Security

Complete, all-round security

Information security is often divided into three attributes: availability, (data) integrity and confidentiality. We deliver technical solutions that correspond to each of these three aspects.

security

Availability

For the continuity of your services, their availability is crucially important. If you’re offline, you lose customers and your reputation will sustain damage.

Availability when you’re under attack

Unfortunately, Distributed Denial of Service (DDoS) attacks have become a fact of life. More and more organizations have to deal with them, sometimes on a daily basis. To be able to mitigate them successfully, regular network equipment is often not good enough. The use of specialist equipment is therefore indispensable.

Our DDoS mitigation service keeps your servers and applications available during attacks, whether they are focusing on a server, network, DNS system or application. We use specialist equipment specially designed to detect, isolate, and address these attacks, so that your services suffer no disturbance. Our DDoS protection works out-of-the box, gives very detailed real-time and historical insight into traffic, protects against many types of attacks and keeps an eye on global trends to analyze current situations.

DDOS
Loadbalancing

Enterprise Loadbalancing

Naturally, many visitors is good for your business, but the resulting load can also adversely affect the performance and availability of your application. That’s obviously something you want to prevent. Possible overload and failure of parts of your platform can luckily be avoided and addressed through the use of intelligent load balancing and content delivery solutions specifically tailored to your applications and services.

Some examples:

  1. Distribution of connections based on capacity available
  2. Smart distribution of incoming connection
  3. Automatic detection of failures and overload
  4. Limiting the numbers of connections per server/application
  5. Caching of content on the load balancer

Data Protection

Abuse of your data by attackers is a serious threat that needs to be prevented. With the proper measures you can ensure that your data is suitably protected.

Advanced Firewalling

With a firewall, you can control how contact with your platform and systems can be established. But a regular firewall can’t really see if strange anomalies occur in traffic through the authorized channels. By using Application Firewalls and Intrusion Detection/Prevention Systems, the content of the traffic can be checked in much greater detail. Besides checking and filtering traffic based on IP address and port, you can do so at the protocol and application level.

Using Layer 7 filtering and DPI (Deep Packet Inspection) you can detect and block malicious traffic based on patterns (such as SQL injects, XSS, malware and viruses). You can scan the contents of the data in order to detect whether there may be attempts to exploit potential vulnerabilities in an application or system. We offer various solutions using specialized equipment to make this possible.

advancedfirewall
lock

Security profiles

To even more clearly create the conditions for correct use of your services and applications, we offer solutions for customized security profiles. You can use your own VDOMs in which you establish rules that correspond to the particulars of your services. With a VDOM, your gain access to your own dedicated, independent virtual security appliance. Each VDOM has its own interfaces, security profiles, routing, administration and many other options. This way, you can have a system that you can configure and customize to your own needs, without having to invest in expensive equipment yourself.

Access Control

By ensuring that the identity of persons on your systems is firmly verified, you prevent unauthorized access.

VPNs

Often, you don’t want your services to be open up to the entire world, but sometimes you do not know from what location your users need access. The use of a Virtual Private Network (VPN) is a widely used solution for this. You do not have to know where your users are located beforehand, as long as they can identify themselves. If a user does not have the right security credentials, access can already be blocked on the network level. Our specialized equipment includes functionality for configuring and managing different types of VPNs.

id
id

Identity management

To establish more control over one who gets access to your systems and applications, you can add additional controls to establish their identity. Besides the regular user name and password, you can deploy additional techniques. You can consider using private keys, security tokens, one-time passwords and other methods to provide two-factor authentication. Let us advise you and facilitate the right solution for you.

Cyso provides professional internet services that meet the needs of your organization and business. Want to know how? Just contact one of our consultants.