Network & Systems Cybersecurity
Next Generation Firewalls & Unified Threat Management (UTM) Devices
Unified Threat Management (UTM) Device
Access Control Lists (ACLs):
Access control lists are used to either block or allow port(s) and or port & IP combinations known as sockets. For example, port 25 is often blocked because it is unencrypted and can be used for unauthorized email relaying. All incoming traffic is generally blocked referred to as a deny any any statement then as services are deployed ports are opened for those services and are only allowed to the host that is making those services available. Only servers will have port(s) opened and only the ports that are in use by the corresponding applications. Some common ports are 21 FTP, 22 SSH, 25 SMTP, 53 DNS, 80 HTTP, 110 POP3, 143 IMAP and 443 HTTPS.
Web Content Filtering:
Web content filtering blocks websites or groups of sites based on URL address or categories such as adult, shopping, video streaming, social media, and more. This can keep your employees focused on their work and not the many distractions on the internet. Also, blocking bandwidth hogging sites such as video streaming like Netflix and YouTube. Of course, we can provide an override code to circumvent the filter or allow certain PCs or groups of PCs to not be a part of the filtering. We can even create different filtering lists for particular departments or individual persons.
Quality of Service (QoS):
Assigns bandwidth caps or reserves to specific traffic types so that even during times of high utilization those specific traffic types still function normally. For an example, reserving bandwidth for VoIP traffic and capping the amount of traffic used for video streaming. In the event several users are streaming video there’s still enough available bandwidth so as not to degrade the telephone call quality. Most commonly used in conjunction with traffic shaping.
Traffic Shaping prioritizes certain traffic types over others for example VoIP would be highest priority. Because it requires very little bandwidth but when it has insufficient bandwidth it can ruin the call quality by making it choppy or with an echo. For example if the system receives VoIP traffic and YouTube traffic at the same time the VoIP traffic will take priority and go ahead of the YouTube traffic. Most commonly used in conjunction with QoS.
Deep Packet Inspection (DPI):
Deep Packet inspection is an advanced method of examining and managing network traffic. It is a form of packet filtering that locates, identifies, classifies, reroutes or blocks packets with specific data or code payloads that conventional packet filtering, which examines only packet headers, cannot detect.
Intrusion Detection Prevention (IDP):
Intrusion detection prevention looks for signature patterns of malicious traffic then automatically blocks the IP address of the detected attacker(s) for a predetermined amount of time based on the type of offense.
Unified Threat Management (UTM):
Unified threat management is an approach to information security where a single hardware or software installation provides multiple security functions. This contrasts with the traditional method of having point solutions for each security function. Such as VPNs, QoS, DPI, Application firewall, IDS/IDP, content filtering, traffic shaping, logging, routing, ACLs, Two Factor Authentication (2FA), network layer virus filtering, & access point controller for mesh WiFi deployments.
Next Generation Firewall (NGFW):
Next generation firewall is another form of UTM incorporating traditional firewall functionality in addition to content filtering, application firewall, IDS/IDP, and DPI.
Network Layer Virus Detection & Removal:
Network layer virus detection locates and removes most viruses, malware, spyware, ransomware, Trojans, worms, & rootkits. Operates at the network layer before reaching the intended PC or server. Logs and notifies us to all detection’s so we can take preemptive measures.
Virtual Private Networks (VPNs):
Explained in further detail at the bottom of this page.
UTMs / Firewalls Software or Hardware devices including Barracuda, Brocade, Check Point, Cisco, Dell Sonicwall, Fortinet, HP, Meraki, Netgear, Palo Alto, pfSense, Juniper, Sophos, WatchGuard, Ubiquiti, Zyxel, & More