Next Gen Hybrid Security Solutions

FlexSecurITy offers solutions that include any element of on-premise, hybrid or managed security solutions to meet our client’s needs. Our next gen hybrid solutions offer end-to-end services that include planning, design implementation and management of integrated multi-level security.

The Choice is yours

Advanced Endpoint Detection and Protection

Today’s borderless networks are redefining endpoint protection. With a variety of endpoints freely accessing networks, they’re storing sensitive corporate data. Due to the fact that 70% of successful data breaches start on endpoints, a preventative approach to endpoint security can help stop cyber-attacks. Our solutions provision for endpoint protection and threat prevention.

EDR uses behavioral analysis at the endpoint and AI-based analytics in the cloud to detect advanced attacks. EPP / EDR solutions provide a comprehensive set of detection, investigation and remediation capabilities for all levels of investigators, including automated investigation playbooks and user behavior analytics. Incident responders can quickly search, identify and contain impacted endpoints while investigating threats using a choice of on-premises and cloud-based sandboxing.

  • Process tree unravels attacks at a glance while providing all the context and details
  • Prevention capabilities protect against known, unknown malware and ransomware, and fileless and malware-free attacks
  • Full attack visibility provides details, context and history for every alert
  • Powerful response enables precise and granular remediation
  • Threat Intelligence integration immediately assesses the origin, impact and severity of threats in the environment and provides recovery guidance for decisive incident response and remediation
  • Support for Targeted Attack Analytics (TAA), leveraging AI algorithms to detect suspicious activity and emerging threats in Symantec Endpoint Protection data collected and correlated in a massive data lake
  • Support for MITRE ATT&CK tactics and techniques and MITRE Cyber Analytics, enabling investigators to search and filter events and incidents by MITRE ATT&CK tactics in order to map events to the ATT&CK matrix
  • Add more than a dozen detections from the MITRE Cyber Analytics Repository (CAR) as automated investigation playbooks
  • Analytics to help you stay one step ahead of known and new threats as they evolve
  • Identify attacks that other endpoint security products might miss, including fileless, ransomware and never-seen-before attacks
  • Uncover threats, patterns, and indicators invisible to traditional and ML antivirus, looking upstream to the root cause of attacks to better predict future ones
  • Web Browser Security

Network Security

Network Security

Networks can be private, such as within a company, and others which might be open to public access. Network security is involved in organizations, enterprises, and other types of institutions. It does as its title explains: it secures the network, as well as protecting and overseeing operations being done.

Network Security;

Consists of the policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.

Involves the authorization of access to data in a network, which is controlled by the network administrator. Users choose or are assigned an ID and password or other authenticating information that allows them access to information and programs within their authority.

Covers a variety of computer networks, both public and private, that are used in everyday jobs; conducting transactions and communications among businesses, government agencies and individuals.

Network security starts with authentication,

  • one-factor authentication, common form, assigning a unique name and password
  • two-factor authentication, something the user ‘has’ is also used (e.g., a security token or ‘dongle’, an ATM card, or a mobile phone)
  • three-factor authentication, something the user ‘is’ is also used (e.g., a fingerprint or retinal scan)

Once authenticated, a firewall enforces access policies such as what services are allowed to be accessed by the network users. Though effective to prevent unauthorized access, this component may fail to check potentially harmful content such as computer worms or Trojans being transmitted over the network. Anti-virus software or an intrusion prevention system (IPS) help detect and inhibit the action of such malware. An anomaly-based intrusion detection system may also monitor the network like Wireshark traffic and may be logged for audit purposes and for later high-level analysis. Newer systems combining unsupervised machine learning with full network traffic analysis can detect active network attackers from malicious insiders or targeted external attackers that have compromised a user machine or account. Communication between two hosts using a network may be encrypted to maintain privacy.

Honeypots, essentially decoy network-accessible resources, may be deployed in a network as surveillance and early-warning tools, as the honeypots are not normally accessed for legitimate purposes. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis may be used to further tighten security of the actual network being protected by the honeypot. A honeypot can also direct an attacker’s attention away from legitimate servers. A honeypot encourages attackers to spend their time and energy on the decoy server while distracting their attention from the data on the real server.

Similarly to a honeypot, a honeynet is a network set up with intentional vulnerabilities. Its purpose is also to invite attacks so that the attacker’s methods can be studied and that information can be used to increase network security. A honeynet typically contains one or more honeypots.

Next Gen Firewall

Next Gen Firewall

A next-generation firewall (NGFW) is a part of the third generation of firewall technology, combining a traditional firewall with other network device filtering functionalities, such as an application firewall using in-line deep packet inspection (DPI), an intrusion prevention system (IPS). Other techniques might also be employed, such as TLS/SSL encrypted traffic inspection, website filtering, QoS/bandwidth management, antivirus inspection and third-party identity management integration (i.e. LDAP, RADIUS, Active Directory). NGFWs include the typical functions of traditional firewalls such as packet filtering, network- and port-address translation (NAT), stateful inspection, and virtual private network (VPN) support. The goal of next-generation firewalls is to include more layers of the OSI model, improving filtering of network traffic that is dependent on the packet contents. NGFWs perform deeper inspection compared to stateful inspection performed by the first- and second-generation firewalls. NGFWs use a more thorough inspection style, checking packet payloads and matching signatures for harmful activities such as exploitable attacks and malware. Improved detection of encrypted applications and intrusion prevention service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols. But blocking a web application that uses port 80 by closing the port would also mean complications with the entire HTTP protocol. Protection based on ports, protocols, IP addresses is no more reliable and viable. This has led to the development of identity-based security approach, which takes organizations a step ahead of conventional security appliances which bind security to IP-addresses. NGFWs offer administrators a deeper awareness of and control over individual applications, along with deeper inspection capabilities by the firewall. Administrators can create very granular “allow/deny” rules for controlling use of websites and applications in the network.

Next Gen Intrusion Prevention Firewall

As cyberattacks evolve, network security requires unparalleled visibility and intelligence covering all threats for comprehensive protection. Stop more threats and address attacks. For vulnerability prevention, Intrusion Prevention Solutions can flag suspicious files and analyze for not yet identified threats.

  1. Public cloud: Enforce consistent security across public and private clouds for threat management.
  2. Internal network segmentation: Accommodate network agendas with an enforcement mechanism that spans the requirements of various internal organizations.
  3. Vulnerability and patch management: Use insights to patch high-priority vulnerabilities in a shorter period with fewer resources, without delay from your organization’s test process or environment.
  4. Advanced sandboxing capabilities perform automated static and dynamic analysis of files against more behavioral indicators. These analyses uncover stealthy threats and help your security team understand, prioritize, and block sophisticated attacks.
  5. Block malware trying to enter your network in real time. Using AV detection engines, one-to-one signature matching, machine learning, and fuzzy fingerprinting, our Solutions analyze files at point of entry to catch known and unknown malware. The result? Faster time to detection and automatic protection.
  6. Continuous analysis and retrospective security – once a file enters your network, our Solutions continues to watch, analyze, and record its activity, regardless of the file’s disposition. If malicious behavior is spotted later, our Solutions sends your security team a retrospective alert that tells them where the malware came from, where it’s been, and what it’s doing. In a few clicks, you can contain and remediate it.

SDWAN

SD-WAN is an acronym for software-defined networking in a wide area network (WAN). SD-WAN simplifies the management and operation of a WAN by decoupling (separating) the networking hardware from its control mechanism. This concept is similar to how software-defined networking implements virtualization technology to improve data centre management and operation. A key application of SD-WAN is to allow companies to build higher-performance WANs using lower-cost and commercially available Internet access, enabling businesses to partially or wholly replace more expensive private WAN connection technologies such as MPLS.

With a business-first networking model, the network enables the business, rather than the business conforming to the constraints of the network. The network becomes a business accelerant that is fully automated and continuous, giving every application the resources it truly needs to ensure the highest quality of experience for end users and IT.

Software-Defined Wide Area Networking (SD-WAN) is a transformational approach to simplify branch office networking and assure optimal application performance. Unlike traditional WANs, SD-WAN delivers increased network agility and cost reduction. Software-Defined WAN has its roots in Software-Defined Networking (SDN), the underlying principle of which is to abstract the network hardware and transport characteristics from the applications that use the network.

Our solutions at FlexSecurITy span:

  1. SD-WAN
  2. Hybrid WAN
  3. Router Replacement
  4. Cloud App Performance
  5. WAN Edge Security
  6. WAN Optimization

Cloud Workload Protection

FlexSecurity considers cloud workload protection (CWP) technology the best option for many organizations looking to secure workloads being moved to the cloud. This test includes data to help enterprises understand how effective CWP products are at protecting cloud-resident workloads against several common threat scenarios. Cloud security is a radical departure from traditional security approaches. Enterprises migrating to the cloud often start with local (on-premises) virtualization and then move an entire application or parts of an application to a cloud provider infrastructure (IaaS). It is this scenario that CWP technology supports. Whether the IaaS destination is a virtual machine (VM) running in a provider environment or a container technology, CWP technology provides support for and protection of commonly exploited software and machine elements. The technology has the potential to reduce an attack surface and limit the opportunity for an attacker to gain a foothold and cause further harm.

Breach Detection and Prevention

Through constant analysis of suspicious code and identification of communication with malicious hosts, breach detection systems (BDS) are capable of providing enhanced detection of threats. As threat actors demonstrate the capability to bypass protection offered by conventional endpoint and perimeter security solutions, enterprises must evolve their network defenses to incorporate protection using advanced techniques. The BDS utilizes both static and dynamic analysis techniques to detect advanced malware, zero-day attacks, and targeted attacks that have bypassed network security controls. Detection products have more flexible deployment options than blocking products and thus can “see” more than blocking products. False positives, which lower operational efficiency, are still a concern with BDS technology, but this is the case for both detection and blocking products.

Data Centre Solutions

Next Gen Firewalls

Enterprises demand a lot of their data centres, which makes their performance and availability paramount. Infrastructure and application architectures are designed to work in concert with each other, thus any incorrectly sized or configured components can disrupt applications for employees or customers. Network security technology is essential in a data centre architecture, providing connectivity, and in some cases, traffic inspection or special handling to protect critical assets. FlexSecurITy uses the term data centre network security (DCNS) to describe devices that provide network security for the data centre. There are several device types in this category; the data centre firewall (DCFW) and the data centre intrusion prevention system (DCIPS) are the most well-known, each having been deployed for a number of years. A third type of device combines the capabilities of the DCFW and DCIPS and is referred to as a data centre security gateway (DCSG).

Intrusion Prevention Systems

Designed to identify and block attacks against web servers, application servers, and database servers, a DCIPS (Data Centre Intrusion Prevention System) can provide temporary protection and relief from the immediate need to patch affected systems. The DCIPS must catch sophisticated attacks while producing nearly zero false positives, and it must not significantly degrade network performance or it will never be installed.

Gateway Solutions

Data centre security gateways are the convergence of data centre security capabilities, and as such, provide a vital role in today’s security infrastructure. Considerations for deployment include:

  • What server operating systems and applications are to be protected?
  • What are peak performance requirements?
  • Can the security product be bypassed using common evasion techniques?
  • How reliable and stable is the device?

DDOS

More and more enterprises have moved their mission-critical services online. Competing in global markets driven by just-in-time demand, these enterprises rely on continuous uptime to perform business transactions on a 24/7/365 model. Distributed denial-of-service (DDoS) attacks are designed to limit access to these resources, and while they are not new, they are more effective today than ever before. The relative ease with which DDoS attacks can be launched, the diverse methods by which they can be executed, and the amount of damage that can be caused by a single attack make them a challenge to defend against. As enterprises look to defend against DDoS attacks, they are turning to DDoS prevention solutions, which offer protection against the different categories of DDoS attacks, and which can take the form of on-premises devices or managed services. These solutions can be implemented as in-line devices (whether routing or transparent) or as out-of-band solutions capable of interacting with an existing routing and switching environment using industry-supported protocols. They must detect volumetric, protocol, and application attacks and should be able to scale quickly in order to continue processing and mitigating the large amount of traffic during a DDoS attack.

Zero Trust – Privilege Access Management

Legacy Privileged Access Management (PAM) is no longer enough for the modern threatscape. New attack surfaces require a shift in your approach to secure against privileged access abuse. As traditional network perimeters dissolve, organizations must discard the old model of “trust but verify” which relied on well-defined boundaries.

Zero Trust Privilege redefines legacy Privileged Access Management (PAM) for the modern enterprise IT threatscape.

Zero Trust Privilege requires granting least privilege access based on verifying; who is requesting access, the context of the request, and the risk of the access environment. By implementing least privilege access, organizations minimize the attack surface, improve audit and compliance visibility, and reduce risk, complexity and costs for the modern, hybrid enterprise.

Organizations may consider approaching Privileged Access Management (PAM) by solely implementing password vaults, leaving gaps that can easily be exploited. Zero Trust Privilege combines password vaulting with brokering of identities, multi-factor authentication enforcement and “just enough” privilege, all while securing remote access and monitoring of all privileged sessions.

With the right credentials in hand, hackers and insider threats can wreak untold havoc on your network, steal your most valuable data, siphon your hard earned funds, and conceal their malicious activities from your threat detection solutions. The reasons why hackers target these privileged accounts are self-evident. However, enterprises give hackers another reason to target privileged users’ credentials: vulnerability.

The numbers speak for themselves:

  • 80% of security breaches involve privileged credentials, according to Forrester Research.
  • 62% of enterprises fail to provision for privileged access accounts according to Thycotic.
  • 65% of enterprises allow for the unrestricted, unmonitored, and shared use of privileged accounts, according to Gartner.

These findings only scratch the surface of what privileged credentials can do in the wrong hands. Some of the most devastating breaches of 2018 were the result of unchallenged privileges, including the Marriott Breach. Your enterprises thus must deploy a Privileged Access Management Solution in order to properly fortify and manage all of your super-users’ permissions.

To deliver Zero Trust, today’s Privileged Access Management (PAM) solutions cannot rely on simply vaulting away shared accounts. They must cover, in detail, both Privileged Account and Session Management as well as Privilege Elevation and Delegation Management. But clearly that is not enough. To sufficiently verify who (or what) a requester is, today’s cloud-ready Privileged Access Management (PAM) must include Privileged Identity and Access Management, Multi-Factor Authentication as well as Privilege Threat Analytics.

Legacy Privileged Access Management (PAM) did a great job of serving yesterday’s threatscape, but in a modern enterprise IT world, to protect yourself, your company, your customers, and your investors, a Zero Trust Privilege approach should be applied.

Access Management – Identity, SSO & MFA

There’s a better option than Active Directory (AD), so why settle for less than you deserve? Our identity platform that can actually fulfill your company’s modern IT needs. Companies are constantly evolving, and AD simply hasn’t kept up. AD makes it harder for you to support today’s modern workforce of contractors, freelancers, and people working remotely. It creates extra work, and it’s holding companies back from innovation and modernization.

Cybercrime is on the rise, again. When it comes to protecting your data, passwords are the weakest link. That’s why multi-factor authentication (MFA) has become the identity and access management (IAM) standard for preventing unauthorized access. Protect your organization’s mission-critical assets with policy-based MFA. Offer flexible authentication factors including one-time-password (OTP) app, SMS, Voice, Web Authentication for biometric factors, plus a range of third party options including Google Authenticator, Yubico, Duo Security, RSA SecurID, and more. Go beyond static MFA with SmartFactor Authentication, which uses machine learning to evaluate the risk and context of each login and adapt accordingly.

Protect your entire business or start by securing your most critical apps first.

  • Secure Directory with Integration
  • A flexible and secure user store, integration to AD/LDAP across multiple domains and self-service AD/LDAP password reset
  • Enhanced user & admin experience
  • Adaptive SSO includes features that improve user experience while enhancing the security posture
  • Seamless enrollment: Self-service MFA enrollment during initial login
  • Flexible authentication: Select from a variety of end user experiences, including 1-click authentication
  • Simple reporting and auditing: Detailed authentication logs, such as login attempts, with preset reports for audits and easy integration with security tools
  • lDAAS controls access to all applications and resources with adaptive policies and password-less authentication
  • Device management and lDAAS solutions share device and user context
  • lDAAS secures access to servers and network resources like VPN, WiFi
  • Files servers replaced by Saas file sync and share solution
  • Cloud print services replace print servers
  • Real-time Security Reporting
  • Sophisticated search of real-time system log, with geolocation tracking, pre-built application access reports and integration with SIEMs
  • Built-in Event Viewer and Reports
  • Powerful reporting to discover and troubleshoot security and access anomalies

User and Entity Management

Organizations that want to add advanced analytics or machine learning capabilities to their IT security arsenal have a relatively new option: User and entity behavior analytics (UEBA). UEBA solutions identify patterns in typical user behavior and then pinpoint anomalous activities that do not match those patterns and could correspond with security incidents. UEBA solutions typically do their work after other security solutions have failed, detecting threats inside the network. Although UEBA solutions have only been around for a few years, they are quickly becoming popular among large enterprises. According to Gartner, sales of standalone UEBA solutions are doubling each year and could top $200 million this year. In addition, many vendors are incorporating UEBA capabilities into other security tools, such as security information and event management (SIEM), network traffic analysis, identity and access management (IAM), endpoint security, data loss prevention or employee monitoring tools.

IOT and IOMT Management

Endpoint Detection and Response (EDR) systems are great. They alert when an endpoint has been compromised, provide information about how the attack occurred, and help security analysts respond to the incident. Unfortunately, most enterprise endpoint security solutions use agents, which means they don’t work on unmanaged and IoT devices. Unmanaged devices and IoT devices are growing in number and represent a large attack surface for most enterprises.

IOT

Our unified security IOT solutions enable our customers to gain complete situational awareness of their extended enterprise environment and orchestrate actions to reduce cyber and operational risk. Our FlexSecurITy IOT solutions deploy quickly with agentless, real-time discovery and classification of every IP-connected device, as well as continuous posture assessment.

Our FlexSecurITy solutions;

Discover all devices in your environment — managed, unmanaged, or IoT — on or off your network, and in your airspace — providing the most complete asset inventory you will see.

No Agent. No Scanning.
Agentless, and 100% passive. This is critical because unmanaged and IoT devices can’t take an agent. As well as scanning can disrupt or crash these devices.

Complete Asset Inventory.
Even without an agent, we can identify the device type, manufacturer, model, IP and MAC address, OS, reputation, username, software, behavior, connections, risk factors, and more.

We don’t just tell you what a device is, but what it is doing. We continuously track its behavior, its connections, and can identify if it is acting suspiciously or maliciously.

Cloud-Based Device Knowledgebase.
We have a huge, crowdsourced device behavior knowledgebase which compares real-time behavior of devices in your environment with multiple “known good” crowd-sourced baselines to detect compromised devices.

Premium Threat Intelligence.
Automatic or Manual – For every policy violation and threat detection, choose from a variety of manual or automated responses that are built into the platform.

Disconnect or Quarantine.
By using your existing network infrastructure or by integrating with existing security solutions, FlexSecurity lets you disconnect or quarantine suspicious or malicious devices.

Incident Response.
Within seconds, our FlexSecurITy Solutions can provide various types of incident response for unmanaged devices — identifying and containing compromised devices, and providing historical information on activity.

IoMT

The Internet of Medical Things (IoMT) includes devices like infusion pumps, MRI machines, x-ray machines, heart monitors, and more. And while these connected medical devices help clinicians deliver faster, higher quality care, they also create an attack surface that most healthcare delivery organizations (HDOs) aren’t prepared to protect.

Agentless. Passive. Comprehensive – Medical devices can’t host an agent, and they can’t be disrupted while they are in use. Our solutions deploy is the first agentless, completely passive medical device security platform to address the new threat landscape of connected devices, including biomedical devices. Even without an agent, we can deliver full visibility of all devices – managed, unmanaged, and medical – in your organization, including the make, model, OS, FDA classification, connection and activity history, utilization, and more. Protect patient safety.

Life-saving biomedical devices aren’t immune to the vulnerabilities attackers can use to manipulate data or settings that could endanger patient’s lives. Our solutions for medical device security protects patient safety by:

  • Identifying existing devices and their vulnerabilities
  • Monitoring device behavior to detect compromise
  • Stopping attacks from moving from device to device
  • Taking action to quarantine suspicious or malicious devices

Detect and stop malware attacks. Ransomware attacks on hospitals have recently been on the rise. These impact hospital operations and services, which can carry costs from hundreds of thousands to millions of dollars. With FlexSecurITy solutions you can;

  • Identify which medical devices are vulnerable
  • Stop WannaCry, NotPetya, and other known or unknown attacks
  • Reduce or eliminate medical device downtime

Secure patient health information. Securing PII and PHI is mission critical for any healthcare organization. Our solutions help large healthcare organizations:

  • Identify unauthorized and insecure network connections
  • Identify transmission of unencrypted PHI
  • Secure unmanaged devices and stop data exfiltration

Protect the business of healthcare. Medical devices aren’t the only ones healthcare organizations use on a day-to-day basis. Delivering care depends on all kinds of connected, unmanaged devices. Things like smart TVs, connected lighting systems, and streaming media players exist in facilities everywhere. These devices are just as vulnerable, and often share the same networks. The Solutions platform detects and analyzes all devices in your environment for comprehensive coverage across your facilities.

Agentless and passive security that identifies and classifies every medical and IoT device, tracks behavior, identifies threats, and takes action – protecting patient care and operations is our integrated value FlexSecurITy with our FlexHealth practice. Decades and tens of thousands of devices deployment has allowed FlexITy to understand IoMT in Canada at the deepest of levels.

Network Access Control

Network Access Control (NAC) is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement. Network Access Control (NAC) is a computer networking solution that uses a set of protocols to define and implement a policy that describes how to secure access to network nodes by devices when they initially attempt to access the network. NAC might integrate the automatic remediation process (fixing non-compliant nodes before allowing access) into the network systems, allowing the network infrastructure such as routers, switches and firewalls to work together with back office servers and end user computing equipment to ensure the information system is operating securely before interoperability is allowed. A basic form of NAC is the 802.1X standard.

Network Access Control aims to do exactly what the name implies—control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do.

Because NAC represents an emerging category of security products its definition is both evolving and controversial. The overarching goals of the concept can be distilled as:

Be Secure

  • See everything
  • Stop rogue devices and threats
  • Control guest and device access
  • Protect LAN, WIFI and VPN
  • Detect new devices

Take Control

  • Automate security policies
  • Orchestrate with enterprise software and services
  • Integrate with AD/LDAP, Anti-Virus, APT, firewall, and cloud

Deploy Quickly

  • Agentless enforcement
  • No network changes
  • Heterogeneous and vendor neutral
  • Works with enterprise and consumer network

Mitigation of zero-day attacks

  • Authorization, Authentication and Accounting of network connections.
  • Encryption of traffic to the wireless and wired network using protocols for 802.1X such as EAP-TLS, EAP-PEAP or EAP-MSCHAP
  • Role-based controls of user, device, application or security posture post authentication
  • Automation with other tools to define network role based on other information such as known vulnerabilities, jailbreak status, etc.
  • Policy enforcement
  • NAC solutions allow network operators to define policies, such as the types of computers or roles of users allowed to access areas of the network, and enforce them in switches, routers, and network middleboxes.
  • Identity and access management
  • Where conventional IP networks enforce access policies in terms of IP addresses, NAC environments attempt to do so based on authenticated user identities, at least for user end-stations such as laptops and desktop computers.

Network Access Control (NAC) helps enterprises implement policies for controlling devices and user access to their networks. NAC can set policies for resource, role, device and location-based access and enforce security compliance with security and patch management policies, among other controls. The main benefit of NAC solutions is to prevent end-stations that lack antivirus, patches, or host intrusion prevention software from accessing the network and placing other computers at risk of cross-contamination of computer worms.

NAC is an effort to create order out of the chaos of connections from within and outside the organization. Personnel, customers, consultants, contractors and guests all need some level of access. In some cases, it is from within the campus and at other times access is remote. Adding to the complexity are bring your own device (BYOD) policies, the prevalence of smartphones and tablets, and the rise of the Internet of Things (IoT).

NAC was the highest IT security spending priority in eSecurity Planet’s 2019 State of IT Security survey, and is also one of the technologies users have the most confidence in.

FlexSecurITy NAC Solutions

Our Network Admission Control (NAC) solutions allow you to authenticate wired, wireless, and VPN users and devices to the network; evaluate and remediate a device for policy compliance before permitting access to the network; differentiate access based on roles; and then audit and report on who is on the network.

Our Solutions are powerful, easy-to-deploy admission control and compliance enforcement component. With comprehensive security features, in-band or out-of-band deployment options, user authentication tools, and bandwidth and traffic filtering controls, Our Solution is a comprehensive offering for controlling and securing networks. You can implement security, access, and compliance policies through a central management point rather than configure policies throughout the network on individual devices.

Features and Benefits

  • Prevents unauthorized network access to protect your information assets
  • Helps proactively mitigate network threats such as viruses, worms, and spyware
  • Addresses vulnerabilities on user machines through periodic evaluation and remediation
  • Brings you significant cost savings by automatically tracking, repairing, and updating client machines
  • Recognizes and categorizes users and their devices before malicious code can cause damage
  • Evaluates security policy compliance based on user type, device type, and operating system
  • Enforces security policies by blocking, isolating, and repairing noncompliant machines in a quarantine area without needing administrator attention
  • Applies posture assessment and remediation services to a variety of devices, operating systems, and device access methods including LAN, WLAN, WAN, and VPN
  • Enforces policies for all operating scenarios without requiring separate products or additional modules
  • Supports seamless single sign-on through an agent with automated remediation
  • Provides clientless web authentication for guest users

Satellite Locations and Remote Offices

FlexSecurITy Solutions offers advanced technology that easily and affordably scales to handle any number of remote sites, ideal for organizations with many remote locations.

  • Supports NAT and overlapped subnet ranges
  • Is as compatible with consumer firewalls, routers and unmanaged switches as enterprise networks
  • No network changes or endpoint changes

Automated White Listing

Keeping track of which devices are allowed on your network and which are not can be a never ending job. FlexSecurITy Solutions helps clients communicate with existing servers to authorize valid devices without manual intervention. FlexSecurITy also helps restrict devices that should not be on the network and optionally notifies administrators.

Anti-Spoofing Protection

FlexSecurITy Solutions provides a fingerprint feature to protect against device spoofing. FlexSecurITy Solutions records each device’s fingerprint through information collected from the device’s network, system, and configuration. This prevents attempts to spoof a device through means such as replicating its low level address.

Firewall/Advanced Persistent Threat Integration

Security appliances that are designed to monitor devices and network traffic can send event-based alerts for administrative action. FlexSecurITy can receive event-based syslog messages from all types for security devices and take immediate action when necessary. After receiving an alert that a device has malware, FlexSecurITy can immediately restrict it.

Enforce Anti-Virus and Security Policies

With the ever increasing threats of zero day attacks, Advanced Persistent Threats, and ransomware it is more important than ever to verify endpoint security solutions are installed, active and up-to-date. FlexSecurITy integrates with enterprise Anti-Virus vendors and leading patch management solutions, to verify that all endpoint security is active and up-to-date. By integrating with leading security solutions, FlexSecurITy can enforce compliance with security policies, without the use of agents. Devices out-of-compliance can be restricted at the point of network access.

BYOD Registration

Keeping track of which Bring Your Own Device belongs to who is a difficult task. Controlling which devices can connect when and where is even more difficult. FlexSecurITy makes the process of enrolling and controlling BYOD devices simple. FlexSecurITy provides employees with a self-registration captive portal to register their device with their directory credentials. Administrators can set policies to enforce and control BYOD. Simple policies can be set to limit the user(s), device quantities, device types, allowed network locations, allowed network resources, and more.

Guest and Consultant Registration

FlexSecurITy provides multiple methods for organizations to automate the enrolment of guests and consultants. These range from self-registration to sponsor approved registrations to help organizations balance the need for security with guest convenience. Regardless of which method(s) is used the company remains in control of when, where, and how long the guest can connect to the network. Role-based access policies can be set to limit guests to the internet and consultants to specific servers or network segments.

SSL Traffic Decryption

With the increased use of SSL/TLS in the traffic traversing the modern network, an NGFW must be able to inspect encrypted content. SSL and TLS protocols are the foundation of e-commerce security, encrypting the transfer of sensitive data, verifying the authenticity of websites, and ensuring the integrity of exchanged information. Threat actors are increasingly using SSL/TLS to deliver malicious attacks. Gartner estimates that in 2017 more than half of the network attacks targeting enterprises used encrypted traffic to bypass security controls.

Threat Detection Analytics

By constantly analyzing suspicious code and by identifying communications with malicious hosts, threat detection analytics (TDA) products can detect threats ranging from commodity malware to targeted attacks from state-sponsored threat actors that are expressly designed to bypass traditional defenses’ products. These types of targeted attacks evolve the capabilities of traditional breach detection systems by applying advanced analysis algorithms that identifies whether exfiltration has occurred, and its root cause.

This technology helps to accelerate the response workflow and improve incident outcomes. Incident responders are uniquely able to address attacks in progress and help organizations avoid grievous data loss or damage if they learn of incidents early enough in the attack chain. TDA products will evaluate and provide metrics on some of the challenges that have been reported by enterprises so incident resolution workflows can be accelerated.

WAF – Web Application Firewalls

Web Application firewall (WAFs) as a stand-alone or virtual appliance, or as self-contained software designed to secure web-based traffic and prevent web servers and their applications from being exploited. Attackers are no longer simply attacking the web server and its underlying operating systems; they have moved up the stack and are attacking web applications running on the web server that front-end critical corporate data. Such applications are often complex and difficult to secure effectively, and simple coding errors can render them wide open to remote exploits. To regain the upper hand against current attacks, enterprises must evolve their network defenses to provide a different kind of protection.

WBS - Web Brower Security

The web browser is the primary vector by which malware is introduced to computers. To protect against malware, leading browser vendors provide cloud-based reputation services that scour the Internet for malicious websites and then categorize content accordingly, either by adding it to blacklists or whitelists, or by assigning it a score. A web browser requests reputation information about a specific URL, and if results indicate that the website is “bad,” the browser redirects the user to a warning message explaining that the URL is malicious. If a website is determined to be “good,” the browser takes no action and the user remains unaware that a security check was just performed.

Among the most prominent and impactful security threats facing users today are socially engineered malware (SEM) and phishing attacks. While drive-by downloads and clickjacking are also effective attacks that have achieved much publicity, they continue to represent a smaller percentage of today’s threats.

Phishing attacks pose significant risk to individuals and organizations alike by threatening to compromise or acquire sensitive personal and corporate information. These attacks gain the trust of users by masquerading as reputable entities to steal login credentials or sensitive account information. Socially engineered malware (SEM) uses a dynamic combination of social media, hijacked email accounts, false notification of computer problems, and other deceptions to encourage users to download malware.