and more. At the same time, FortiMail can be used to protect sensitive data of all types, reducing the risk of inadvertent loss and/or non-compliance with regulations like HIPAA, PCI, GDPR, and more.\r\n<span style=\"font-weight: bold;\">Features and Benefits</span>\r\n<ul> <li>Top-rated Antispam and Antiphishing: Maintain productivity by shielding end users from unwanted spam and malicious phishing attacks</li> <li>Independently certified advanced threat defense: Thwart cyber criminals intent on stealing data, holding systems for ransomware, conducting fraud, and other malicious purposes</li> <li>Integrated data protection: Maintain the privacy of personal information and confidentiality of sensitive data in compliance with regulatory and corporate guidelines</li> <li>Enterprise-class management: Free staff and end users to drive the business by reducing the time spent on email administration </li> <li>High-performance mail handling: Speed the delivery of legitimate email at an affordable cost</li> </ul>","shortDescription":"FortiMail: Secure Email Gateway\r\nStop advanced email threats and prevent data loss","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":14,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiMail Secure Email Gateway","keywords":"","description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. ","og:title":"Fortinet FortiMail Secure Email Gateway","og:description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. "},"eventUrl":"","translationId":1746,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":2150,"logo":false,"scheme":false,"title":"Fortinet FortiSandbox","vendorVerified":0,"rating":"2.00","implementationsCount":1,"suppliersCount":0,"alias":"fortinet-fortisandbox","companyTypes":[],"description":"With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown threats.\r\nWhile attack surfaces are becoming more dynamic due to the rise of IoT and cloud-based services, a continuing shortage of cyber security talent is driving organizations to integrate sandboxing with greater controls and a high degree of automation.\r\nToday’s threats are increasingly sophisticated and often bypass traditional malware security by masking their malicious activity. A sandbox augments your security architecture by validating threats in a separate, secure environment. FortiSandbox offers a powerful combination of advanced detection, automated mitigation, actionable insight, and flexible deployment to stop targeted attacks and subsequent data loss. It's also a key component of our Advanced Threat Protection solution.\r\n<span style=\"font-weight: bold;\">Features and Benefits:</span>\r\n<span style=\"font-weight: bold;\">Independently top-rated.</span> NSS Labs "Recommended" for breach detection and breach prevention, and ICSA labs certified for advanced threat defense.\r\n<span style=\"font-weight: bold;\">Broad integration.</span> Extends advanced threat protection to your next-generation firewall, web application firewall, secure email gateway, and endpoint protection platform.\r\n<span style=\"font-weight: bold;\">Intelligent automation.</span> Speeds mitigation by sharing real-time updates to disrupt threats at the origin and subsequent immunization across the entire organization and the global community.\r\n<span style=\"font-weight: bold;\">All-in-one.</span> Simplifies deployment and reduces complexity by covering all protocols in a single common sandbox platform.\r\n<span style=\"font-weight: bold;\">Flexible deployment.</span> Available as a physical or virtual appliance on premises, as well as a cloud-based or managed service.\r\n<span style=\"font-weight: bold;\">Open extensibility.</span> Flexible APIs for easy third-party integration and available day-zero integration with Fabric-Ready partners.","shortDescription":"FortiSandbox delivers real-time actionable intelligence through the automation of zero-day, advanced malware detection and mitigation.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":14,"sellingCount":4,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiSandbox","keywords":"","description":"With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown","og:title":"Fortinet FortiSandbox","og:description":"With the increasing volume and sophistication of cyber-attacks, it takes only one threat to slip through security for a data breach to occur. CISOs have adopted sandboxing as an essential component of their security strategies to help combat previously unknown"},"eventUrl":"","translationId":2151,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":826,"title":"Sandbox","alias":"sandbox","description":" In computer security, a "sandbox" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.\r\nIn the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code, without allowing the software to harm the host device.","materialsDescription":" <span style=\"font-weight: bold;\">What is the sandbox?</span>\r\nThe sandbox is like a ''virtual machine'', which runs on the device. It is a section of the device, for which a user account has been set in the system. In this section, programs can be started, data can be collected and services can be provided, which are not available within the system of the router. Inside the sandbox, the environment is like it is inside a Linux PC. The sandbox is an area separate from the router part of the system, which ensures that the router can fulfill its task without interference from the sandbox.\r\n<span style=\"font-weight: bold;\">What is the use of the sandbox?</span>\r\nBesides its actual tasks, the device can fulfill additional tasks via sandbox. Without the sandbox, these tasks would have to be carried out by an additional industrial computer.\r\nNot having to install and run the computer saves space inside the switching cabinet, money, as additional hardware is not required, and energy, which also reduces industrial waste heat. The device establishes the connection into the internet or to the control center. The programs in the sandbox use this connection. The configuration of the connection to the internet or to the control center can be set comfortably via the web interface.\r\n<span style=\"font-weight: bold;\">Which things can you NOT do with the sandbox?</span>\r\nAll the things that do require root permissions on the device.\r\nIt is not possible to execute commands or programs, which require root rights. Examples for such commands or programs are the raw connections (like ICMP - "ping"). This ensures that the device doesn't interfere with its tasks.\r\n<span style=\"font-weight: bold;\">Which hardware interfaces are available in the sandbox?</span>\r\nSerial interface, Ethernet of the LAN connection (4-port-switch), WAN connection depending on the make of the device (LAN, GPRS, EDGE, UMTS, PSTN and ISDN).\r\nVia the web interface, you can assign the serial interface to be used by applications in the sandbox. If assigned to the sandbox, the serial interface is not available for the device. In this case, neither serial-Ethernet-gateway nor the connection of a further, redundant communication device will be possible. The LAN, as well as the WAN connection, can be used in the way they are configured for the device. Network settings can be configured via the web interface and not via the sandbox. Depending on the configuration and the type of the device also the sandbox can communicate in various ways via LAN, GPRS, EDGE, UMTS, PSTN or ISDN.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon-sandbox.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":344,"title":"Malware infection via Internet, email, storage devices"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":387,"title":"Non-compliant with IT security requirements"}]}},"categories":[{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":49,"title":"VPN - Virtual Private Network","alias":"vpn-virtual-private-network","description":"A <span style=\"font-weight: bold; \">virtual private network (VPN)</span> extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g. a laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common though not an inherent part of a VPN connection.\r\nAt its most basic level, VPN tunneling creates a point-to-point connection that cannot be accessed by unauthorized users. To actually create the VPN tunnel, the endpoint device needs to be running a VPN client (software application) locally or in the cloud. The VPN client runs in the background and is not noticeable to the end user unless there are performance issues.\r\nThe performance of a VPN can be affected by a variety of factors, among them the speed of users' internet connections, the types of protocols an internet service provider may use and the type of encryption the VPN uses. In the enterprise, performance can also be affected by poor quality of service (QoS) outside the control of an organization's information technology (IT) department.\r\nConsumers use a virtual private network software to protect their online activity and identity. By using an anonymous VPN service, a user's Internet traffic and data remain encrypted, which prevents eavesdroppers from sniffing Internet activity. Personal VPN services are especially useful when accessing public Wi-Fi hotspots because the public wireless services might not be secure. In addition to public Wi-Fi security, it also provides consumers with uncensored Internet access and can help prevent data theft and unblock websites.\r\nCompanies and organizations will typically use a VPN security to communicate confidentially over a public network and to send voice, video or data. It is also an excellent option for remote workers and organizations with global offices and partners to share data in a private manner.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Types of VPNs</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Remote access VPN</span>. Remote access VPN clients connect to a VPN gateway server on the organization's network. The gateway requires the device to authenticate its identity before granting access to internal network resources such as file servers, printers and intranets. This type of VPN usually relies on either IP Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Site-to-site VPN.</span> In contrast, a site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another location. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier MPLS clouds rather than the public internet as the transport for site-to-site VPNs. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Mobile VPN.</span> In a mobile VPN, a VPN server still sits at the edge of the company network, enabling secure tunneled access by authenticated, authorized VPN clients. Mobile VPN tunnels are not tied to physical IP addresses, however. Instead, each tunnel is bound to a logical IP address. That logical IP address sticks to the mobile device no matter where it may roam.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Hardware</span>. It offer a number of advantages over the software-based VPN. In addition to enhanced security, hardware VPNs can provide load balancing to handle large client loads. Administration is managed through a Web browser interface. A hardware VPN is more expensive than a software VPN. Because of the cost, hardware VPNs are a more realistic option for large businesses than for small businesses or branch offices. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN appliance.</span> A VPN appliance, also known as a VPN gateway appliance, is a network device equipped with enhanced security features. Also known as an SSL (Secure Sockets Layer) VPN appliance, it is in effect a router that provides protection, authorization, authentication and encryption for VPNs.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Dynamic multipoint virtual private network (DMVPN</span>). A dynamic multipoint virtual private network (DMVPN) is a secure network that exchanges data between sites without needing to pass traffic through an organization's headquarter virtual private network (VPN) server or router. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Reconnect.</span> VPN Reconnect is a feature of Windows 7 and Windows Server 2008 R2 that allows a virtual private network connection to remain open during a brief interruption of Internet service. Usually, when a computing device using a VPN connection drops its Internet connection, the end user has to manually reconnect to the VPN. VPN Reconnect keeps the VPN tunnel open for a configurable amount of time so when Internet service is restored, the VPN connection is automatically restored as well. </li></ul>\r\n<p class=\"align-left\"> </p>","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is VPN software?</span></h1>\r\n<span style=\"font-weight: normal;\"></span>VPN software is a tool that allows users to create a secure, encrypted connection over a computer network such as the Internet. The platform was developed to allow for secure access to business applications and other resources.\r\n<header><h1 class=\"align-center\"><span style=\"font-weight: normal;\">How does VPN software work?</span></h1></header>\r\n<p class=\"align-left\">So what does VPN do? Basically, a VPN is a group of computers or networks, which are connected over the Internet. For businesses, VPN services serve as avenues for getting access to networks when they are not physically on the same network. Such a service can also be used to encrypt communications over public networks.</p>\r\n<p class=\"align-left\">VPNs are usually deployed through local installation or by logging on to a service’s website. To give you an idea as to how VPN works, the software allows your computer to basically exchange keys with a remote server, through which all data traffic is encrypted and kept secure, safe from prying eyes. It lets you browse the Internet without the worry of being tracked, monitored and identified without permission. A VPN also helps in accessing blocked sites and in circumventing censorship.</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What are the features of VPN software?</span></h1>\r\n<p class=\"align-left\">There are a variety of ways by which you can determine what VPN suits you. Here are some features of software VPN solutions and buying factors that you should consider:<br /><br /></p>\r\n<ul><li><span style=\"font-weight: bold;\">Privacy</span>: You should know what kind of privacy you really need. Is it for surfing, downloading or simply accessing blocked sites? Best of VPN programs offer one or more of these capabilities.</li><li><span style=\"font-weight: bold;\">Software/features</span>: Platforms should not be limited to ease of use, they should include features such as kill switches and DNS leak prevention tools which provide a further layer of protection.</li><li><span style=\"font-weight: bold;\">Security</span>: One should consider the level of security that a service offers. This can prevent hackers and agencies from accessing your data.</li><li><span style=\"font-weight: bold;\">Cross-platform support</span>: A VPN solution should be able to run on any device. To do this, setup guides for different platforms should be provided by the vendor.</li><li><span style=\"font-weight: bold;\">The number of servers/countries</span>: For these services, the more servers VPN there are, the better the service. This allows users to connect from virtually all over the world. It will also enable them to change their locations at will.</li><li><span style=\"font-weight: bold;\">Speed</span>: It’s common knowledge that using VPN comes with reduction in Internet speed. This is due to the fact that signals need to travel long distances and the demands of the encryption and decryption processes. Choose a service that has minimal impact on Internet speed.</li><li><span style=\"font-weight: bold;\">Simultaneous connections</span>: Many services allow users to use only one device at a time. However, many VPN service providers allow customers to connect multiple devices all at the same time.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VPN_-_Virtual_Private_Network.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"},{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"},{"id":826,"title":"Sandbox","alias":"sandbox","description":" In computer security, a "sandbox" is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as scratch space on disk and memory. Network access, the ability to inspect the host system or read from input devices are usually disallowed or heavily restricted.\r\nIn the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code, without allowing the software to harm the host device.","materialsDescription":" <span style=\"font-weight: bold;\">What is the sandbox?</span>\r\nThe sandbox is like a ''virtual machine'', which runs on the device. It is a section of the device, for which a user account has been set in the system. In this section, programs can be started, data can be collected and services can be provided, which are not available within the system of the router. Inside the sandbox, the environment is like it is inside a Linux PC. The sandbox is an area separate from the router part of the system, which ensures that the router can fulfill its task without interference from the sandbox.\r\n<span style=\"font-weight: bold;\">What is the use of the sandbox?</span>\r\nBesides its actual tasks, the device can fulfill additional tasks via sandbox. Without the sandbox, these tasks would have to be carried out by an additional industrial computer.\r\nNot having to install and run the computer saves space inside the switching cabinet, money, as additional hardware is not required, and energy, which also reduces industrial waste heat. The device establishes the connection into the internet or to the control center. The programs in the sandbox use this connection. The configuration of the connection to the internet or to the control center can be set comfortably via the web interface.\r\n<span style=\"font-weight: bold;\">Which things can you NOT do with the sandbox?</span>\r\nAll the things that do require root permissions on the device.\r\nIt is not possible to execute commands or programs, which require root rights. Examples for such commands or programs are the raw connections (like ICMP - "ping"). This ensures that the device doesn't interfere with its tasks.\r\n<span style=\"font-weight: bold;\">Which hardware interfaces are available in the sandbox?</span>\r\nSerial interface, Ethernet of the LAN connection (4-port-switch), WAN connection depending on the make of the device (LAN, GPRS, EDGE, UMTS, PSTN and ISDN).\r\nVia the web interface, you can assign the serial interface to be used by applications in the sandbox. If assigned to the sandbox, the serial interface is not available for the device. In this case, neither serial-Ethernet-gateway nor the connection of a further, redundant communication device will be possible. The LAN, as well as the WAN connection, can be used in the way they are configured for the device. Network settings can be configured via the web interface and not via the sandbox. Depending on the configuration and the type of the device also the sandbox can communicate in various ways via LAN, GPRS, EDGE, UMTS, PSTN or ISDN.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon-sandbox.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.fortinet.com/content/dam/fortinet/assets/case-studies/cs-gemu-eng.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":686,"title":"Fortinet for manufacturer and provider of medical technology solutions","description":"The motivation for the full-scale replacement of the IT security infrastructure was the re-design of the company-wide network. As the base security platform, Schiller deployed a FortiGate 800C cluster. The ASIC-accelerated firewalls equiped with 10 Gbps ports provide all necessary defense and security mechanisms. Thanks to the 24/7 hour subscription to FortiGuard service, the firewalls are continually supplied with the latest signatures and are able to detect and protect against even the most recent attacks.\r\nSchiller has also implemented maximum security levels for their email systems via the integration of the Secure Messaging Appliance FortiMail from Fortinet. FortiMail ensures comprehensive virus and spyware protection and also includes the latest spam detection and filtering techniques.\r\nA constantly updated IP reputation database automatically ensures that connection requests from sender IP addresses with a poor reputation are completely rejected. As there is no one hundred percent guarantee that only bad emails are blocked (false negative) and that only good messages are delivered (false positive), FortiMail provides a quarantine feature: All rejected messages are safely stored separately, yet are available to be retrieved by the authorized user. \r\nSchiller installed the FortiWeb 400C to avoid compromising either security or services accessible via the Internet. The platform—integrated as a “reverse proxy”—includes all the security features required for the comprehensive protection of web applications. Furthermore it is designed to fend off white attack methods such as SQL injection, cross site scripting, buffer overflow, and brute force login. The FortiWeb appliance, configured using URL-based policies, ensures that web applications can no longer be crippled, that only authorized persons have access to sensitive information in databases, and that websites cannot be compromised.\r\nSchiller AG has deployed Fortinet’s seamless suite of security solutions to protect itself from every possible angle of attack.","alias":"fortinet-for-manufacturer-and-provider-of-medical-technology-solutions","roi":0,"seo":{"title":"Fortinet for manufacturer and provider of medical technology solutions","keywords":"","description":"The motivation for the full-scale replacement of the IT security infrastructure was the re-design of the company-wide network. As the base security platform, Schiller deployed a FortiGate 800C cluster. The ASIC-accelerated firewalls equiped with 10 Gbps ports ","og:title":"Fortinet for manufacturer and provider of medical technology solutions","og:description":"The motivation for the full-scale replacement of the IT security infrastructure was the re-design of the company-wide network. As the base security platform, Schiller deployed a FortiGate 800C cluster. The ASIC-accelerated firewalls equiped with 10 Gbps ports "},"deal_info":"","user":{"id":5075,"title":"Schiller AG","logoURL":"https://old.roi4cio.com/uploads/roi/company/Schiller_AG.png","alias":"schiller-ag","address":"","roles":[],"description":"SCHILLER was founded in 1974 by Alfred E. Schiller. Starting in a four-room flat as a one-man business, the company has become a successful group with around 1000 employees, 30 subsidiaries and a global sales network. Today, SCHILLER is a world-leading manufacturer and supplier of devices for cardiopulmonary diagnostics, defibrillation and patient monitoring as well as software solutions for the medical industry.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Schiller AG","keywords":"","description":"SCHILLER was founded in 1974 by Alfred E. Schiller. Starting in a four-room flat as a one-man business, the company has become a successful group with around 1000 employees, 30 subsidiaries and a global sales network. Today, SCHILLER is a world-leading manufac","og:title":"Schiller AG","og:description":"SCHILLER was founded in 1974 by Alfred E. Schiller. Starting in a four-room flat as a one-man business, the company has become a successful group with around 1000 employees, 30 subsidiaries and a global sales network. Today, SCHILLER is a world-leading manufac","og:image":"https://old.roi4cio.com/uploads/roi/company/Schiller_AG.png"},"eventUrl":""},"supplier":{"id":8760,"title":"Hidden supplier","logoURL":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg","alias":"skrytyi-postavshchik","address":"","roles":[],"description":" Supplier Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":76,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden supplier","keywords":"","description":" Supplier Information is confidential ","og:title":"Hidden supplier","og:description":" Supplier Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg"},"eventUrl":""},"vendors":[{"id":690,"title":"Fortinet","logoURL":"https://old.roi4cio.com/uploads/roi/company/fortiner_logo.png","alias":"fortinet","address":"","roles":[],"description":"<span lang=\"en\">Fortinet is an American multinational corporation founded in 2000. The main office is located in Sunnyvale (California, USA). The company specializes in the development and promotion of software, solutions and services in the field of information security. Among the most requested solutions are next generation firewalls (NGFW), antivirus software, intrusion prevention and endpoint security systems, and a number of other products. In terms of revenue, Fortinet has consistently ranked in the top five of all network security companies. In 2020, the company's turnover exceeded $ 3 billion, and the number of customers exceeded half a million. By the beginning of 2021, the company had more than 700 patents in the field of information security, and about 200 more patents were pending. Fortinet employed about 8,300 people as of early 2021.</span>\r\n\r\n<span lang=\"en\">FortiGate's flagship enterprise firewall platform supports a wide range of next-generation security and networking features. It comes in a variety of sizes and form factors, making it easily adaptable to any environment. Fortinet's proprietary Security Fabric integrates and automates the entire infrastructure, delivering unmatched security and visibility to every network segment and device, be it a virtual machine or physical device, in the cloud or on-premises. The company also runs the NSE training and certification program and operates the Network Security Academy, which supports universities offering information security courses.</span>","companyTypes":[],"products":{},"vendoredProductsCount":9,"suppliedProductsCount":9,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":21,"b4r":0,"categories":{},"companyUrl":"www.fortinet.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Fortinet","keywords":"Fortinet, security, public, among, others, company, appliances, million","description":"<span lang=\"en\">Fortinet is an American multinational corporation founded in 2000. The main office is located in Sunnyvale (California, USA). The company specializes in the development and promotion of software, solutions and services in the field of informati","og:title":"Fortinet","og:description":"<span lang=\"en\">Fortinet is an American multinational corporation founded in 2000. The main office is located in Sunnyvale (California, USA). The company specializes in the development and promotion of software, solutions and services in the field of informati","og:image":"https://old.roi4cio.com/uploads/roi/company/fortiner_logo.png"},"eventUrl":""}],"products":[{"id":174,"logo":false,"scheme":false,"title":"Fortinet FortiGate NGFW","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"fortigate","companyTypes":[],"description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\nFortinet NGFWs reduce cost and complexity by eliminating points products and consolidating industry-leading security capabilities such as secure sockets layer (SSL) inspection including the latest TLS1.3, web filtering, intrusion prevention system (IPS) to provide fully visibility and protect any edge. Fortinet NGFWs uniquely meet the performance needs of hyperscale and hybrid IT architectures, enabling organizations to deliver optimal user experience, and manage security risks for better business continuity.\r\nFortiGate next-generation firewalls inspect traffic at hyperscale as it enters and leaves the network. These inspections happen at unparalleled speed, scale, and performance to ensure that only legitimate traffic is allowed, all without degrading user experience or creating costly downtime.\r\nAs an integral part of the Fortinet Security Fabric, FortiGate NGFWs can communicate within the comprehensive Fortinet security portfolio as well as third-party security solutions in a multivendor environment. FortiGate NGFWs seamlessly integrate with artificial intelligence (AI)-driven FortiGuard and FortiSandbox services to protect against known and zero-day threats and improve operational efficiency through integration with Fabric Management Center.","shortDescription":"FortiGate is a Top-rated security—NSS Labs “Recommended”. Comprehensive security in one, simplified solution. Flexible deployment options fit your unique requirements","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiGate NGFW","keywords":"security, network, your, FortiGate, deployments, small, platform, across","description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\n","og:title":"Fortinet FortiGate NGFW","og:description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\n"},"eventUrl":"","translationId":175,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":49,"title":"VPN - Virtual Private Network","alias":"vpn-virtual-private-network","description":"A <span style=\"font-weight: bold; \">virtual private network (VPN)</span> extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g. a laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common though not an inherent part of a VPN connection.\r\nAt its most basic level, VPN tunneling creates a point-to-point connection that cannot be accessed by unauthorized users. To actually create the VPN tunnel, the endpoint device needs to be running a VPN client (software application) locally or in the cloud. The VPN client runs in the background and is not noticeable to the end user unless there are performance issues.\r\nThe performance of a VPN can be affected by a variety of factors, among them the speed of users' internet connections, the types of protocols an internet service provider may use and the type of encryption the VPN uses. In the enterprise, performance can also be affected by poor quality of service (QoS) outside the control of an organization's information technology (IT) department.\r\nConsumers use a virtual private network software to protect their online activity and identity. By using an anonymous VPN service, a user's Internet traffic and data remain encrypted, which prevents eavesdroppers from sniffing Internet activity. Personal VPN services are especially useful when accessing public Wi-Fi hotspots because the public wireless services might not be secure. In addition to public Wi-Fi security, it also provides consumers with uncensored Internet access and can help prevent data theft and unblock websites.\r\nCompanies and organizations will typically use a VPN security to communicate confidentially over a public network and to send voice, video or data. It is also an excellent option for remote workers and organizations with global offices and partners to share data in a private manner.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Types of VPNs</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Remote access VPN</span>. Remote access VPN clients connect to a VPN gateway server on the organization's network. The gateway requires the device to authenticate its identity before granting access to internal network resources such as file servers, printers and intranets. This type of VPN usually relies on either IP Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Site-to-site VPN.</span> In contrast, a site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another location. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier MPLS clouds rather than the public internet as the transport for site-to-site VPNs. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Mobile VPN.</span> In a mobile VPN, a VPN server still sits at the edge of the company network, enabling secure tunneled access by authenticated, authorized VPN clients. Mobile VPN tunnels are not tied to physical IP addresses, however. Instead, each tunnel is bound to a logical IP address. That logical IP address sticks to the mobile device no matter where it may roam.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Hardware</span>. It offer a number of advantages over the software-based VPN. In addition to enhanced security, hardware VPNs can provide load balancing to handle large client loads. Administration is managed through a Web browser interface. A hardware VPN is more expensive than a software VPN. Because of the cost, hardware VPNs are a more realistic option for large businesses than for small businesses or branch offices. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN appliance.</span> A VPN appliance, also known as a VPN gateway appliance, is a network device equipped with enhanced security features. Also known as an SSL (Secure Sockets Layer) VPN appliance, it is in effect a router that provides protection, authorization, authentication and encryption for VPNs.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Dynamic multipoint virtual private network (DMVPN</span>). A dynamic multipoint virtual private network (DMVPN) is a secure network that exchanges data between sites without needing to pass traffic through an organization's headquarter virtual private network (VPN) server or router. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Reconnect.</span> VPN Reconnect is a feature of Windows 7 and Windows Server 2008 R2 that allows a virtual private network connection to remain open during a brief interruption of Internet service. Usually, when a computing device using a VPN connection drops its Internet connection, the end user has to manually reconnect to the VPN. VPN Reconnect keeps the VPN tunnel open for a configurable amount of time so when Internet service is restored, the VPN connection is automatically restored as well. </li></ul>\r\n<p class=\"align-left\"> </p>","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is VPN software?</span></h1>\r\n<span style=\"font-weight: normal;\"></span>VPN software is a tool that allows users to create a secure, encrypted connection over a computer network such as the Internet. The platform was developed to allow for secure access to business applications and other resources.\r\n<header><h1 class=\"align-center\"><span style=\"font-weight: normal;\">How does VPN software work?</span></h1></header>\r\n<p class=\"align-left\">So what does VPN do? Basically, a VPN is a group of computers or networks, which are connected over the Internet. For businesses, VPN services serve as avenues for getting access to networks when they are not physically on the same network. Such a service can also be used to encrypt communications over public networks.</p>\r\n<p class=\"align-left\">VPNs are usually deployed through local installation or by logging on to a service’s website. To give you an idea as to how VPN works, the software allows your computer to basically exchange keys with a remote server, through which all data traffic is encrypted and kept secure, safe from prying eyes. It lets you browse the Internet without the worry of being tracked, monitored and identified without permission. A VPN also helps in accessing blocked sites and in circumventing censorship.</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What are the features of VPN software?</span></h1>\r\n<p class=\"align-left\">There are a variety of ways by which you can determine what VPN suits you. Here are some features of software VPN solutions and buying factors that you should consider:<br /><br /></p>\r\n<ul><li><span style=\"font-weight: bold;\">Privacy</span>: You should know what kind of privacy you really need. Is it for surfing, downloading or simply accessing blocked sites? Best of VPN programs offer one or more of these capabilities.</li><li><span style=\"font-weight: bold;\">Software/features</span>: Platforms should not be limited to ease of use, they should include features such as kill switches and DNS leak prevention tools which provide a further layer of protection.</li><li><span style=\"font-weight: bold;\">Security</span>: One should consider the level of security that a service offers. This can prevent hackers and agencies from accessing your data.</li><li><span style=\"font-weight: bold;\">Cross-platform support</span>: A VPN solution should be able to run on any device. To do this, setup guides for different platforms should be provided by the vendor.</li><li><span style=\"font-weight: bold;\">The number of servers/countries</span>: For these services, the more servers VPN there are, the better the service. This allows users to connect from virtually all over the world. It will also enable them to change their locations at will.</li><li><span style=\"font-weight: bold;\">Speed</span>: It’s common knowledge that using VPN comes with reduction in Internet speed. This is due to the fact that signals need to travel long distances and the demands of the encryption and decryption processes. Choose a service that has minimal impact on Internet speed.</li><li><span style=\"font-weight: bold;\">Simultaneous connections</span>: Many services allow users to use only one device at a time. However, many VPN service providers allow customers to connect multiple devices all at the same time.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VPN_-_Virtual_Private_Network.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1606,"logo":false,"scheme":false,"title":"Fortinet FortiWeb: Web Application Firewall (WAF)","vendorVerified":0,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"alias":"fortiweb-web-application-firewall-waf","companyTypes":[],"description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advanced multi-layered and correlated approach, FortiWeb provides complete security for your external and internal web-based applications from the OWASP Top 10 and many other threats. At the heart of FortiWeb are its dual-layer AI-based detection engines that intelligently detect threats with nearly no false positive detections.\r\n<span style=\"font-weight: bold;\">Features and Benefits</span>\r\n<ul> <li>Proven Web Application Protection. FortiWeb protects against all the OWASP Top-10 threats, DDoS attacks and many others to defend your mission critical web-based applications</li> <li>AI-based Threat Detection. In addition to regular signature updates and many other layers of defenses, FortiWeb’s AI-based, dual-layer machine learning engines protect against zero-day attacks</li> <li>Security Fabric Integration. Integration with FortiGate firewalls and FortiSandbox deliver protection from advanced persistent threats</li> <li>Advanced Visual Analytics. FortiWeb’s visual reporting tools provide detailed analyses of attack sources, types and other elements that provide insights not available with other WAF solutions </li> <li>False Positive Mitigation Tools. Advanced tools that minimize the day-to-day management of policies and exception lists to ensure only unwanted traffic is blocked</li> <li>Hardware-based Acceleration. FortiWeb delivers industry-leading protected WAF throughputs and blazing fast secure traffic encryption/decryption</li> </ul>","shortDescription":"FortiWeb is a web application firewall (WAF) that protects hosted applications from attacks that target known and unknown exploits using multi-layered and correlated detection methods.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiWeb: Web Application Firewall (WAF)","keywords":"","description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advan","og:title":"Fortinet FortiWeb: Web Application Firewall (WAF)","og:description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advan"},"eventUrl":"","translationId":1607,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1745,"logo":false,"scheme":false,"title":"Fortinet FortiMail Secure Email Gateway","vendorVerified":0,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"alias":"fortinet-fortimail-secure-email-gateway","companyTypes":[],"description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. Gartner asserts that "Advanced threats (such as ransomware and business email compromise) are easily the signature-based and reputation-based prevention mechanisms that a secure email gateway (SEG) has traditionally used." FortiMail Email security utilizes the latest technologies and security services from FortiGuard Labs to deliver consistently top-rated protection from common and advanced threats while integrating robust data protection capabilities to avoid data loss.\r\n<span style=\"font-weight: bold;\">FortiMail Product Details</span>\r\nOrganizations typically select FortiMail email security to shield users, and ultimately data, from a wide range of cyber threats. These include: ever growing volumes of unwanted spam, socially-engineered phishing and business email compromise, accelerating variants of ransomware and other malware, increasingly targeted attacks from adversaries of all kinds, and more. At the same time, FortiMail can be used to protect sensitive data of all types, reducing the risk of inadvertent loss and/or non-compliance with regulations like HIPAA, PCI, GDPR, and more.\r\n<span style=\"font-weight: bold;\">Features and Benefits</span>\r\n<ul> <li>Top-rated Antispam and Antiphishing: Maintain productivity by shielding end users from unwanted spam and malicious phishing attacks</li> <li>Independently certified advanced threat defense: Thwart cyber criminals intent on stealing data, holding systems for ransomware, conducting fraud, and other malicious purposes</li> <li>Integrated data protection: Maintain the privacy of personal information and confidentiality of sensitive data in compliance with regulatory and corporate guidelines</li> <li>Enterprise-class management: Free staff and end users to drive the business by reducing the time spent on email administration </li> <li>High-performance mail handling: Speed the delivery of legitimate email at an affordable cost</li> </ul>","shortDescription":"FortiMail: Secure Email Gateway\r\nStop advanced email threats and prevent data loss","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":14,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiMail Secure Email Gateway","keywords":"","description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. ","og:title":"Fortinet FortiMail Secure Email Gateway","og:description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. "},"eventUrl":"","translationId":1746,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":387,"title":"Non-compliant with IT security requirements"}]}},"categories":[{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":49,"title":"VPN - Virtual Private Network","alias":"vpn-virtual-private-network","description":"A <span style=\"font-weight: bold; \">virtual private network (VPN)</span> extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g. a laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common though not an inherent part of a VPN connection.\r\nAt its most basic level, VPN tunneling creates a point-to-point connection that cannot be accessed by unauthorized users. To actually create the VPN tunnel, the endpoint device needs to be running a VPN client (software application) locally or in the cloud. The VPN client runs in the background and is not noticeable to the end user unless there are performance issues.\r\nThe performance of a VPN can be affected by a variety of factors, among them the speed of users' internet connections, the types of protocols an internet service provider may use and the type of encryption the VPN uses. In the enterprise, performance can also be affected by poor quality of service (QoS) outside the control of an organization's information technology (IT) department.\r\nConsumers use a virtual private network software to protect their online activity and identity. By using an anonymous VPN service, a user's Internet traffic and data remain encrypted, which prevents eavesdroppers from sniffing Internet activity. Personal VPN services are especially useful when accessing public Wi-Fi hotspots because the public wireless services might not be secure. In addition to public Wi-Fi security, it also provides consumers with uncensored Internet access and can help prevent data theft and unblock websites.\r\nCompanies and organizations will typically use a VPN security to communicate confidentially over a public network and to send voice, video or data. It is also an excellent option for remote workers and organizations with global offices and partners to share data in a private manner.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Types of VPNs</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Remote access VPN</span>. Remote access VPN clients connect to a VPN gateway server on the organization's network. The gateway requires the device to authenticate its identity before granting access to internal network resources such as file servers, printers and intranets. This type of VPN usually relies on either IP Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Site-to-site VPN.</span> In contrast, a site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another location. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier MPLS clouds rather than the public internet as the transport for site-to-site VPNs. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Mobile VPN.</span> In a mobile VPN, a VPN server still sits at the edge of the company network, enabling secure tunneled access by authenticated, authorized VPN clients. Mobile VPN tunnels are not tied to physical IP addresses, however. Instead, each tunnel is bound to a logical IP address. That logical IP address sticks to the mobile device no matter where it may roam.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Hardware</span>. It offer a number of advantages over the software-based VPN. In addition to enhanced security, hardware VPNs can provide load balancing to handle large client loads. Administration is managed through a Web browser interface. A hardware VPN is more expensive than a software VPN. Because of the cost, hardware VPNs are a more realistic option for large businesses than for small businesses or branch offices. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN appliance.</span> A VPN appliance, also known as a VPN gateway appliance, is a network device equipped with enhanced security features. Also known as an SSL (Secure Sockets Layer) VPN appliance, it is in effect a router that provides protection, authorization, authentication and encryption for VPNs.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Dynamic multipoint virtual private network (DMVPN</span>). A dynamic multipoint virtual private network (DMVPN) is a secure network that exchanges data between sites without needing to pass traffic through an organization's headquarter virtual private network (VPN) server or router. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Reconnect.</span> VPN Reconnect is a feature of Windows 7 and Windows Server 2008 R2 that allows a virtual private network connection to remain open during a brief interruption of Internet service. Usually, when a computing device using a VPN connection drops its Internet connection, the end user has to manually reconnect to the VPN. VPN Reconnect keeps the VPN tunnel open for a configurable amount of time so when Internet service is restored, the VPN connection is automatically restored as well. </li></ul>\r\n<p class=\"align-left\"> </p>","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is VPN software?</span></h1>\r\n<span style=\"font-weight: normal;\"></span>VPN software is a tool that allows users to create a secure, encrypted connection over a computer network such as the Internet. The platform was developed to allow for secure access to business applications and other resources.\r\n<header><h1 class=\"align-center\"><span style=\"font-weight: normal;\">How does VPN software work?</span></h1></header>\r\n<p class=\"align-left\">So what does VPN do? Basically, a VPN is a group of computers or networks, which are connected over the Internet. For businesses, VPN services serve as avenues for getting access to networks when they are not physically on the same network. Such a service can also be used to encrypt communications over public networks.</p>\r\n<p class=\"align-left\">VPNs are usually deployed through local installation or by logging on to a service’s website. To give you an idea as to how VPN works, the software allows your computer to basically exchange keys with a remote server, through which all data traffic is encrypted and kept secure, safe from prying eyes. It lets you browse the Internet without the worry of being tracked, monitored and identified without permission. A VPN also helps in accessing blocked sites and in circumventing censorship.</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What are the features of VPN software?</span></h1>\r\n<p class=\"align-left\">There are a variety of ways by which you can determine what VPN suits you. Here are some features of software VPN solutions and buying factors that you should consider:<br /><br /></p>\r\n<ul><li><span style=\"font-weight: bold;\">Privacy</span>: You should know what kind of privacy you really need. Is it for surfing, downloading or simply accessing blocked sites? Best of VPN programs offer one or more of these capabilities.</li><li><span style=\"font-weight: bold;\">Software/features</span>: Platforms should not be limited to ease of use, they should include features such as kill switches and DNS leak prevention tools which provide a further layer of protection.</li><li><span style=\"font-weight: bold;\">Security</span>: One should consider the level of security that a service offers. This can prevent hackers and agencies from accessing your data.</li><li><span style=\"font-weight: bold;\">Cross-platform support</span>: A VPN solution should be able to run on any device. To do this, setup guides for different platforms should be provided by the vendor.</li><li><span style=\"font-weight: bold;\">The number of servers/countries</span>: For these services, the more servers VPN there are, the better the service. This allows users to connect from virtually all over the world. It will also enable them to change their locations at will.</li><li><span style=\"font-weight: bold;\">Speed</span>: It’s common knowledge that using VPN comes with reduction in Internet speed. This is due to the fact that signals need to travel long distances and the demands of the encryption and decryption processes. Choose a service that has minimal impact on Internet speed.</li><li><span style=\"font-weight: bold;\">Simultaneous connections</span>: Many services allow users to use only one device at a time. However, many VPN service providers allow customers to connect multiple devices all at the same time.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VPN_-_Virtual_Private_Network.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"},{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.fortinet.com/content/dam/fortinet/assets/case-studies/CS-Schiller-AG.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":680,"title":"Fortinet for manufacturer of office furniture and related equipment","description":"Steelcase had been a long-time Fortinet customer for its internal systems. The company has deployed Fortinet FortiGate next-generation firewalls to secure its perimeter and for end-to-end protection.\r\nFortiAuthenticator provides Steelcase with centralized user identity management and simplified administration for authentication. FortiAnalyzer delivers a consolidated view and comprehensive reporting across all Fortinet devices in the widespread Steelcase environment. A cloud-based spam filtering service was recently replaced with the Fortinet FortiMail secure email gateway to provide powerful multi-vector detection and protection capabilities. \r\nFortiAP access points and FortiSwitch secure access switches are deployed at multiple locations across the company. FortiClient instances are leveraged to provide real-time actionable visibility across key areas of the infrastructure. Supplemental monitoring, management and provisioning for many of Steelcase’s extensive number of Fortinet appliances is achieved with the highly flexible FortiCloud service.\r\nAs the company began ramping up its use of Azure, it was a logical move to leverage the broad portfolio of Fortinet cloudrelated solutions. Developers at Steelcase gain access to the Azure environment by using VPN tunnels established between on-premise FortiGates and a combination of the Fortinet FortiGate-VM for Azure and cloud-based FortiWeb VM web application firewalls.","alias":"fortinet-for-manufacturer-of-office-furniture-and-related-equipment","roi":0,"seo":{"title":"Fortinet for manufacturer of office furniture and related equipment","keywords":"","description":"Steelcase had been a long-time Fortinet customer for its internal systems. The company has deployed Fortinet FortiGate next-generation firewalls to secure its perimeter and for end-to-end protection.\r\nFortiAuthenticator provides Steelcase with centralized user","og:title":"Fortinet for manufacturer of office furniture and related equipment","og:description":"Steelcase had been a long-time Fortinet customer for its internal systems. The company has deployed Fortinet FortiGate next-generation firewalls to secure its perimeter and for end-to-end protection.\r\nFortiAuthenticator provides Steelcase with centralized user"},"deal_info":"","user":{"id":5073,"title":"Steelcase","logoURL":"https://old.roi4cio.com/uploads/roi/company/Steelcase.png","alias":"steelcase","address":"","roles":[],"description":"Steelcase, Inc. is a world-renowned manufacturer of office furniture and related equipment. Based in Grand Rapids, Michigan and founded in 1912, the company markets its furniture and equipment under three primary brands: Steelcase, Turnstone and Coalesse. Steelcase uses a network of independent and company-owned dealers for distribution, as well as selling directly to end customers.","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":1,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Steelcase","keywords":"","description":"Steelcase, Inc. is a world-renowned manufacturer of office furniture and related equipment. Based in Grand Rapids, Michigan and founded in 1912, the company markets its furniture and equipment under three primary brands: Steelcase, Turnstone and Coalesse. Stee","og:title":"Steelcase","og:description":"Steelcase, Inc. is a world-renowned manufacturer of office furniture and related equipment. Based in Grand Rapids, Michigan and founded in 1912, the company markets its furniture and equipment under three primary brands: Steelcase, Turnstone and Coalesse. Stee","og:image":"https://old.roi4cio.com/uploads/roi/company/Steelcase.png"},"eventUrl":""},"supplier":{"id":8760,"title":"Hidden supplier","logoURL":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg","alias":"skrytyi-postavshchik","address":"","roles":[],"description":" Supplier Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":76,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden supplier","keywords":"","description":" Supplier Information is confidential ","og:title":"Hidden supplier","og:description":" Supplier Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/znachok_postavshchik.jpg"},"eventUrl":""},"vendors":[{"id":690,"title":"Fortinet","logoURL":"https://old.roi4cio.com/uploads/roi/company/fortiner_logo.png","alias":"fortinet","address":"","roles":[],"description":"<span lang=\"en\">Fortinet is an American multinational corporation founded in 2000. The main office is located in Sunnyvale (California, USA). The company specializes in the development and promotion of software, solutions and services in the field of information security. Among the most requested solutions are next generation firewalls (NGFW), antivirus software, intrusion prevention and endpoint security systems, and a number of other products. In terms of revenue, Fortinet has consistently ranked in the top five of all network security companies. In 2020, the company's turnover exceeded $ 3 billion, and the number of customers exceeded half a million. By the beginning of 2021, the company had more than 700 patents in the field of information security, and about 200 more patents were pending. Fortinet employed about 8,300 people as of early 2021.</span>\r\n\r\n<span lang=\"en\">FortiGate's flagship enterprise firewall platform supports a wide range of next-generation security and networking features. It comes in a variety of sizes and form factors, making it easily adaptable to any environment. Fortinet's proprietary Security Fabric integrates and automates the entire infrastructure, delivering unmatched security and visibility to every network segment and device, be it a virtual machine or physical device, in the cloud or on-premises. The company also runs the NSE training and certification program and operates the Network Security Academy, which supports universities offering information security courses.</span>","companyTypes":[],"products":{},"vendoredProductsCount":9,"suppliedProductsCount":9,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":0,"vendorImplementationsCount":4,"vendorPartnersCount":0,"supplierPartnersCount":21,"b4r":0,"categories":{},"companyUrl":"www.fortinet.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Fortinet","keywords":"Fortinet, security, public, among, others, company, appliances, million","description":"<span lang=\"en\">Fortinet is an American multinational corporation founded in 2000. The main office is located in Sunnyvale (California, USA). The company specializes in the development and promotion of software, solutions and services in the field of informati","og:title":"Fortinet","og:description":"<span lang=\"en\">Fortinet is an American multinational corporation founded in 2000. The main office is located in Sunnyvale (California, USA). The company specializes in the development and promotion of software, solutions and services in the field of informati","og:image":"https://old.roi4cio.com/uploads/roi/company/fortiner_logo.png"},"eventUrl":""}],"products":[{"id":174,"logo":false,"scheme":false,"title":"Fortinet FortiGate NGFW","vendorVerified":0,"rating":"2.00","implementationsCount":4,"suppliersCount":0,"alias":"fortigate","companyTypes":[],"description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\nFortinet NGFWs reduce cost and complexity by eliminating points products and consolidating industry-leading security capabilities such as secure sockets layer (SSL) inspection including the latest TLS1.3, web filtering, intrusion prevention system (IPS) to provide fully visibility and protect any edge. Fortinet NGFWs uniquely meet the performance needs of hyperscale and hybrid IT architectures, enabling organizations to deliver optimal user experience, and manage security risks for better business continuity.\r\nFortiGate next-generation firewalls inspect traffic at hyperscale as it enters and leaves the network. These inspections happen at unparalleled speed, scale, and performance to ensure that only legitimate traffic is allowed, all without degrading user experience or creating costly downtime.\r\nAs an integral part of the Fortinet Security Fabric, FortiGate NGFWs can communicate within the comprehensive Fortinet security portfolio as well as third-party security solutions in a multivendor environment. FortiGate NGFWs seamlessly integrate with artificial intelligence (AI)-driven FortiGuard and FortiSandbox services to protect against known and zero-day threats and improve operational efficiency through integration with Fabric Management Center.","shortDescription":"FortiGate is a Top-rated security—NSS Labs “Recommended”. Comprehensive security in one, simplified solution. Flexible deployment options fit your unique requirements","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":19,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiGate NGFW","keywords":"security, network, your, FortiGate, deployments, small, platform, across","description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\n","og:title":"Fortinet FortiGate NGFW","og:description":"FortiGate NGFWs are network firewalls powered by purpose-built security processing units (SPUs) including the latest NP7 (Network Processor 7). They enable security-driven networking, and are ideal network firewalls for hybrid and hyperscale data centers.\r\n"},"eventUrl":"","translationId":175,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":49,"title":"VPN - Virtual Private Network","alias":"vpn-virtual-private-network","description":"A <span style=\"font-weight: bold; \">virtual private network (VPN)</span> extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g. a laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common though not an inherent part of a VPN connection.\r\nAt its most basic level, VPN tunneling creates a point-to-point connection that cannot be accessed by unauthorized users. To actually create the VPN tunnel, the endpoint device needs to be running a VPN client (software application) locally or in the cloud. The VPN client runs in the background and is not noticeable to the end user unless there are performance issues.\r\nThe performance of a VPN can be affected by a variety of factors, among them the speed of users' internet connections, the types of protocols an internet service provider may use and the type of encryption the VPN uses. In the enterprise, performance can also be affected by poor quality of service (QoS) outside the control of an organization's information technology (IT) department.\r\nConsumers use a virtual private network software to protect their online activity and identity. By using an anonymous VPN service, a user's Internet traffic and data remain encrypted, which prevents eavesdroppers from sniffing Internet activity. Personal VPN services are especially useful when accessing public Wi-Fi hotspots because the public wireless services might not be secure. In addition to public Wi-Fi security, it also provides consumers with uncensored Internet access and can help prevent data theft and unblock websites.\r\nCompanies and organizations will typically use a VPN security to communicate confidentially over a public network and to send voice, video or data. It is also an excellent option for remote workers and organizations with global offices and partners to share data in a private manner.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Types of VPNs</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Remote access VPN</span>. Remote access VPN clients connect to a VPN gateway server on the organization's network. The gateway requires the device to authenticate its identity before granting access to internal network resources such as file servers, printers and intranets. This type of VPN usually relies on either IP Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Site-to-site VPN.</span> In contrast, a site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another location. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier MPLS clouds rather than the public internet as the transport for site-to-site VPNs. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Mobile VPN.</span> In a mobile VPN, a VPN server still sits at the edge of the company network, enabling secure tunneled access by authenticated, authorized VPN clients. Mobile VPN tunnels are not tied to physical IP addresses, however. Instead, each tunnel is bound to a logical IP address. That logical IP address sticks to the mobile device no matter where it may roam.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Hardware</span>. It offer a number of advantages over the software-based VPN. In addition to enhanced security, hardware VPNs can provide load balancing to handle large client loads. Administration is managed through a Web browser interface. A hardware VPN is more expensive than a software VPN. Because of the cost, hardware VPNs are a more realistic option for large businesses than for small businesses or branch offices. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN appliance.</span> A VPN appliance, also known as a VPN gateway appliance, is a network device equipped with enhanced security features. Also known as an SSL (Secure Sockets Layer) VPN appliance, it is in effect a router that provides protection, authorization, authentication and encryption for VPNs.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Dynamic multipoint virtual private network (DMVPN</span>). A dynamic multipoint virtual private network (DMVPN) is a secure network that exchanges data between sites without needing to pass traffic through an organization's headquarter virtual private network (VPN) server or router. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Reconnect.</span> VPN Reconnect is a feature of Windows 7 and Windows Server 2008 R2 that allows a virtual private network connection to remain open during a brief interruption of Internet service. Usually, when a computing device using a VPN connection drops its Internet connection, the end user has to manually reconnect to the VPN. VPN Reconnect keeps the VPN tunnel open for a configurable amount of time so when Internet service is restored, the VPN connection is automatically restored as well. </li></ul>\r\n<p class=\"align-left\"> </p>","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is VPN software?</span></h1>\r\n<span style=\"font-weight: normal;\"></span>VPN software is a tool that allows users to create a secure, encrypted connection over a computer network such as the Internet. The platform was developed to allow for secure access to business applications and other resources.\r\n<header><h1 class=\"align-center\"><span style=\"font-weight: normal;\">How does VPN software work?</span></h1></header>\r\n<p class=\"align-left\">So what does VPN do? Basically, a VPN is a group of computers or networks, which are connected over the Internet. For businesses, VPN services serve as avenues for getting access to networks when they are not physically on the same network. Such a service can also be used to encrypt communications over public networks.</p>\r\n<p class=\"align-left\">VPNs are usually deployed through local installation or by logging on to a service’s website. To give you an idea as to how VPN works, the software allows your computer to basically exchange keys with a remote server, through which all data traffic is encrypted and kept secure, safe from prying eyes. It lets you browse the Internet without the worry of being tracked, monitored and identified without permission. A VPN also helps in accessing blocked sites and in circumventing censorship.</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What are the features of VPN software?</span></h1>\r\n<p class=\"align-left\">There are a variety of ways by which you can determine what VPN suits you. Here are some features of software VPN solutions and buying factors that you should consider:<br /><br /></p>\r\n<ul><li><span style=\"font-weight: bold;\">Privacy</span>: You should know what kind of privacy you really need. Is it for surfing, downloading or simply accessing blocked sites? Best of VPN programs offer one or more of these capabilities.</li><li><span style=\"font-weight: bold;\">Software/features</span>: Platforms should not be limited to ease of use, they should include features such as kill switches and DNS leak prevention tools which provide a further layer of protection.</li><li><span style=\"font-weight: bold;\">Security</span>: One should consider the level of security that a service offers. This can prevent hackers and agencies from accessing your data.</li><li><span style=\"font-weight: bold;\">Cross-platform support</span>: A VPN solution should be able to run on any device. To do this, setup guides for different platforms should be provided by the vendor.</li><li><span style=\"font-weight: bold;\">The number of servers/countries</span>: For these services, the more servers VPN there are, the better the service. This allows users to connect from virtually all over the world. It will also enable them to change their locations at will.</li><li><span style=\"font-weight: bold;\">Speed</span>: It’s common knowledge that using VPN comes with reduction in Internet speed. This is due to the fact that signals need to travel long distances and the demands of the encryption and decryption processes. Choose a service that has minimal impact on Internet speed.</li><li><span style=\"font-weight: bold;\">Simultaneous connections</span>: Many services allow users to use only one device at a time. However, many VPN service providers allow customers to connect multiple devices all at the same time.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VPN_-_Virtual_Private_Network.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1606,"logo":false,"scheme":false,"title":"Fortinet FortiWeb: Web Application Firewall (WAF)","vendorVerified":0,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"alias":"fortiweb-web-application-firewall-waf","companyTypes":[],"description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advanced multi-layered and correlated approach, FortiWeb provides complete security for your external and internal web-based applications from the OWASP Top 10 and many other threats. At the heart of FortiWeb are its dual-layer AI-based detection engines that intelligently detect threats with nearly no false positive detections.\r\n<span style=\"font-weight: bold;\">Features and Benefits</span>\r\n<ul> <li>Proven Web Application Protection. FortiWeb protects against all the OWASP Top-10 threats, DDoS attacks and many others to defend your mission critical web-based applications</li> <li>AI-based Threat Detection. In addition to regular signature updates and many other layers of defenses, FortiWeb’s AI-based, dual-layer machine learning engines protect against zero-day attacks</li> <li>Security Fabric Integration. Integration with FortiGate firewalls and FortiSandbox deliver protection from advanced persistent threats</li> <li>Advanced Visual Analytics. FortiWeb’s visual reporting tools provide detailed analyses of attack sources, types and other elements that provide insights not available with other WAF solutions </li> <li>False Positive Mitigation Tools. Advanced tools that minimize the day-to-day management of policies and exception lists to ensure only unwanted traffic is blocked</li> <li>Hardware-based Acceleration. FortiWeb delivers industry-leading protected WAF throughputs and blazing fast secure traffic encryption/decryption</li> </ul>","shortDescription":"FortiWeb is a web application firewall (WAF) that protects hosted applications from attacks that target known and unknown exploits using multi-layered and correlated detection methods.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":7,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiWeb: Web Application Firewall (WAF)","keywords":"","description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advan","og:title":"Fortinet FortiWeb: Web Application Firewall (WAF)","og:description":"FortiWeb Product Details Whether to simply meet compliance standards or to protect mission-critical hosted applications, FortiWeb's web application firewalls provide advanced features that defend web applications from known and zero-day threats. Using an advan"},"eventUrl":"","translationId":1607,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":1745,"logo":false,"scheme":false,"title":"Fortinet FortiMail Secure Email Gateway","vendorVerified":0,"rating":"2.00","implementationsCount":3,"suppliersCount":0,"alias":"fortinet-fortimail-secure-email-gateway","companyTypes":[],"description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. Gartner asserts that "Advanced threats (such as ransomware and business email compromise) are easily the signature-based and reputation-based prevention mechanisms that a secure email gateway (SEG) has traditionally used." FortiMail Email security utilizes the latest technologies and security services from FortiGuard Labs to deliver consistently top-rated protection from common and advanced threats while integrating robust data protection capabilities to avoid data loss.\r\n<span style=\"font-weight: bold;\">FortiMail Product Details</span>\r\nOrganizations typically select FortiMail email security to shield users, and ultimately data, from a wide range of cyber threats. These include: ever growing volumes of unwanted spam, socially-engineered phishing and business email compromise, accelerating variants of ransomware and other malware, increasingly targeted attacks from adversaries of all kinds, and more. At the same time, FortiMail can be used to protect sensitive data of all types, reducing the risk of inadvertent loss and/or non-compliance with regulations like HIPAA, PCI, GDPR, and more.\r\n<span style=\"font-weight: bold;\">Features and Benefits</span>\r\n<ul> <li>Top-rated Antispam and Antiphishing: Maintain productivity by shielding end users from unwanted spam and malicious phishing attacks</li> <li>Independently certified advanced threat defense: Thwart cyber criminals intent on stealing data, holding systems for ransomware, conducting fraud, and other malicious purposes</li> <li>Integrated data protection: Maintain the privacy of personal information and confidentiality of sensitive data in compliance with regulatory and corporate guidelines</li> <li>Enterprise-class management: Free staff and end users to drive the business by reducing the time spent on email administration </li> <li>High-performance mail handling: Speed the delivery of legitimate email at an affordable cost</li> </ul>","shortDescription":"FortiMail: Secure Email Gateway\r\nStop advanced email threats and prevent data loss","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":14,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fortinet FortiMail Secure Email Gateway","keywords":"","description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. ","og:title":"Fortinet FortiMail Secure Email Gateway","og:description":"Email security remains a key productivity tool for today's organizations, as well as a successful attack vector for cyber criminals. According to the Verizon 2018 Data Breach Investigations Report, 49% of malware was installed via malicious email. "},"eventUrl":"","translationId":1746,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":259,"title":"Appraise and Train Staff"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":396,"title":"Low speed of report generation"}]}},"categories":[{"id":536,"title":"WAN optimization - appliance","alias":"wan-optimization-appliance","description":" WAN optimization appliance is a collection of techniques for increasing data-transfer efficiencies across wide-area networks (WANs). In 2008, the WAN optimization market was estimated to be $1 billion and was to grow to $4.4 billion by 2014 according to Gartner, a technology research firm. In 2015 Gartner estimated the WAN optimization market to be a $1.1 billion market.\r\nThe most common measures of TCP data-transfer efficiencies (i.e., optimization) are throughput, bandwidth requirements, latency, protocol optimization, and congestion, as manifested in dropped packets. In addition, the WAN itself can be classified with regards to the distance between endpoints and the amounts of data transferred. Two common business WAN topologies are Branch to Headquarters and Data Center to Data Center (DC2DC). In general, "Branch" WAN links are closer, use less bandwidth, support more simultaneous connections, support smaller connections and more short-lived connections, and handle a greater variety of protocols. They are used for business applications such as email, content management systems, database application, and Web delivery. In comparison, "DC2DC" WAN links tend to require more bandwidth, are more distant and involve fewer connections, but those connections are bigger (100 Mbit/s to 1 Gbit/s flows) and of longer duration. Traffic on a "DC2DC" WAN may include replication, back up, data migration, virtualization, and other Business Continuity/Disaster Recovery (BC/DR) flow.\r\nWAN optimization has been the subject of extensive academic research almost since the advent of the WAN. In the early 2000s, research in both the private and public sectors turned to improve the end-to-end throughput of TCP, and the target of the first proprietary WAN optimization solutions was the Branch WAN. In recent years, however, the rapid growth of digital data, and the concomitant needs to store and protect it, has presented a need for DC2DC WAN optimization. For example, such optimizations can be performed to increase overall network capacity utilization, meet inter-datacenter transfer deadlines, or minimize average completion times of data transfers. As another example, private inter-datacenter WANs can benefit optimizations for fast and efficient geo-replication of data and content, such as newly computed machine learning models or multimedia content.\r\nComponent techniques of Branch WAN Optimization include deduplication, wide-area file services (WAFS), SMB proxy, HTTPS Proxy, media multicasting, web caching, and bandwidth management. Requirements for DC2DC WAN Optimization also center around deduplication and TCP acceleration, however, these must occur in the context of multi-gigabit data transfer rates. ","materialsDescription":" <span style=\"font-weight: bold;\">What techniques does WAN optimization have?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Deduplication</span> – Eliminates the transfer of redundant data across the WAN by sending references instead of the actual data. By working at the byte level, benefits are achieved across IP applications.</li><li><span style=\"font-weight: bold;\">Compression</span> – Relies on data patterns that can be represented more efficiently. Essentially compression techniques similar to ZIP, RAR, ARJ, etc. are applied on-the-fly to data passing through hardware (or virtual machine) based WAN acceleration appliances.</li><li><span style=\"font-weight: bold;\">Latency optimization</span> – Can include TCP refinements such as window-size scaling, selective acknowledgments, Layer 3 congestion control algorithms, and even co-location strategies in which the application is placed in near proximity to the endpoint to reduce latency. In some implementations, the local WAN optimizer will answer the requests of the client locally instead of forwarding the request to the remote server in order to leverage write-behind and read-ahead mechanisms to reduce WAN latency.</li><li><span style=\"font-weight: bold;\">Caching/proxy</span> – Staging data in local caches; Relies on human behavior, accessing the same data over and over.</li><li><span style=\"font-weight: bold;\">Forward error correction</span> – Mitigates packet loss by adding another loss-recovery packet for every “N” packets that are sent, and this would reduce the need for retransmissions in error-prone and congested WAN links.</li><li><span style=\"font-weight: bold;\">Protocol spoofing</span> – Bundles multiple requests from chatty applications into one. May also include stream-lining protocols such as CIFS.</li><li><span style=\"font-weight: bold;\">Traffic shaping</span> – Controls data flow for specific applications. Giving flexibility to network operators/network admins to decide which applications take precedence over the WAN. A common use case of traffic shaping would be to prevent one protocol or application from hogging or flooding a link over other protocols deemed more important by the business/administrator. Some WAN acceleration devices are able to traffic shape with granularity far beyond traditional network devices. Such as shaping traffic on a per-user AND per application basis simultaneously.</li><li><span style=\"font-weight: bold;\">Equalizing</span> – Makes assumptions on what needs immediate priority based on data usage. Usage examples for equalizing may include wide open unregulated Internet connections and clogged VPN tunnels.</li><li><span style=\"font-weight: bold;\">Connection limits</span> – Prevents access gridlock in and to denial of service or to peer. Best suited for wide-open Internet access links, can also be used links.</li><li><span style=\"font-weight: bold;\">Simple rate limits</span> – Prevents one user from getting more than a fixed amount of data. Best suited as a stop-gap first effort for remediating a congested Internet connection or WAN link.</li></ul>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAN_optimization_appliance.png"},{"id":49,"title":"VPN - Virtual Private Network","alias":"vpn-virtual-private-network","description":"A <span style=\"font-weight: bold; \">virtual private network (VPN)</span> extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g. a laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common though not an inherent part of a VPN connection.\r\nAt its most basic level, VPN tunneling creates a point-to-point connection that cannot be accessed by unauthorized users. To actually create the VPN tunnel, the endpoint device needs to be running a VPN client (software application) locally or in the cloud. The VPN client runs in the background and is not noticeable to the end user unless there are performance issues.\r\nThe performance of a VPN can be affected by a variety of factors, among them the speed of users' internet connections, the types of protocols an internet service provider may use and the type of encryption the VPN uses. In the enterprise, performance can also be affected by poor quality of service (QoS) outside the control of an organization's information technology (IT) department.\r\nConsumers use a virtual private network software to protect their online activity and identity. By using an anonymous VPN service, a user's Internet traffic and data remain encrypted, which prevents eavesdroppers from sniffing Internet activity. Personal VPN services are especially useful when accessing public Wi-Fi hotspots because the public wireless services might not be secure. In addition to public Wi-Fi security, it also provides consumers with uncensored Internet access and can help prevent data theft and unblock websites.\r\nCompanies and organizations will typically use a VPN security to communicate confidentially over a public network and to send voice, video or data. It is also an excellent option for remote workers and organizations with global offices and partners to share data in a private manner.\r\n<p class=\"align-center\"><span style=\"font-weight: bold;\">Types of VPNs</span></p>\r\n<ul><li><span style=\"font-weight: bold;\">Remote access VPN</span>. Remote access VPN clients connect to a VPN gateway server on the organization's network. The gateway requires the device to authenticate its identity before granting access to internal network resources such as file servers, printers and intranets. This type of VPN usually relies on either IP Security (IPsec) or Secure Sockets Layer (SSL) to secure the connection.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Site-to-site VPN.</span> In contrast, a site-to-site VPN uses a gateway device to connect an entire network in one location to a network in another location. End-node devices in the remote location do not need VPN clients because the gateway handles the connection. Most site-to-site VPNs connecting over the internet use IPsec. It is also common for them to use carrier MPLS clouds rather than the public internet as the transport for site-to-site VPNs. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Mobile VPN.</span> In a mobile VPN, a VPN server still sits at the edge of the company network, enabling secure tunneled access by authenticated, authorized VPN clients. Mobile VPN tunnels are not tied to physical IP addresses, however. Instead, each tunnel is bound to a logical IP address. That logical IP address sticks to the mobile device no matter where it may roam.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Hardware</span>. It offer a number of advantages over the software-based VPN. In addition to enhanced security, hardware VPNs can provide load balancing to handle large client loads. Administration is managed through a Web browser interface. A hardware VPN is more expensive than a software VPN. Because of the cost, hardware VPNs are a more realistic option for large businesses than for small businesses or branch offices. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN appliance.</span> A VPN appliance, also known as a VPN gateway appliance, is a network device equipped with enhanced security features. Also known as an SSL (Secure Sockets Layer) VPN appliance, it is in effect a router that provides protection, authorization, authentication and encryption for VPNs.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">Dynamic multipoint virtual private network (DMVPN</span>). A dynamic multipoint virtual private network (DMVPN) is a secure network that exchanges data between sites without needing to pass traffic through an organization's headquarter virtual private network (VPN) server or router. </li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold;\">VPN Reconnect.</span> VPN Reconnect is a feature of Windows 7 and Windows Server 2008 R2 that allows a virtual private network connection to remain open during a brief interruption of Internet service. Usually, when a computing device using a VPN connection drops its Internet connection, the end user has to manually reconnect to the VPN. VPN Reconnect keeps the VPN tunnel open for a configurable amount of time so when Internet service is restored, the VPN connection is automatically restored as well. </li></ul>\r\n<p class=\"align-left\"> </p>","materialsDescription":"<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What is VPN software?</span></h1>\r\n<span style=\"font-weight: normal;\"></span>VPN software is a tool that allows users to create a secure, encrypted connection over a computer network such as the Internet. The platform was developed to allow for secure access to business applications and other resources.\r\n<header><h1 class=\"align-center\"><span style=\"font-weight: normal;\">How does VPN software work?</span></h1></header>\r\n<p class=\"align-left\">So what does VPN do? Basically, a VPN is a group of computers or networks, which are connected over the Internet. For businesses, VPN services serve as avenues for getting access to networks when they are not physically on the same network. Such a service can also be used to encrypt communications over public networks.</p>\r\n<p class=\"align-left\">VPNs are usually deployed through local installation or by logging on to a service’s website. To give you an idea as to how VPN works, the software allows your computer to basically exchange keys with a remote server, through which all data traffic is encrypted and kept secure, safe from prying eyes. It lets you browse the Internet without the worry of being tracked, monitored and identified without permission. A VPN also helps in accessing blocked sites and in circumventing censorship.</p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal;\">What are the features of VPN software?</span></h1>\r\n<p class=\"align-left\">There are a variety of ways by which you can determine what VPN suits you. Here are some features of software VPN solutions and buying factors that you should consider:<br /><br /></p>\r\n<ul><li><span style=\"font-weight: bold;\">Privacy</span>: You should know what kind of privacy you really need. Is it for surfing, downloading or simply accessing blocked sites? Best of VPN programs offer one or more of these capabilities.</li><li><span style=\"font-weight: bold;\">Software/features</span>: Platforms should not be limited to ease of use, they should include features such as kill switches and DNS leak prevention tools which provide a further layer of protection.</li><li><span style=\"font-weight: bold;\">Security</span>: One should consider the level of security that a service offers. This can prevent hackers and agencies from accessing your data.</li><li><span style=\"font-weight: bold;\">Cross-platform support</span>: A VPN solution should be able to run on any device. To do this, setup guides for different platforms should be provided by the vendor.</li><li><span style=\"font-weight: bold;\">The number of servers/countries</span>: For these services, the more servers VPN there are, the better the service. This allows users to connect from virtually all over the world. It will also enable them to change their locations at will.</li><li><span style=\"font-weight: bold;\">Speed</span>: It’s common knowledge that using VPN comes with reduction in Internet speed. This is due to the fact that signals need to travel long distances and the demands of the encryption and decryption processes. Choose a service that has minimal impact on Internet speed.</li><li><span style=\"font-weight: bold;\">Simultaneous connections</span>: Many services allow users to use only one device at a time. However, many VPN service providers allow customers to connect multiple devices all at the same time.</li></ul>\r\n<p class=\"align-left\"> </p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/VPN_-_Virtual_Private_Network.png"},{"id":784,"title":"NGFW - next-generation firewall - Appliance","alias":"ngfw-next-generation-firewall-appliance","description":" A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory).\r\nNGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents.\r\nNGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware.\r\nImproved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services.\r\nStateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But today, blocking a web application like Farmville that uses port 80 by closing the port would also mean complications with the entire HTTP protocol.\r\nProtection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses.\r\nNGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular "allow/deny" rules for controlling use of websites and applications in the network. ","materialsDescription":"<span style=\"font-weight: bold;\"> What is a next-generation firewall (NGFW)?</span>\r\nAn NGFW contains all the normal defences that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other bonus security features. NGFWs are also capable of deep packet inspection which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by blacklist (programs in the filter are blocked) or by whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":782,"title":"NGFW - next-generation firewall","alias":"ngfw-next-generation-firewall","description":"A next-generation firewall (NGFW) is a part of the third generation of firewall technology that is implemented in either hardware or software and is capable of detecting and blocking sophisticated attacks by enforcing security policies at the application, port and protocol levels.\r\nNGFWs typically feature advanced functions including:\r\n<ul><li>application awareness;</li><li>integrated intrusion prevention systems (IPS);</li><li>identity awareness -- user and group control;</li><li>bridged and routed modes;</li><li> the ability to use external intelligence sources.</li></ul>\r\nOf these offerings, most next-generation firewalls integrate at least three basic functions: enterprise firewall capabilities, an intrusion prevention system (IPS) and application control.\r\nLike the introduction of stateful inspection in traditional firewalls, NGFWs bring additional context to the firewall's decision-making process by providing it with the ability to understand the details of the web application traffic passing through it and to take action to block traffic that might exploit vulnerabilities.\r\nThe different features of next-generation firewalls combine to create unique benefits for users. NGFWs are often able to block malware before it enters a network, something that wasn't previously possible.\r\nNGFWs are also better equipped to address advanced persistent threats (APTs) because they can be integrated with threat intelligence services. NGFWs can also offer a low-cost option for companies trying to improve basic device security through the use of application awareness, inspection services, protection systems and awareness tools.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What is a next-generation firewall (NGFW)?</span>\r\nA NGFW contains all the normal defenses that a traditional firewall has as well as a type of intrusion prevention software and application control, alongside other additional security features. NGFWs are also capable of deep packet inspection, which enables more robust filters.\r\nIntrusion prevention software monitors network activity to detect and stop vulnerability exploits from occurring. This is usually done by monitoring for breaches against the network policies in place as a breach is usually indicative of malicious activity.\r\nApplication control software simply sets up a hard filter for programs that are trying to send or receive data over the Internet. This can either be done by a blacklist (programs in the filter are blocked) or by a whitelist (programs not in the filter are blocked).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_NGFW.png"},{"id":546,"title":"WAF-web application firewall appliance","alias":"waf-web-application-firewall-appliance","description":"A web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - detecting and blocking anything malicious. The OWASP provides a broad technical definition for a WAF as “a security solution on the web application level which - from a technical point of view - does not depend on the application itself.” According to the PCI DSS Information Supplement for requirement 6.6, a WAF is defined as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.” In other words, a WAF can be a physical appliance that prevents vulnerabilities in web applications from being exploited by outside threats. These vulnerabilities may be because the application itself is a legacy type or it was insufficiently coded by design. The WAF addresses these code shortcomings by special configurations of rule sets, also known as policies.\r\nPreviously unknown vulnerabilities can be discovered through penetration testing or via a vulnerability scanner. A web application vulnerability scanner, also known as a web application security scanner, is defined in the SAMATE NIST 500-269 as “an automated program that examines web applications for potential security vulnerabilities. In addition to searching for web application-specific vulnerabilities, the tools also look for software coding errors.” Resolving vulnerabilities is commonly referred to as remediation. Corrections to the code can be made in the application but typically a more prompt response is necessary. In these situations, the application of a custom policy for a unique web application vulnerability to provide a temporary but immediate fix (known as a virtual patch) may be necessary.\r\nWAFs are not an ultimate security solution, rather they are meant to be used in conjunction with other network perimeter security solutions such as network firewalls and intrusion prevention systems to provide a holistic defense strategy.\r\nWAFs typically follow a positive security model, a negative security model, or a combination of both as mentioned by the SANS Institute. WAFs use a combination of rule-based logic, parsing, and signatures to detect and prevent attacks such as cross-site scripting and SQL injection. The OWASP produces a list of the top ten web application security flaws. All commercial WAF offerings cover these ten flaws at a minimum. There are non-commercial options as well. As mentioned earlier, the well-known open source WAF engine called ModSecurity is one of these options. A WAF engine alone is insufficient to provide adequate protection, therefore OWASP along with Trustwave's Spiderlabs help organize and maintain a Core-Rule Set via GitHub to use with the ModSecurity WAF engine.","materialsDescription":"A Web Application Firewall or WAF provides security for online services from malicious Internet traffic. WAFs detect and filter out threats such as the OWASP Top 10, which could degrade, compromise or bring down online applications.\r\n<span style=\"font-weight: bold;\">What are Web Application Firewalls?</span>\r\nWeb application firewalls assist load balancing by examining HTTP traffic before it reaches the application server. They also protect against web application vulnerability and unauthorized transfer of data from the web server at a time when security breaches are on the rise. According to the Verizon Data Breach Investigations Report, web application attacks were the most prevalent breaches in 2017 and 2018.\r\nThe PCI Security Standards Council defines a web application firewall as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\n<span style=\"font-weight: bold;\">How does a Web Application Firewall wWork?</span>\r\nA web application firewall (WAF) intercepts and inspects all HTTP requests using a security model based on a set of customized policies to weed out bogus traffic. WAFs block bad traffic outright or can challenge a visitor with a CAPTCHA test that humans can pass but a malicious bot or computer program cannot.\r\nWAFs follow rules or policies customized to specific vulnerabilities. As a result, this is how WAFs prevent DDoS attacks. Creating the rules on a traditional WAF can be complex and require expert administration. The Open Web Application Security Project maintains a list of the OWASP top web application security flaws for WAF policies to address.\r\nWAFs come in the form of hardware appliances, server-side software, or filter traffic as-a-service. WAFs can be considered as reverse proxies i.e. the opposite of a proxy server. Proxy servers protect devices from malicious applications, while WAFs protect web applications from malicious endpoints.\r\n<span style=\"font-weight: bold;\">What Are Some Web Application Firewall Benefits?</span>\r\nA web application firewall (WAF) prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<span style=\"font-weight: bold;\">What Is the Difference Between a Firewall and a Web Application Firewall?</span>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).\r\n<span style=\"font-weight: bold;\">When Should You Use a Web Application Firewall?</span>\r\nAny business that uses a website to generate revenue should use a web application firewall to protect business data and services. Organizations that use online vendors should especially deploy web application firewalls because the security of outside groups cannot be controlled or trusted.\r\n<span style=\"font-weight: bold;\">How Do You Use a Web Application Firewall?</span>\r\nA web application firewall requires correct positioning, configuration, administration and monitoring. Web application firewall installation must include the following four steps: secure, monitor, test and improve. This should be a continuous process to ensure application specific protection.<br />The configuration of the firewall should be determined by the business rules and guardrails by the company’s security policy. This approach will allow the rules and filters in the web application firewall to define themselves.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall_appliance.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"},{"id":558,"title":"Secure E-mail Gateway - Appliance","alias":"secure-e-mail-gateway-appliance","description":"According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and next-gen anti-phishing and anti-spam</li><li>Additional security features</li><li>Customization of the solution’s management features</li><li>Low false positive and false negative percentages</li><li>External processes and storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, secure email gateways can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":"<span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against email-borne threats. It is effectively a firewall for your email, and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan each email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a specific period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway_Appliance.png"},{"id":469,"title":"Secure E-mail Gateway","alias":"secure-e-mail-gateway","description":" According to technology research firm Gartner, secure email gateways “provide basic message transfer agent functions; inbound filtering of spam, phishing, malicious and marketing emails; and outbound data loss prevention (DLP) and email encryption.”\r\nTo put that in simpler language, a secure email gateway (also called an email security gateway) is a cybersecurity solution that monitors incoming and outgoing messages for suspicious behavior, preventing them from being delivered. Secure email gateways can be deployed via an email server, public cloud, on-premises software, or in a hybrid system. According to cybersecurity experts, none of these deployment options are inherently superior; each one has its own strengths and weaknesses that must be assessed by the individual enterprise.\r\nGartner defines the secure email gateway market as mature, with the key capabilities clearly defined by market demands and customer satisfaction. These capabilities include:\r\n<ul><li>Basic and Next-Gen Anti-Phishing and Anti-Spam</li><li>Additional Security Features</li><li>Customization of the Solution’s Management Features</li><li>Low False Positive and False Negative Percentages</li><li>External Processes and Storage</li></ul>\r\nSecure email gateways are designed to surpass the traditional detection capabilities of legacy antivirus and anti-phishing solutions. To do so, they offer more sophisticated detection and prevention capabilities; secure email gateways can make use of threat intelligence to stay up-to-date with the latest threats.\r\nAdditionally, SEGs can sandbox suspicious emails, observing their behavior in a safe, enclosed environment that resembles the legitimate network. Security experts can then determine if it is a legitimate threat or a false positive.\r\nSecure email gateway solutions will often offer data loss prevention and email encryption capabilities to protect outgoing communications from prying and unscrupulous eyes.\r\nMuch like SIEM or endpoint detection and response (EDR), secure email gateways can produce false positives and false negatives, although they do tend to be far less than rates found in SIEM and EDR alerts.","materialsDescription":" <span style=\"font-weight: bold;\">How Does a Secure Email Gateway Work?</span>\r\nA secure email gateway offers a robust framework of technologies that protect against these email-borne threats. It is effectively a firewall for your email and scans both outbound and inbound email for any malicious content. At a minimum, most secure gateways offer a minimum of four security features: virus and malware blocking, spam filtering, content filtering and email archiving. Let's take a look at these features in more detail:\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Virus and Malware Blocking</span></span>\r\nEmails infected with viruses or malware can make up approximately 1% of all email received by an organization. For a secure email gateway to effectively prevent these emails from reaching their intended recipients and delivering their payload, it must scan every email and be constantly kept up-to-date with the latest threat patterns and characteristics.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Spam Filtering</span></span>\r\nBelieve it or not, spam filtering is where the majority of a secure email gateway's processing power is focused. Spam is blocked in a number of different ways. Basic spam filtering usually involves a prefiltering technology that blocks or quarantines any emails received from known spammers. Spam filtering can also detect patterns commonly found in spam emails, such as preferred keywords used by spammers and the inclusion of links that could take the email recipient to a malicious site if clicked. Many email clients also allow users to flag spam messages that arrive in their mailbox and to block senders.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Content Filtering</span></span>\r\nContent filtering is typically applied to an outbound email sent by users within the company. For example, you can configure your secure email gateway to prevent specific sensitive documents from being sent to an external recipient, or put a block on image files or specific keywords within them being sent through the email system.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Email Archiving</span></span>\r\nEmail services, whether they are in the cloud or on-premise, need to be managed efficiently. Storage has been a problem for email administrators for many years, and while you may have almost infinite cloud storage available, email archiving can help to manage both user mailboxes and the efficiency of your systems. Compliance is also a major concern for many companies and email archiving is a must if you need to keep emails for a certain period of time.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Secure_Email_Gateway.jpg"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.fortinet.com/content/dam/fortinet/assets/case-studies/cs-steelcase.pdf","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":491,"title":"Imperva Incapsula for a provider of performance marketing software","description":"NetRefer deploys Imperva Incapsula for improved website security with comprehensive DDoS and web application firewall protection\r\nImperva, Inc., a cybersecurity leader that delivers best-in-class solutions to protect data and applications on-premises, in the cloud, and across hybrid environments, today announced that NetRefer, a leading provider of performance marketing software, is using the Imperva Incapsula service to protect its website from cyberattacks. NetRefer deployed the Incapsula service across its customer-facing websites to ensure protection from malicious attacks using the service’s Web Application Firewall (WAF) feature.\r\nNetRefer provides performance marketing software that helps companies automate their entire affiliate life cycles, from enrollment through CRM management, tracking, finance and rewards management, payments, and more.\r\nWhile NetRefer had DDoS protection from its hosting environment, it was extremely limited in its ability to scrub traffic, and it lacked a WAF. In addition, the hosting environment was not able to provide the kind of cross-platform visibility that NetRefer’s IT team needed to enable them to see and fix problems early on.\r\nAfter investigating various solutions, and consulting a leading market research firm’s report on Web Application Firewalls, the NetRefer IT team found Incapsula to be the only cloud-based WAF that met its requirements of being easy to use, able to keep downtime to a minimum, and fully scalable, fast and reliable.\r\nBeing able to identify threats and block them on the fly is critical. By strengthening our security, we can show our clients that their data is safe,” said Christian Cutajar, IT manager for NetRefer.\r\nSince deploying Incapsula, NetRefer can now route its traffic at the DNS level instead of dealing with multiple on-premise devices. This allows them to focus on moving towards a Platform-as-a-Service (PaaS) solution long term.\r\nMore importantly, the DDoS mitigation service protects their systems from continuous attacks. It also provides the increased visibility they need to find and deal with potential security threats and malicious activity before they become serious problems.\r\n“We now have a granular view of events and traffic across all our environments,” continued Cutajar. “Incapsula has significantly improved our security posture and reduced downtime by fending off attacks. My IT team now knows when there are attempts to access protected resources on our website, such as SQL injection requests on NetRefer’s clients’ front-end systems and XSS on specific page parameters.”\r\n“Securing our core services and avoiding system hijacking is absolutely critical. Investing in a solution that gives us, and our customers, peace of mind is a must, and we’ve found that with Incapsula,” concluded Cutajar.\r\nWhile NetRefer engaged Imperva to solve their DDoS mitigation needs with the Incapsula service, they also achieved a significant performance benefit by activating the Incapsula Content Delivery Network. “We saw a 50 percent performance improvement on our site after turning on the Incapsula CDN,” said Cutajar.\r\n“Performance is of utmost importance to NetRefer, and Imperva Incapsula with its scalability and comprehensive cybersecurity protection is the ideal offering for its platform-as-a-service solution,” said Terry Ray, CTO for Imperva. “NetRefer can keep its customers’ data safe while improving performance and visibility at the same time.”\r\nImperva Incapsula is a cloud-based WAF delivered as a service that enables customers to protect websites and increase their performance, improve end-user experiences and safeguard web applications and their data from attack. Incapsula has robust WAF capabilities that can thwart web attacks, DDoS mitigation to ensure access to online business assets, a content delivery network to optimize and accelerate web traffic, and a load balancer to maximize the potential of web environments.","alias":"imperva-incapsula-for-a-provider-of-performance-marketing-software","roi":0,"seo":{"title":"Imperva Incapsula for a provider of performance marketing software","keywords":"Incapsula, NetRefer, that, Imperva, performance, with, their, from","description":"NetRefer deploys Imperva Incapsula for improved website security with comprehensive DDoS and web application firewall protection\r\nImperva, Inc., a cybersecurity leader that delivers best-in-class solutions to protect data and applications on-premises, in the c","og:title":"Imperva Incapsula for a provider of performance marketing software","og:description":"NetRefer deploys Imperva Incapsula for improved website security with comprehensive DDoS and web application firewall protection\r\nImperva, Inc., a cybersecurity leader that delivers best-in-class solutions to protect data and applications on-premises, in the c"},"deal_info":"","user":{"id":4256,"title":"NetRefer","logoURL":"https://old.roi4cio.com/uploads/roi/company/NetRefer.png","alias":"netrefer","address":"","roles":[],"description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">NetRefer is the industry leader in the provision of Unified Performance Marketing. We power the most successful and high-volume partner programs through a centralized and scalable platform of products.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">At NetRefer we place our clients at the heart of everything that we do. Our goal is to maintain High Quality Client Service. Our focus revolves around the capability and capacity of our people to deliver effective and efficient integrated services within a culture of continuous improvement.</span>","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":2,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://netrefer.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"NetRefer","keywords":"NetRefer, Marketing, capability, industry, maintain, High, Quality, Client","description":"<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">NetRefer is the industry leader in the provision of Unified Performance Marketing. We power the most successful and high-volume partner programs through a centralized a","og:title":"NetRefer","og:description":"<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">NetRefer is the industry leader in the provision of Unified Performance Marketing. We power the most successful and high-volume partner programs through a centralized a","og:image":"https://old.roi4cio.com/uploads/roi/company/NetRefer.png"},"eventUrl":""},"supplier":{"id":207,"title":"Imperva","logoURL":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png","alias":"imperva","address":"","roles":[],"description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has more than 4,500 customers and 500 partners in over 90 countries.","companyTypes":[],"products":{},"vendoredProductsCount":5,"suppliedProductsCount":5,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":6,"vendorImplementationsCount":7,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"www.imperva.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Imperva","keywords":"Imperva, software, Shores, California, Redwood, Headquartered, over, countries","description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:title":"Imperva","og:description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:image":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png"},"eventUrl":""},"vendors":[{"id":207,"title":"Imperva","logoURL":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png","alias":"imperva","address":"","roles":[],"description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has more than 4,500 customers and 500 partners in over 90 countries.","companyTypes":[],"products":{},"vendoredProductsCount":5,"suppliedProductsCount":5,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":6,"vendorImplementationsCount":7,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"www.imperva.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Imperva","keywords":"Imperva, software, Shores, California, Redwood, Headquartered, over, countries","description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:title":"Imperva","og:description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:image":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png"},"eventUrl":""}],"products":[{"id":1581,"logo":false,"scheme":false,"title":"Imperva Incapsula","vendorVerified":0,"rating":"1.70","implementationsCount":3,"suppliersCount":0,"alias":"imperva-incapsula","companyTypes":[],"description":"Incapsula can protect your organization against any DDoS threat.\r\nWEBSITE PROTECTION\r\nAlways-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications.\r\nWebsite Protection is an optional DDoS mitigation service that can be added to any Website Security subscription.\r\nINFRASTRUCTURE PROTECTION\r\nOn-demand or always-on protection against DDoS attacks that directly target your network infrastructure.\r\nInfrastructure Protection can be used to defend entire subnets.\r\nNAME SERVER PROTECTION\r\nAlways-on DDoS protection for your Name Server (NS) that protects DNS servers against network and application layer assaults.\r\nName Server Protection also accelerates DNS responses.\r\nALL-INCLUSIVE DDOS PROTECTION\r\nIncapsula DDoS protection supports Unicast and Anycast technologies to power a many-to-many defense methodology. This automatically detects and mitigates attacks exploiting application and server vulnerabilities, hit-and-run events and large botnets.\r\n10-SECOND MITIGATION SLA\r\nWhen DDoS strikes, it takes target services moments to go down and hours to recover. Incapsula is the only service to offer a SLA-backed guarantee to detect and block all attacks in under 10 seconds.\r\nHIGH-CAPACITY NETWORK\r\nOur high-capacity global network holds over (Terabits per second) of on-demand scrubbing capacity and can process 30 billion attack packets per second. Incapsula network has successfully defended clients against some of the largest attacks on record.\r\nATTACK VISIBILITY\r\nIncapsula shows you attacks as they are happening and gives you actionable insight into Layer 7 attacks. Incapsula security dashboard lets you quickly analyze attacks and lets you adjust security policies on-the-fly to stop web application attacks.\r\nBLOCK ANY TYPE OF DDOS ATTACK\r\nIncapsula proxies all web requests to block DDoS attacks from being relayed to client origin servers. Incapsula detects and mitigates any type of attack, including:\r\n<ul><li>TCP SYN+ACK</li><li>TCP FIN</li><li>TCP RESET</li><li>TCP ACK</li><li>TCP ACK+PSH</li><li>TCP Fragment</li><li>UDP</li><li>Slowloris</li><li>Spoofing</li><li>ICMP</li><li>IGMP</li><li>HTTP Flood</li><li>Brute Force</li><li>Connection Flood</li><li>DNS Flood</li><li>NXDomain</li><li>Mixed SYN + UDP or ICMP + UDP Flood</li><li>Ping of Death</li><li>Smurf</li><li>Reflected ICMP & UDP</li><li>As well as other attacks</li></ul>","shortDescription":"Incapsula is guaranteed to mitigate any DDoS attack in under 10 seconds, regardless of its size and without getting in the way of legitimate traffic. ","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":4,"sellingCount":1,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Imperva Incapsula","keywords":"attacks, Incapsula, DDoS, against, network, PROTECTION, protection, that","description":"Incapsula can protect your organization against any DDoS threat.\r\nWEBSITE PROTECTION\r\nAlways-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications.\r\nWebsite Protection is an optional DDoS mitigation service","og:title":"Imperva Incapsula","og:description":"Incapsula can protect your organization against any DDoS threat.\r\nWEBSITE PROTECTION\r\nAlways-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications.\r\nWebsite Protection is an optional DDoS mitigation service"},"eventUrl":"","translationId":1446,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"}]}},"categories":[{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"additionalInfo":{"budgetNotExceeded":"","functionallyTaskAssignment":"","projectWasPut":"","price":0,"source":{"url":"http://investors.imperva.com/phoenix.zhtml?c=247116&p=irol-newsArticle&ID=2332060","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":847,"title":"Imperva Incapsula for ALYN Hospital","description":"The healthcare industry has fast become a soft target for cyber-attacks and with good reason. Hospitals host both financial and protected health information, while offering a number of easy access point for ransomware attacks and insider threats.<br /><br /><span style=\"font-weight: bold;\">Company background</span>\r\nALYN Woldenberg Family Hospital is Israel’s only pediatric rehabilitation facility, founded by Dr. Henry Keller back in 1932.\r\nThe hospital has a customer database of more than 70,000 patients and hosts its main website in four languages and across three different domains. In addition, they have a special projects website in both Hebrew and English, which is used for resource development and to coordinate special events. It’s where people can sign up to participate in events, but it also accepts donations.\r\nThe hospital IT team is worried that the events site could be a possible weak point, allowing hackers easier access to their systems, and the main reason they went searching for a good WAF provider.<br /><br /><span style=\"font-weight: bold;\">The Challenge</span>\r\nFive years ago, the IT team noticed an increase in cybercrime, especially in the healthcare industry. While the hospital had never experienced an attack, the security of their content management system (CMS) became a key concern. The team didn’t feel their cybersecurity vendor was updating the security on their CMS as often as they should, leaving them vulnerable and leading the team to go looking for a new vendor.\r\nPatient privacy and regulatory compliance are key concerns for ALYN Hospital and were mitigating factors in determining which cybersecurity suite to go for. This, paired with a best cost-benefit ratio and the constraints of a small IT team meant they had to find a managed system that was easy to integrate and required minimal upkeep.\r\nInitially checking out on-premise WAF systems, the team kept coming up against the cost of securing their sites and; because of strict government regulations, they were initially hesitant to move to a cloud-based system. Ultimately, however, they decided that the Incapsula cloud-based WAF was just the thing.<br /><span style=\"font-weight: bold;\"><br />The Solution</span>\r\n<span style=\"font-style: italic;\">“We looked at community reviews and talked with colleagues at other hospitals and got the impression that Incapsula is one of the best in terms of cost-benefit ratio, which is important to us, in addition to robustness, ease-of-use, and integration, which was very smooth. It all proved to be correct, for which I am very glad,” </span>said Uri Inbar, Director of IT for ALYN Hospital.\r\nIntegration took less than a day and ALYN Hospital still manages its servers in-house, with a staff member who is now dedicated to security. Incapsula has been low maintenance from the start, so, while customer support was with them every step of the way at the beginning; they haven’t needed any for the last few years because the system has been running smoothly on its own.\r\n<span style=\"font-style: italic;\">“It gives us peace of mind to know that someone has dedicated themselves to the subject and keeps us updated. It’s one less worry to take care of.”</span><br /><br /><span style=\"font-weight: bold;\">Benefits</span>\r\n<span style=\"font-style: italic;\">Increased visibility for monitoring security threats:</span>\r\nThe Incapsula dashboard is easy to use and provides information that helps ALYN Hospital keep its systems secure. And for their special projects, they can even see which countries are generating the most traffic.\r\n<span style=\"font-style: italic;\">24/7 DDoS mitigation:</span>\r\nALYN Hospital uses Incapsula’s DDoS protection, which significantly improves security and reduces down time by fending off attacks.\r\n<span style=\"font-style: italic;\">Good cost-benefit ratio:</span><br />One of the most important aspects of any new security system for ALYN, the costs were reasonable, especially given the security benefits they received from the Incapsula system.\r\n<span style=\"font-style: italic;\">Faster content delivery:</span><br />While no formal studies were done, the IT staff has heard from some users that their CDN is delivering content faster than before. Just one more benefit of using Incapsula.","alias":"imperva-incapsula-for-alyn-hospital","roi":0,"seo":{"title":"Imperva Incapsula for ALYN Hospital","keywords":"","description":"The healthcare industry has fast become a soft target for cyber-attacks and with good reason. Hospitals host both financial and protected health information, while offering a number of easy access point for ransomware attacks and insider threats.<br /><br /><s","og:title":"Imperva Incapsula for ALYN Hospital","og:description":"The healthcare industry has fast become a soft target for cyber-attacks and with good reason. Hospitals host both financial and protected health information, while offering a number of easy access point for ransomware attacks and insider threats.<br /><br /><s"},"deal_info":"","user":{"id":5863,"title":"ALYN Hospital","logoURL":"https://old.roi4cio.com/uploads/roi/company/ALYN_Hospital.png","alias":"alyn-hospital","address":"","roles":[],"description":" ALYN Hospital / ALYN Woldenberg Family Hospital is Israel's only pediatric and adolescent rehabilitation facility. ALYN treats children with a wide range of congenital and acquired conditions, including cerebral palsy, neuromuscular diseases, spinal cord injuries, brain injuries, burns, terror and motor vehicle accident victims. We are proud of our reputation at ALYN as a leading hospital worldwide in the field of Pediatric Rehabilitation.\r\n\r\n","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":2,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://www.alyn.org/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"ALYN Hospital","keywords":"","description":" ALYN Hospital / ALYN Woldenberg Family Hospital is Israel's only pediatric and adolescent rehabilitation facility. ALYN treats children with a wide range of congenital and acquired conditions, including cerebral palsy, neuromuscular diseases, spinal cord inju","og:title":"ALYN Hospital","og:description":" ALYN Hospital / ALYN Woldenberg Family Hospital is Israel's only pediatric and adolescent rehabilitation facility. ALYN treats children with a wide range of congenital and acquired conditions, including cerebral palsy, neuromuscular diseases, spinal cord inju","og:image":"https://old.roi4cio.com/uploads/roi/company/ALYN_Hospital.png"},"eventUrl":""},"supplier":{"id":207,"title":"Imperva","logoURL":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png","alias":"imperva","address":"","roles":[],"description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has more than 4,500 customers and 500 partners in over 90 countries.","companyTypes":[],"products":{},"vendoredProductsCount":5,"suppliedProductsCount":5,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":6,"vendorImplementationsCount":7,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"www.imperva.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Imperva","keywords":"Imperva, software, Shores, California, Redwood, Headquartered, over, countries","description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:title":"Imperva","og:description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:image":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png"},"eventUrl":""},"vendors":[{"id":207,"title":"Imperva","logoURL":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png","alias":"imperva","address":"","roles":[],"description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has more than 4,500 customers and 500 partners in over 90 countries.","companyTypes":[],"products":{},"vendoredProductsCount":5,"suppliedProductsCount":5,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":6,"vendorImplementationsCount":7,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"www.imperva.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Imperva","keywords":"Imperva, software, Shores, California, Redwood, Headquartered, over, countries","description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:title":"Imperva","og:description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:image":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png"},"eventUrl":""}],"products":[{"id":1581,"logo":false,"scheme":false,"title":"Imperva Incapsula","vendorVerified":0,"rating":"1.70","implementationsCount":3,"suppliersCount":0,"alias":"imperva-incapsula","companyTypes":[],"description":"Incapsula can protect your organization against any DDoS threat.\r\nWEBSITE PROTECTION\r\nAlways-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications.\r\nWebsite Protection is an optional DDoS mitigation service that can be added to any Website Security subscription.\r\nINFRASTRUCTURE PROTECTION\r\nOn-demand or always-on protection against DDoS attacks that directly target your network infrastructure.\r\nInfrastructure Protection can be used to defend entire subnets.\r\nNAME SERVER PROTECTION\r\nAlways-on DDoS protection for your Name Server (NS) that protects DNS servers against network and application layer assaults.\r\nName Server Protection also accelerates DNS responses.\r\nALL-INCLUSIVE DDOS PROTECTION\r\nIncapsula DDoS protection supports Unicast and Anycast technologies to power a many-to-many defense methodology. This automatically detects and mitigates attacks exploiting application and server vulnerabilities, hit-and-run events and large botnets.\r\n10-SECOND MITIGATION SLA\r\nWhen DDoS strikes, it takes target services moments to go down and hours to recover. Incapsula is the only service to offer a SLA-backed guarantee to detect and block all attacks in under 10 seconds.\r\nHIGH-CAPACITY NETWORK\r\nOur high-capacity global network holds over (Terabits per second) of on-demand scrubbing capacity and can process 30 billion attack packets per second. Incapsula network has successfully defended clients against some of the largest attacks on record.\r\nATTACK VISIBILITY\r\nIncapsula shows you attacks as they are happening and gives you actionable insight into Layer 7 attacks. Incapsula security dashboard lets you quickly analyze attacks and lets you adjust security policies on-the-fly to stop web application attacks.\r\nBLOCK ANY TYPE OF DDOS ATTACK\r\nIncapsula proxies all web requests to block DDoS attacks from being relayed to client origin servers. Incapsula detects and mitigates any type of attack, including:\r\n<ul><li>TCP SYN+ACK</li><li>TCP FIN</li><li>TCP RESET</li><li>TCP ACK</li><li>TCP ACK+PSH</li><li>TCP Fragment</li><li>UDP</li><li>Slowloris</li><li>Spoofing</li><li>ICMP</li><li>IGMP</li><li>HTTP Flood</li><li>Brute Force</li><li>Connection Flood</li><li>DNS Flood</li><li>NXDomain</li><li>Mixed SYN + UDP or ICMP + UDP Flood</li><li>Ping of Death</li><li>Smurf</li><li>Reflected ICMP & UDP</li><li>As well as other attacks</li></ul>","shortDescription":"Incapsula is guaranteed to mitigate any DDoS attack in under 10 seconds, regardless of its size and without getting in the way of legitimate traffic. ","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":4,"sellingCount":1,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Imperva Incapsula","keywords":"attacks, Incapsula, DDoS, against, network, PROTECTION, protection, that","description":"Incapsula can protect your organization against any DDoS threat.\r\nWEBSITE PROTECTION\r\nAlways-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications.\r\nWebsite Protection is an optional DDoS mitigation service","og:title":"Imperva Incapsula","og:description":"Incapsula can protect your organization against any DDoS threat.\r\nWEBSITE PROTECTION\r\nAlways-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications.\r\nWebsite Protection is an optional DDoS mitigation service"},"eventUrl":"","translationId":1446,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]},{"id":3635,"logo":false,"scheme":false,"title":"Imperva Application Security","vendorVerified":0,"rating":"0.00","implementationsCount":1,"suppliersCount":0,"alias":"imperva-application-security","companyTypes":[],"description":"Imperva Application Security mitigates risk for your business with full-function defense-in-depth, providing protection wherever you choose to deploy - in the cloud, on-premises, or via a hybrid model. Imperva offers advanced analytics to quickly identify the threats that matter, DDoS protection with a 3-second mitigation SLA, a developer-friendly Content Delivery Network (CDN) for the utmost performance, Web Application Firewall (WAF) solutions, bot protection, Runtime Application Self-Protection (RASP) for security embedded into the application itself, and more.<br /><br /><span style=\"font-weight: bold;\">Attack Analytics</span>\r\n<ul><li>Automatically correlate and extract meaningful narratives from thousands of security events, using machine learning</li></ul>\r\n<ul><li>Reduce risk by combating alert fatigue</li></ul>\r\n<ul><li>See attacks from the edge to the heart of the network, incorporating behavioral attack data from every customer we protect</li></ul>\r\n <br /><span style=\"font-weight: bold;\">DDoS Protection</span>\r\n<ul><li>Best-in-the-industry 3-second mitigation SLA</li></ul>\r\n<ul><li>Automatic detection and mitigation</li></ul>\r\n<ul><li>Available in always-on or on-demand mode</li></ul>\r\n<ul><li>44 global scrubbing centers, 6+ Tbps of scrubbing capacity at 65 billion Packets-Per-Second (PPS)</li></ul>\r\n <br /><span style=\"font-weight: bold;\">CDN</span>\r\n<ul><li>Fast onboarding with a simple DNS change</li></ul>\r\n<ul><li>Offload origin bandwidth via automatic content profiling</li></ul>\r\n<ul><li>Layer 7 cloud load balancing with redirect and rewrite rules</li></ul>\r\n <br /><span style=\"font-weight: bold;\">Cloud WAF</span>\r\n<ul><li>Little to no tuning required</li></ul>\r\n<ul><li>Deploy in blocking mode with near-zero false positives</li></ul>\r\n<ul><li>A managed service backed by a team of security experts</li></ul>\r\n <br /><span style=\"font-weight: bold;\">WAF Gateway</span>\r\n<ul><li>Ideal for highly-regulated industries like financial services and healthcare</li></ul>\r\n<ul><li>Dynamically profile application structure and usage, blocking anomalies and illegal traffic</li></ul>\r\n<ul><li>Highly configurable to allow tight protection of your specific applications</li></ul>\r\n<span style=\"font-weight: bold;\"> <br />Runtime Application Self-Protection</span>\r\n<ul><li>Push code into production fast with security embedded</li></ul>\r\n<ul><li>Autonomous protection blocks real-time attacks without added latency</li></ul>\r\n<ul><li>Works in any type of deployment architecture including on-premises, in the cloud, and in containers</li></ul>","shortDescription":"Imperva Application Security provides multi-layered protection to make applications and websites always available, always user-friendly, and always secure","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":6,"sellingCount":20,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Imperva Application Security","keywords":"","description":"Imperva Application Security mitigates risk for your business with full-function defense-in-depth, providing protection wherever you choose to deploy - in the cloud, on-premises, or via a hybrid model. Imperva offers advanced analytics to quickly identify the ","og:title":"Imperva Application Security","og:description":"Imperva Application Security mitigates risk for your business with full-function defense-in-depth, providing protection wherever you choose to deploy - in the cloud, on-premises, or via a hybrid model. Imperva offers advanced analytics to quickly identify the "},"eventUrl":"","translationId":3636,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[{"id":98,"title":"Israel","name":"ISR"}],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"},{"id":7,"title":"Improve Customer Service"},{"id":306,"title":"Manage Risks"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":370,"title":"No automated business processes"},{"id":374,"title":"IT infrastructure downtimes"},{"id":384,"title":"Risk of attacks by hackers"},{"id":386,"title":"Risk of lost access to data and IT systems"},{"id":400,"title":"High costs"}]}},"categories":[{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"},{"id":5,"title":"Security Software","alias":"security-software","description":" Computer security software or cybersecurity software is any computer program designed to enhance information security. Security software is a broad term that encompasses a suite of different types of software that deliver data and computer and network security in various forms. \r\nSecurity software can protect a computer from viruses, malware, unauthorized users and other security exploits originating from the Internet. Different types of security software include anti-virus software, firewall software, network security software, Internet security software, malware/spamware removal and protection software, cryptographic software, and more.\r\nIn end-user computing environments, anti-spam and anti-virus security software is the most common type of software used, whereas enterprise users add a firewall and intrusion detection system on top of it. \r\nSecurity soft may be focused on preventing attacks from reaching their target, on limiting the damage attacks can cause if they reach their target and on tracking the damage that has been caused so that it can be repaired. As the nature of malicious code evolves, security software also evolves.<span style=\"font-weight: bold; \"></span>\r\n<span style=\"font-weight: bold; \">Firewall. </span>Firewall security software prevents unauthorized users from accessing a computer or network without restricting those who are authorized. Firewalls can be implemented with hardware or software. Some computer operating systems include software firewalls in the operating system itself. For example, Microsoft Windows has a built-in firewall. Routers and servers can include firewalls. There are also dedicated hardware firewalls that have no other function other than protecting a network from unauthorized access.\r\n<span style=\"font-weight: bold; \">Antivirus.</span> Antivirus solutions work to prevent malicious code from attacking a computer by recognizing the attack before it begins. But it is also designed to stop an attack in progress that could not be prevented, and to repair damage done by the attack once the attack abates. Antivirus software is useful because it addresses security issues in cases where attacks have made it past a firewall. New computer viruses appear daily, so antivirus and security software must be continuously updated to remain effective.\r\n<span style=\"font-weight: bold; \">Antispyware.</span> While antivirus software is designed to prevent malicious software from attacking, the goal of antispyware software is to prevent unauthorized software from stealing information that is on a computer or being processed through the computer. Since spyware does not need to attempt to damage data files or the operating system, it does not trigger antivirus software into action. However, antispyware software can recognize the particular actions spyware is taking by monitoring the communications between a computer and external message recipients. When communications occur that the user has not authorized, antispyware can notify the user and block further communications.\r\n<span style=\"font-weight: bold; \">Home Computers.</span> Home computers and some small businesses usually implement security software at the desktop level - meaning on the PC itself. This category of computer security and protection, sometimes referred to as end-point security, remains resident, or continuously operating, on the desktop. Because the software is running, it uses system resources, and can slow the computer's performance. However, because it operates in real time, it can react rapidly to attacks and seek to shut them down when they occur.\r\n<span style=\"font-weight: bold; \">Network Security.</span> When several computers are all on the same network, it's more cost-effective to implement security at the network level. Antivirus software can be installed on a server and then loaded automatically to each desktop. However firewalls are usually installed on a server or purchased as an independent device that is inserted into the network where the Internet connection comes in. All of the computers inside the network communicate unimpeded, but any data going in or out of the network over the Internet is filtered trough the firewall.<br /><br /><br />","materialsDescription":"<h1 class=\"align-center\"> <span style=\"font-weight: normal; \">What is IT security software?</span></h1>\r\nIT security software provides protection to businesses’ computer or network. It serves as a defense against unauthorized access and intrusion in such a system. It comes in various types, with many businesses and individuals already using some of them in one form or another.\r\nWith the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations. Since more and more businesses are now relying their crucial operations on software products, the importance of security system software assurance must be taken seriously – now more than ever. Having reliable protection such as a security software programs is crucial to safeguard your computing environments and data. \r\n<p class=\"align-left\">It is not just the government or big corporations that become victims of cyber threats. In fact, small and medium-sized businesses have increasingly become targets of cybercrime over the past years. </p>\r\n<h1 class=\"align-center\"><span style=\"font-weight: normal; \">What are the features of IT security software?</span></h1>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Automatic updates. </span>This ensures you don’t miss any update and your system is the most up-to-date version to respond to the constantly emerging new cyber threats.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Real-time scanning.</span> Dynamic scanning features make it easier to detect and infiltrate malicious entities promptly. Without this feature, you’ll risk not being able to prevent damage to your system before it happens.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Auto-clean.</span> A feature that rids itself of viruses even without the user manually removing it from its quarantine zone upon detection. Unless you want the option to review the malware, there is no reason to keep the malicious software on your computer which makes this feature essential.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Multiple app protection.</span> This feature ensures all your apps and services are protected, whether they’re in email, instant messenger, and internet browsers, among others.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application level security.</span> This enables you to control access to the application on a per-user role or per-user basis to guarantee only the right individuals can enter the appropriate applications.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Role-based menu.</span> This displays menu options showing different users according to their roles for easier assigning of access and control.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Row-level (multi-tenant) security.</span> This gives you control over data access at a row-level for a single application. This means you can allow multiple users to access the same application but you can control the data they are authorized to view.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Single sign-on.</span> A session or user authentication process that allows users to access multiple related applications as long as they are authorized in a single session by only logging in their name and password in a single place.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">User privilege parameters.</span> These are customizable features and security as per individual user or role that can be accessed in their profile throughout every application.</li></ul>\r\n\r\n<ul><li><span style=\"font-weight: bold; \">Application activity auditing.</span> Vital for IT departments to quickly view when a user logged in and off and which application they accessed. Developers can log end-user activity using their sign-on/signoff activities.</li></ul>\r\n<p class=\"align-left\"><br /><br /><br /><br /></p>","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_Security_Software.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.imperva.com/resources/customers/case-studies/alyn-woldenberg-hospital/","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":662,"title":"Imperva Incapsula for Marketing Software Provider","description":"Description is not ready yet","alias":"imperva-incapsula-for-marketing-software-provider","roi":0,"seo":{"title":"Imperva Incapsula for Marketing Software Provider","keywords":"","description":"Description is not ready yet","og:title":"Imperva Incapsula for Marketing Software Provider","og:description":"Description is not ready yet"},"deal_info":"","user":{"id":4256,"title":"NetRefer","logoURL":"https://old.roi4cio.com/uploads/roi/company/NetRefer.png","alias":"netrefer","address":"","roles":[],"description":"<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">NetRefer is the industry leader in the provision of Unified Performance Marketing. We power the most successful and high-volume partner programs through a centralized and scalable platform of products.</span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \"><br /></span>\r\n<span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">At NetRefer we place our clients at the heart of everything that we do. Our goal is to maintain High Quality Client Service. Our focus revolves around the capability and capacity of our people to deliver effective and efficient integrated services within a culture of continuous improvement.</span>","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":2,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"https://netrefer.com/","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"NetRefer","keywords":"NetRefer, Marketing, capability, industry, maintain, High, Quality, Client","description":"<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">NetRefer is the industry leader in the provision of Unified Performance Marketing. We power the most successful and high-volume partner programs through a centralized a","og:title":"NetRefer","og:description":"<div><span style=\"color: rgb(0, 0, 0); font-family: Verdana, sans-serif; font-size: 12px; \">NetRefer is the industry leader in the provision of Unified Performance Marketing. We power the most successful and high-volume partner programs through a centralized a","og:image":"https://old.roi4cio.com/uploads/roi/company/NetRefer.png"},"eventUrl":""},"supplier":{"id":207,"title":"Imperva","logoURL":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png","alias":"imperva","address":"","roles":[],"description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has more than 4,500 customers and 500 partners in over 90 countries.","companyTypes":[],"products":{},"vendoredProductsCount":5,"suppliedProductsCount":5,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":6,"vendorImplementationsCount":7,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"www.imperva.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Imperva","keywords":"Imperva, software, Shores, California, Redwood, Headquartered, over, countries","description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:title":"Imperva","og:description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:image":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png"},"eventUrl":""},"vendors":[{"id":207,"title":"Imperva","logoURL":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png","alias":"imperva","address":"","roles":[],"description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has more than 4,500 customers and 500 partners in over 90 countries.","companyTypes":[],"products":{},"vendoredProductsCount":5,"suppliedProductsCount":5,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":6,"vendorImplementationsCount":7,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"www.imperva.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Imperva","keywords":"Imperva, software, Shores, California, Redwood, Headquartered, over, countries","description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:title":"Imperva","og:description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:image":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png"},"eventUrl":""}],"products":[{"id":1581,"logo":false,"scheme":false,"title":"Imperva Incapsula","vendorVerified":0,"rating":"1.70","implementationsCount":3,"suppliersCount":0,"alias":"imperva-incapsula","companyTypes":[],"description":"Incapsula can protect your organization against any DDoS threat.\r\nWEBSITE PROTECTION\r\nAlways-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications.\r\nWebsite Protection is an optional DDoS mitigation service that can be added to any Website Security subscription.\r\nINFRASTRUCTURE PROTECTION\r\nOn-demand or always-on protection against DDoS attacks that directly target your network infrastructure.\r\nInfrastructure Protection can be used to defend entire subnets.\r\nNAME SERVER PROTECTION\r\nAlways-on DDoS protection for your Name Server (NS) that protects DNS servers against network and application layer assaults.\r\nName Server Protection also accelerates DNS responses.\r\nALL-INCLUSIVE DDOS PROTECTION\r\nIncapsula DDoS protection supports Unicast and Anycast technologies to power a many-to-many defense methodology. This automatically detects and mitigates attacks exploiting application and server vulnerabilities, hit-and-run events and large botnets.\r\n10-SECOND MITIGATION SLA\r\nWhen DDoS strikes, it takes target services moments to go down and hours to recover. Incapsula is the only service to offer a SLA-backed guarantee to detect and block all attacks in under 10 seconds.\r\nHIGH-CAPACITY NETWORK\r\nOur high-capacity global network holds over (Terabits per second) of on-demand scrubbing capacity and can process 30 billion attack packets per second. Incapsula network has successfully defended clients against some of the largest attacks on record.\r\nATTACK VISIBILITY\r\nIncapsula shows you attacks as they are happening and gives you actionable insight into Layer 7 attacks. Incapsula security dashboard lets you quickly analyze attacks and lets you adjust security policies on-the-fly to stop web application attacks.\r\nBLOCK ANY TYPE OF DDOS ATTACK\r\nIncapsula proxies all web requests to block DDoS attacks from being relayed to client origin servers. Incapsula detects and mitigates any type of attack, including:\r\n<ul><li>TCP SYN+ACK</li><li>TCP FIN</li><li>TCP RESET</li><li>TCP ACK</li><li>TCP ACK+PSH</li><li>TCP Fragment</li><li>UDP</li><li>Slowloris</li><li>Spoofing</li><li>ICMP</li><li>IGMP</li><li>HTTP Flood</li><li>Brute Force</li><li>Connection Flood</li><li>DNS Flood</li><li>NXDomain</li><li>Mixed SYN + UDP or ICMP + UDP Flood</li><li>Ping of Death</li><li>Smurf</li><li>Reflected ICMP & UDP</li><li>As well as other attacks</li></ul>","shortDescription":"Incapsula is guaranteed to mitigate any DDoS attack in under 10 seconds, regardless of its size and without getting in the way of legitimate traffic. ","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":4,"sellingCount":1,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Imperva Incapsula","keywords":"attacks, Incapsula, DDoS, against, network, PROTECTION, protection, that","description":"Incapsula can protect your organization against any DDoS threat.\r\nWEBSITE PROTECTION\r\nAlways-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications.\r\nWebsite Protection is an optional DDoS mitigation service","og:title":"Imperva Incapsula","og:description":"Incapsula can protect your organization against any DDoS threat.\r\nWEBSITE PROTECTION\r\nAlways-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications.\r\nWebsite Protection is an optional DDoS mitigation service"},"eventUrl":"","translationId":1446,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":4,"title":"Reduce Costs"},{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":282,"title":"Unauthorized access to corporate IT systems and data"},{"id":336,"title":"Risk or Leaks of confidential information"},{"id":384,"title":"Risk of attacks by hackers"},{"id":385,"title":"Risk of data loss or damage"},{"id":386,"title":"Risk of lost access to data and IT systems"}]}},"categories":[{"id":562,"title":"DDoS Protection - Appliance","alias":"ddos-protection-appliance","description":"A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks.\r\nBuying a DDoS mitigation appliance can be highly confusing, especially if you have never done this before. While selecting a DDoS protection solution you must understand the right features and have proper background knowledge. In case of distributed denial of service attacks, the bandwidth or resources of any targeted network is flooded with a large amount of malicious traffic. As a result, the system becomes overloaded and crashes. The legitimate users of the network are denied the service. The mail servers, DNS servers and the servers which host high-profile websites are the main target of DDOS attacks. Customers who use services of any shared network are also affected by these attacks. Therefore, anti-DDOS appliances are now vital.","materialsDescription":"<span style=\"font-weight: bold;\">DDoS mitigation solution</span>\r\nThere are two types of DDoS mitigation appliances. These include software and hardware solutions. Identical functions may be claimed by both forms of DDoS protection.\r\n<ul><li>Firewalls are the most common protection appliance, which can deny protocols, IP addresses or ports. However, they are not enough strong to provide protection from the more complicated DDoS attacks.</li><li>Switches are also effective solutions for preventing DDoS attacks. Most of these switches possess rate limiting capability and ACL. Some switches provide packet inspection, traffic shaping, delayed binding and rate limiting. They can detect the fake traffic through balancing and rate filtering.</li><li>Like switches, routers also have rate limiting and ACL capability. Most routers are capable of moving under DoS attacks.</li><li>Intrusion prevention systems are another option for you when it comes to protection from DDoS attacks. This solution can be effective in several cases of DDoS attacks. It can identify DDoS attacks and stop them because they possess the granularity as well as processing power required for identifying the attacks. Then they work in an automated manner to resolve the situation.</li><li>There are also rate-based intrusion prevention mechanisms, which are capable of analyzing traffic granularity. This system can also monitor the pattern of traffic.</li></ul>\r\nYou must check the connectivity while selecting a DDoS mitigation appliance. Capacity is also an important aspect of a DDoS protection solutions. You must figure out the number of ports, IPs, protocols, hosts, URLs and user agents that can be monitored by the appliance. An effective DDoS mitigation solution must also be properly customizable. Your DDoS mitigation appliance should be such that it can be upgraded according to your requirements. These are some important factors that you need to consider while choosing a DDoS mitigation appliance for your system.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection_Appliance.png"},{"id":457,"title":"DDoS Protection","alias":"ddos-protection","description":" A denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.\r\nIn a distributed denial-of-service attack (DDoS attack), the incoming traffic flooding the victim originates from many different sources. This effectively makes it impossible to stop the attack simply by blocking a single source.\r\nA DoS or DDoS attack is analogous to a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter, disrupting trade.\r\nCriminal perpetrators of DoS attacks often target sites or services hosted on high-profile web servers such as banks or credit card payment gateways. Revenge, blackmail and activism can motivate these attacks. ","materialsDescription":" <span style=\"font-weight: bold;\">What are the Different Types of DDoS Attacks?</span>\r\nDistributed Denial of Service attacks vary significantly, and there are thousands of different ways an attack can be carried out (attack vectors), but an attack vector will generally fall into one of three broad categories:\r\n<span style=\"font-weight: bold;\">Volumetric Attacks:</span>\r\nVolumetric attacks attempt to consume the bandwidth either within the target network/service or between the target network/service and the rest of the Internet. These attacks are simply about causing congestion.\r\n<span style=\"font-weight: bold;\">TCP State-Exhaustion Attacks:</span>\r\nTCP State-Exhaustion attacks attempt to consume the connection state tables which are present in many infrastructure components such as load-balancers, firewalls and the application servers themselves. Even high capacity devices capable of maintaining state on millions of connections can be taken down by these attacks.\r\n<span style=\"font-weight: bold;\">Application Layer Attacks:</span>\r\nApplication Layer attacks target some aspect of an application or service at Layer-7. These are the deadliest kind of attacks as they can be very effective with as few as one attacking machine generating a low traffic rate (this makes these attacks very difficult to proactively detect and mitigate). Application layer attacks have come to prevalence over the past three or four years and simple application layer flood attacks (HTTP GET flood etc.) have been some of the most common denials of service attacks seen in the wild.","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_DDoS_Protection.png"},{"id":481,"title":"WAF-web application firewall","alias":"waf-web-application-firewall","description":"A <span style=\"font-weight: bold; \">WAF (Web Application Firewall)</span> helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors.\r\nIn recent years, web application security has become increasingly important, especially after web application attacks ranked as the most common reason for breaches, as reported in the Verizon Data Breach Investigations Report. WAFs have become a critical component of web application security, and guard against web application vulnerabilities while providing the ability to customize the security rules for each application. As WAF is inline with traffic, some functions are conveniently implemented by a load balancer.\r\nAccording to the PCI Security Standards Council, WAFs function as “a security policy enforcement point positioned between a web application and the client endpoint. This functionality can be implemented in software or hardware, running in an appliance device, or in a typical server running a common operating system. It may be a stand-alone device or integrated into other network components.”\r\nBy deploying a WAF firewall in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a web firewall is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.\r\nA WAF operates through a set of rules often called <span style=\"font-weight: bold; \">policies.</span> These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF management comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.\r\nWAF solutions can be deployed in several ways—it all depends on where your applications are deployed, the services needed, how you want to manage it, and the level of architectural flexibility and performance you require. Do you want to manage it yourself, or do you want to outsource that management? Is it a better model to have a cloud WAF service, option or do you want your WAF to sit on-premises?\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">A WAF products can be implemented one of three different ways:</span></p>\r\n<ul><li><span style=\"font-weight: bold; \">A network-based WAF</span> is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment.</li><li><span style=\"font-weight: bold; \">A host-based WAF</span> may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly.</li><li><span style=\"font-weight: bold; \">Cloud-based WAFs</span> offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third-party, therefore some features of the WAF may be a black box to them. </li></ul>\r\n<p class=\"align-left\"> </p>\r\n\r\n","materialsDescription":"<p class=\"align-center\"><span style=\"color: rgb(97, 97, 97); \"><span style=\"font-weight: bold; \">What types of attack WAF prevents?</span></span></p>\r\n<p class=\"align-left\"><span style=\"color: rgb(97, 97, 97); \">WAFs can prevent many attacks, including:</span></p>\r\n<ul><li><span style=\"color: rgb(97, 97, 97); \">Cross-site Scripting (XSS) — Attackers inject client-side scripts into web pages viewed by other users.</span></li><li><span style=\"color: rgb(97, 97, 97); \">SQL injection — Malicious code is inserted or injected into an web entry field that allows attackers to compromise the application and underlying systems.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Cookie poisoning — Modification of a cookie to gain unauthorized information about the user for purposes such as identity theft.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Unvalidated input — Attackers tamper with HTTP request (including the url, headers and form fields) to bypass the site’s security mechanisms.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Layer 7 DoS — An HTTP flood attack that utilizes valid requests in typical URL data retrievals.</span></li><li><span style=\"color: rgb(97, 97, 97); \">Web scraping — Data scraping used for extracting data from websites.</span><span style=\"font-weight: bold; \"></span></li></ul>\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What are some WAFs Benefits?</span></p>\r\nWeb app firewall prevents attacks that try to take advantage of the vulnerabilities in web-based applications. The vulnerabilities are common in legacy applications or applications with poor coding or designs. WAFs handle the code deficiencies with custom rules or policies.\r\nIntelligent WAFs provide real-time insights into application traffic, performance, security and threat landscape. This visibility gives administrators the flexibility to respond to the most sophisticated attacks on protected applications.\r\nWhen the Open Web Application Security Project identifies the OWASP top vulnerabilities, WAFs allow administrators to create custom security rules to combat the list of potential attack methods. An intelligent WAF analyzes the security rules matching a particular transaction and provides a real-time view as attack patterns evolve. Based on this intelligence, the WAF can reduce false positives.\r\n<p class=\"align-center\"><span style=\"font-weight: bold; \">What is the difference between a firewall and a Web Application Firewall?</span></p>\r\nA traditional firewall protects the flow of information between servers while a web application firewall is able to filter traffic for a specific web application. Network firewalls and web application firewalls are complementary and can work together.\r\nTraditional security methods include network firewalls, intrusion detection systems (IDS) and intrusion prevention systems (IPS). They are effective at blocking bad L3-L4 traffic at the perimeter on the lower end (L3-L4) of the Open Systems Interconnection (OSI) model. Traditional firewalls cannot detect attacks in web applications because they do not understand Hypertext Transfer Protocol (HTTP) which occurs at layer 7 of the OSI model. They also only allow the port that sends and receives requested web pages from an HTTP server to be open or closed. This is why web application firewalls are effective for preventing attacks like SQL injections, session hijacking and Cross-Site Scripting (XSS).","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_WAF_web_application_firewall.png"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"http://investors.imperva.com/phoenix.zhtml?c=247116&p=irol-newsArticle&ID=2332060","title":"Web-site of vendor"}},"comments":[],"referencesCount":0},{"id":664,"title":"Imperva SecureSphere Database Firewall for Global Computer Technology Company","description":"One of the largest computer technology companies in the world replaced their IBM Guardium deployment with Imperva SecureSphere, to audit and protect their database environment. Switching to SecureSphere reduced operational costs by over 70%, saving the company $1.9M a year in recurring labor and support costs.\r\nThis level of ongoing cost savings was a huge win for the company that operates with razor-thin margins, in a price-competitive industry. In addition to operating margin pressure, this Fortune 500 company had to address SOX and PCI-DSS regulations, on a global scale. The company’s over 100,000 employees developed, manufactured, and serviced the company’s products worldwide. For years, the company tried to expand their IBM Guardium deployment beyond the 500 databases it covered, but was hindered by the overwhelming amount of labor required. This meant that some critical databases could not be monitored, which introduced compliance and security risks the company deemed unacceptable.\r\nThe high labor cost was mainly due to Guardium’s architecture deficiencies, which required a large number of virtual appliances, to cover the company’s 500 databases. The volume of virtual appliances made the deployment complicated and costly to operate. Furthermore, Guardium’s integration with the company’s Remedy change ticketing and workflow system was cumbersome, and presented many challenges.\r\nA huge amount of manual labor was associated with vetting false positives around Remedy change tickets; copying and pasting ticket events into emails to database administrators; and reconciling administrator responses with the events in question. The Guardium deficiencies ultimately required the company to employ a large number of full time staff, to manage the Guardium virtual server farm, and to compensate for the awkward Remedy integration. These factors, combined with Guardium’s support renewal costs, forced the company to evaluate other vendor","alias":"imperva-securesphere-database-firewall-for-global-computer-technology-company","roi":0,"seo":{"title":"Imperva SecureSphere Database Firewall for Global Computer Technology Company","keywords":"","description":"One of the largest computer technology companies in the world replaced their IBM Guardium deployment with Imperva SecureSphere, to audit and protect their database environment. Switching to SecureSphere reduced operational costs by over 70%, saving the company","og:title":"Imperva SecureSphere Database Firewall for Global Computer Technology Company","og:description":"One of the largest computer technology companies in the world replaced their IBM Guardium deployment with Imperva SecureSphere, to audit and protect their database environment. Switching to SecureSphere reduced operational costs by over 70%, saving the company"},"deal_info":"","user":{"id":4195,"title":"Hidden user","logoURL":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg","alias":"skrytyi-polzovatel","address":"","roles":[],"description":"User Information is confidential ","companyTypes":[],"products":{},"vendoredProductsCount":0,"suppliedProductsCount":0,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":98,"supplierImplementationsCount":0,"vendorImplementationsCount":0,"vendorPartnersCount":0,"supplierPartnersCount":0,"b4r":0,"categories":{},"companyUrl":"","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Hidden user","keywords":"Hidden, user, User, Information, confidential","description":"User Information is confidential ","og:title":"Hidden user","og:description":"User Information is confidential ","og:image":"https://old.roi4cio.com/uploads/roi/company/hidden_user.jpg"},"eventUrl":""},"supplier":{"id":207,"title":"Imperva","logoURL":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png","alias":"imperva","address":"","roles":[],"description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has more than 4,500 customers and 500 partners in over 90 countries.","companyTypes":[],"products":{},"vendoredProductsCount":5,"suppliedProductsCount":5,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":6,"vendorImplementationsCount":7,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"www.imperva.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Imperva","keywords":"Imperva, software, Shores, California, Redwood, Headquartered, over, countries","description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:title":"Imperva","og:description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:image":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png"},"eventUrl":""},"vendors":[{"id":207,"title":"Imperva","logoURL":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png","alias":"imperva","address":"","roles":[],"description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has more than 4,500 customers and 500 partners in over 90 countries.","companyTypes":[],"products":{},"vendoredProductsCount":5,"suppliedProductsCount":5,"supplierImplementations":[],"vendorImplementations":[],"userImplementations":[],"userImplementationsCount":0,"supplierImplementationsCount":6,"vendorImplementationsCount":7,"vendorPartnersCount":0,"supplierPartnersCount":2,"b4r":0,"categories":{},"companyUrl":"www.imperva.com","countryCodes":[],"certifications":[],"isSeller":false,"isSupplier":false,"isVendor":false,"presenterCodeLng":"","seo":{"title":"Imperva","keywords":"Imperva, software, Shores, California, Redwood, Headquartered, over, countries","description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:title":"Imperva","og:description":"Imperva provides cyber security software and services to protect companies’ sensitive data and application software from both external attacks and internal threats, and to ensure regulatory compliance. Headquartered in Redwood Shores, California, Imperva has m","og:image":"https://old.roi4cio.com/uploads/roi/company/imperva_logo.png"},"eventUrl":""}],"products":[{"id":1601,"logo":false,"scheme":false,"title":"Imperva SecureSphere Database Firewall","vendorVerified":0,"rating":"1.70","implementationsCount":1,"suppliersCount":0,"alias":"imperva-securesphere-database-firewall","companyTypes":[],"description":"SecureSphere use two monitoring channels – one for security policies and one for audit policies. The independence enables resource and task optimization that is not possible with a single channel.\r\nSecureSphere Database Firewall\r\n<ul> <li>Logs only what activity is necessary while monitoring all activity for security violations</li> <li>Monitors and protects high-transaction databases</li> <li>Blocks suspicious behavior when it happens – investigate in-context</li> <li>Executes multi-action security alerts, eliminating bottlenecks and delays</li> <li>Interlocks database protection with the SecureSphere Web Application Firewall, CounterBreach Insider threat protection, and malware protection, providing multifactored data security</li> </ul>\r\nSecureSphere helps organizations address compliance regulations including GDPR, PCI DSS, SOX, POPI, and HIPAA.","shortDescription":"SecureSphere Database Firewall effectively protects databases from attacks, data loss and theft.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":17,"sellingCount":3,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Imperva SecureSphere Database Firewall","keywords":"SecureSphere, security, Firewall, protection, with, activity, policies, Database","description":"SecureSphere use two monitoring channels – one for security policies and one for audit policies. The independence enables resource and task optimization that is not possible with a single channel.\r\nSecureSphere Database Firewall\r\n<ul> <li>Logs only w","og:title":"Imperva SecureSphere Database Firewall","og:description":"SecureSphere use two monitoring channels – one for security policies and one for audit policies. The independence enables resource and task optimization that is not possible with a single channel.\r\nSecureSphere Database Firewall\r\n<ul> <li>Logs only w"},"eventUrl":"","translationId":1572,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":542,"title":"UTM - Unified Threat Management Appliance","alias":"utm-unified-threat-management-appliance","description":"A unified threat management (UTM) system is a type of network hardware appliance that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.<br />UTM devices are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nWhile UTM systems and next-generation firewalls (NGFWs) are sometimes comparable, UTM devices include added security features that NGFWs don't offer.\r\nUTM systems provide increased protection and visibility, as well as control over network security, which reduces complexity. UTM systems typically do this via inspection methods that address different types of threats.\r\nThese methods include:\r\n<ul><li>Flow-based inspection, also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li>Proxy-based inspection acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\nUTM devices provide a single platform for multiple network security functions and offer the benefit of a single interface for those security functions, as well as a single point of interface to monitor or analyze security logs for those different functions.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">How do UTM Appliances block a computer virus — or many viruses?</span>\r\nUnified threat management appliances have gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. Preventing these types of attacks can be difficult when using separate appliances and vendors for each specific security task, as each aspect has to be managed and updated individually in order to remain current in the face of the latest forms of malware and cybercrime. By creating a single point of defense and providing a single console, UTM solutions make dealing with varied threats much easier.\r\nWhile unified threat management solutions do solve some network security issues, they aren't without some drawbacks, with the biggest one being that the single point of defense that an UTM appliance provides also creates a single point of failure. Because of this, many organizations choose to supplement their UTM device with a second software-based perimeter to stop any malware that got through or around the UTM firewall.\r\nWhat kind of companies use a Unified Threat Management system?\r\nUTM was originally for small to medium office businesses to simplify their security systems. But due to its almost universal applicability, it has since become popular with all sectors and larger enterprises. Developments in the technology have allowed it to scale up, opening UTM up to more types of businesses that are looking for a comprehensive gateway security solution.\r\n<span style=\"font-weight: bold;\">What security features does Unified Threat Management have?</span>\r\nAs previously mentioned, most UTM services include a firewall, antivirus and intrusion detection and prevention systems. But they also can include other services that provide additional security.\r\n<ul><li>Data loss prevention software to stop data from exfiltrating the business, which in turn prevents a data leak from occurring.</li><li>Security information and event management software for real-time monitoring of network health, which allows threats and points of weakness to be identified.</li><li>Bandwidth management to regulate and prioritize network traffic, ensuring everything is running smoothly without getting overwhelmed.</li><li>Email filtering to remove spam and dangerous emails before they reach the internal network, lowering the chance of a phishing or similar attack breaching your defenses.</li><li>Web filtering to prevent connections to dangerous or inappropriate sites from a machine on the network. This lowers the chance of infection through malvertising or malicious code on the page. It can also be used to increase productivity within a business, i.e. blocking or restricting social media, gaming sites, etc.</li><li>Application filtering to either a blacklist or whitelist which programs can run, preventing certain applications from communicating in and out of the network, i.e. Facebook messenger.</li></ul>\r\n<span style=\"font-weight: bold;\">What are the benefits of Unified Threat Management?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Simplifies the network</span></li></ul>\r\nBy consolidating multiple security appliances and services into one, you can easily reduce the amount of time spent on maintaining many separate systems that may have become disorganized. This can also improve the performance of the network as there is less bloat. A smaller system also requires less energy and space to run.\r\n<ul><li><span style=\"font-weight: bold;\">Provides greater security and visibility</span></li></ul>\r\nA UTM system can include reporting tools, application filtering and virtual private network (VPN) capabilities, all of which defend your network from more types of threats or improve the existing security. Additionally, monitoring and analysis tools can help locate points of weakness or identify ongoing attacks.\r\n<ul><li><span style=\"font-weight: bold;\">Can defend from more sophisticated attacks</span></li></ul>\r\nBecause UTM defends multiple parts of a network it means that an attack targeting multiple points simultaneously can be repelled more easily. With cyber-attacks getting more sophisticated, having defenses that can match them is of greater importance.\r\nHaving several ways of detecting a threat also means a UTM system is more accurate at identifying potential attacks and preventing them from causing damage.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM_Unified_Threat_Management_Appliance.png"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[]}],"countries":[],"startDate":"0000-00-00","endDate":"0000-00-00","dealDate":"0000-00-00","price":0,"status":"finished","statusLabel":"Finished","isImplementation":true,"isAgreement":false,"confirmed":1,"implementationDetails":{"businessObjectives":{"id":14,"title":"Business objectives","translationKey":"businessObjectives","options":[{"id":6,"title":"Ensure Security and Business Continuity"}]},"businessProcesses":{"id":11,"title":"Business process","translationKey":"businessProcesses","options":[{"id":336,"title":"Risk or Leaks of confidential information"},{"id":385,"title":"Risk of data loss or damage"}]}},"categories":[{"id":542,"title":"UTM - Unified Threat Management Appliance","alias":"utm-unified-threat-management-appliance","description":"A unified threat management (UTM) system is a type of network hardware appliance that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.<br />UTM devices are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nWhile UTM systems and next-generation firewalls (NGFWs) are sometimes comparable, UTM devices include added security features that NGFWs don't offer.\r\nUTM systems provide increased protection and visibility, as well as control over network security, which reduces complexity. UTM systems typically do this via inspection methods that address different types of threats.\r\nThese methods include:\r\n<ul><li>Flow-based inspection, also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li>Proxy-based inspection acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\nUTM devices provide a single platform for multiple network security functions and offer the benefit of a single interface for those security functions, as well as a single point of interface to monitor or analyze security logs for those different functions.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">How do UTM Appliances block a computer virus — or many viruses?</span>\r\nUnified threat management appliances have gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. Preventing these types of attacks can be difficult when using separate appliances and vendors for each specific security task, as each aspect has to be managed and updated individually in order to remain current in the face of the latest forms of malware and cybercrime. By creating a single point of defense and providing a single console, UTM solutions make dealing with varied threats much easier.\r\nWhile unified threat management solutions do solve some network security issues, they aren't without some drawbacks, with the biggest one being that the single point of defense that an UTM appliance provides also creates a single point of failure. Because of this, many organizations choose to supplement their UTM device with a second software-based perimeter to stop any malware that got through or around the UTM firewall.\r\nWhat kind of companies use a Unified Threat Management system?\r\nUTM was originally for small to medium office businesses to simplify their security systems. But due to its almost universal applicability, it has since become popular with all sectors and larger enterprises. Developments in the technology have allowed it to scale up, opening UTM up to more types of businesses that are looking for a comprehensive gateway security solution.\r\n<span style=\"font-weight: bold;\">What security features does Unified Threat Management have?</span>\r\nAs previously mentioned, most UTM services include a firewall, antivirus and intrusion detection and prevention systems. But they also can include other services that provide additional security.\r\n<ul><li>Data loss prevention software to stop data from exfiltrating the business, which in turn prevents a data leak from occurring.</li><li>Security information and event management software for real-time monitoring of network health, which allows threats and points of weakness to be identified.</li><li>Bandwidth management to regulate and prioritize network traffic, ensuring everything is running smoothly without getting overwhelmed.</li><li>Email filtering to remove spam and dangerous emails before they reach the internal network, lowering the chance of a phishing or similar attack breaching your defenses.</li><li>Web filtering to prevent connections to dangerous or inappropriate sites from a machine on the network. This lowers the chance of infection through malvertising or malicious code on the page. It can also be used to increase productivity within a business, i.e. blocking or restricting social media, gaming sites, etc.</li><li>Application filtering to either a blacklist or whitelist which programs can run, preventing certain applications from communicating in and out of the network, i.e. Facebook messenger.</li></ul>\r\n<span style=\"font-weight: bold;\">What are the benefits of Unified Threat Management?</span>\r\n<ul><li><span style=\"font-weight: bold;\">Simplifies the network</span></li></ul>\r\nBy consolidating multiple security appliances and services into one, you can easily reduce the amount of time spent on maintaining many separate systems that may have become disorganized. This can also improve the performance of the network as there is less bloat. A smaller system also requires less energy and space to run.\r\n<ul><li><span style=\"font-weight: bold;\">Provides greater security and visibility</span></li></ul>\r\nA UTM system can include reporting tools, application filtering and virtual private network (VPN) capabilities, all of which defend your network from more types of threats or improve the existing security. Additionally, monitoring and analysis tools can help locate points of weakness or identify ongoing attacks.\r\n<ul><li><span style=\"font-weight: bold;\">Can defend from more sophisticated attacks</span></li></ul>\r\nBecause UTM defends multiple parts of a network it means that an attack targeting multiple points simultaneously can be repelled more easily. With cyber-attacks getting more sophisticated, having defenses that can match them is of greater importance.\r\nHaving several ways of detecting a threat also means a UTM system is more accurate at identifying potential attacks and preventing them from causing damage.<br /><br />","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM_Unified_Threat_Management_Appliance.png"},{"id":42,"title":"UTM - Unified threat management","alias":"utm-unified-threat-management","description":"<span style=\"font-weight: bold; \">UTM (Unified Threat Management)</span> system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.\r\nUnified threat management <span style=\"font-weight: bold; \">devices </span>are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.\r\nUTM <span style=\"font-weight: bold; \">cloud services</span> and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and <span style=\"font-weight: bold; \">next-generation firewalls (NGFWs)</span> are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.\r\nOriginally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.\r\nUnified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.\r\nUnified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:\r\n<ul><li><span style=\"font-weight: bold; \">Flow-based inspection,</span> also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.</li><li> <span style=\"font-weight: bold; \">Proxy-based inspection</span> acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.</li></ul>\r\n\r\n","materialsDescription":"<h1 class=\"align-center\"> How UTM is deployed?</h1>\r\nBusinesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.\r\nUTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.\r\nBusinesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.\r\n<h1 class=\"align-center\">Benefits of Using a Unified Threat Management Solution</h1>\r\nUTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.\r\nSome UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.\r\nUTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.\r\n\r\n","iconURL":"https://old.roi4cio.com/fileadmin/user_upload/icon_UTM.jpg"}],"additionalInfo":{"budgetNotExceeded":"-1","functionallyTaskAssignment":"-1","projectWasPut":"-1","price":0,"source":{"url":"https://www.imperva.com/resources/customers/case-studies/tech-giant-secures-data-and-saves-2-million-annually/","title":"Web-site of vendor"}},"comments":[],"referencesCount":0}]}},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{},"comparisonByTemplateId":{},"products":[],"selectedTemplateId":null},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}
