Security Infrastructure


firewall

Our Security Infrastructure

Intrusion Protection System (IPS) / Firewall

  • Protects your system with state-of-the-art redundant firewall infrastructure.
  • Detects any piece of malware and enforces application control with continuous deep packet inspection of network traffic.
  • Uses Site-to-Site and User VPN (Virtual Private Network) to prevent vulnerabilities and malicious code by decontaminating code before it enters host network.
  • Protects across all incoming and outgoing applications, files and content-based traffic.

  • Real time network security protection against sophisticated application layer and content-based application layer and content based attacks including viruses, spyware, worms, Trojans and software vulnerabilities such as buffer overflows.
  • Granular control, data leak prevention* and real-time visualization of applications to ensure maximum network security.
  • Firewall performs additional functions of Gateway Antivirus, Content Filtering, Application Control and IDS/IPS (Intrusion Detection System/Intrusion Protection System).
  • 24×7 Monitoring and Support by Certified Engineers.
  • Fully redundant active/passive Firewall clusters
  • Stateful Failovers are transparent to end-user




span

Email Spam and Virus Filters

Relay-based spam filtering are deployed for all Customers. Operating at multiple data centers, they relay all email to our email servers and scrub from it objectionable attachments, viruses, spam and files that might contain any executable code.


span

Application Firewalls

Application Firewalls are deployed for critical web systems that house high value databases and critical data, such as payment card data. These firewalls prevent attacks intended to exploit application level vulnerabilities and also attacks on databases and other data residing on these systems.


span

OS/Application Hardening

We ensure that all apps running on the WAN (Wide Area Network) have been hardened to minimize hack  possibilities. We prevent apps from running with root privileges. We modify configurations to minimize risks of attack. We eliminate unnecessary utilities, remove all printers, file shares, protocols and other such unneeded items. We ensure that all passwords meet minimum entropy requirements.



span

SIEM Tools

SIEM (Security Information and Event Management) tools are available for Customers with demanding compliance requirements. SIEM tools conduct real time analysis of log data and generate alerts when anomalies are detected.


span

DDoS Protection Infrastructure

The availability of Customer services is ensured by continuous monitoring of traffic on our edge routers and by use of our DDoS (Distributed Denial of Service) mitigation System.


span

DDoS Processes
  • Continuous scanning of every packet and in-and-out of edge routers to generate alerts that protect your data.
  • Generated alerts are used to eliminate hostile traffic.

Intrusion Detection System (IDS) Cutting edge tools detect and log patterns of odd or unusual behavior. Where some rules on these systems may generate instant alerts, others may alert us to patterns of unusual behavior. Examples of our responses to such behavior:

  • Attempts to access customer sites from a server that does not have access are intercepted and blocked.
  • Malformed packets sent to servers in an effort to exploit a vulnerability are intercepted and blocked.
  • We implement outbound security to prevent hackers from gaining Internet connectivity; this automatically sets off alarms when hackers attempt to do so.
  • Our security partners deliver automated signature updates that provide protection from emerging threats.
  • We immediately prevent and block High Priority level attacks, instantly notifying clients of the need for further investigation.
  • Our engineers periodically log and take appropriate actions to ensure continuous protection.
scanning

scanning
Infrastructure and Network Monitoring We monitor and scan the network for unusual traffic patterns. For example:

  • Excessive traffic on any specific infrastructure
  • Irregular traffic patterns
  • Multiple failed login attempts
  • Outbound traffic where there should be none
  • Network latency in Smokeping

Vulnerability Scanners We scan all servers and infrastructure on a regular basis.

  • We use cutting-edge tools to identify vulnerabilities within various OS and application builds that might expose servers to attacks from various sources.
  • These tools tell us which networks are at risk.
  • We then find patches and other fixes to close loopholes identified by Nessus
scanning

scanning
Storm Controls

  • ARP (Address Resolution Protocol) and other multicast packets are used to implement controls that prevent hackers from flooding client networks and overwhelming switches with the intend shutting down of an entire data center.
  • We deploy a combination of hardware and software rate-limiters and policies to ensure automatically monitor and mitigate the impact of abnormal increases in traffic.
  • We configure all network ports to monitor multicast traffic levels in order to ensure quick detection of dangerous levels of traffic and automatically shut down the source of such traffic before it causes outages.

DNS

  • We maintain multiple replicated DNS (Domain Name System) servers at multiple facilities to ensure that an outage at a single facility does not result in a major outage.
  • We maintain substantially underutilized DNS capabilities augmented by servers housed at third party providers. This practice protects our customers from from major outages if one or multiple domains should experience a DDoS attack.
scanning