Unispeed Network security
As illustrated by the "swiss cheese model" any network, no matter how well protected, is succeptible to intrusion. Lots of systems such as IDS, IPS firewalls and anti virus programs provide protection against known vulnerbilities.
When an attack penetrates these systems there is however little chance that the source and effect of the attack is discovered timely.
Adding netlogger to your network will insure that the exact chain of events can be recreated and analysed by viewing the consolidated logfiles generated by the netlogger
Denial of service from packet streams using legitimate types of traffic can be reacted upon by setting thresholds in the netlogger. When these thresholds are exceeded netlogger will direct firewalls and IPS's to block the traffic for a desired period of time.
Netlogger can be programmed to monitor and analyse the content your webservers transmit to the network. If the content is changed by malicious code and therefore does not match what the netlogger expect to se, alarms can be issued or the webservers can be directed to reinstall a backup image.
Passive sniffer technology ensures the integrity of your data. No matter how your network is atacked, netlogger will remain unaffected and enable you to recreate the exact chain of event and restore your data
True Deep packet inspection enables the netlogger to search for and react upon strings found at any protocol level and all the way through the content data. When such data matches a predefined trigger or threshold the netlogger can be set to issue commands to firewalls or intrusion protection systems, generate alerts and even reconfigure the netlogger itself or other netloggers on the network
Managed security solutions
Together with Danish internet security company Ezenta A/S , Unispeed offers a wide range of managed security solutions.
SecureAdvice- consulting in all aspects of IT- security
SecureAudit- test and audit of security systems and applications
SecureSolutions- implementing best practice solutions
SecureSkills- eduction and competencebuilding
About Dos and DDos attacks
Resent years have offered little change in the nature of the targets of DoS attacks. The Internet community, ranging from individual end -users to the largest organizations, continues to experience DoS attacks.
What we have seen is a steady increase in the ability for intruders to easily deploy large DDoS attack networks. In the race of available consumable resources versus the ability to consume those resources, today’s DDoS networks continue to outpace available bandwidth in most cases.
Service level attacks
Where packet filtering or rate limiting can be effective to control the impact of some types of DoS attacks, intruders are beginning to more often use legitimate, or expected, protocols and services as the vehicle for packet streams. Doing so makes filtering or rate limiting based on anomalous packets more difficult. In fact, filtering or rate limiting an attack that is using a legitimate and expected type of traffic may in fact complete the intruder’s task by causing legitimate services to be denied.