dystrybutor Alcatel
tel. +48 61 628 43 70 info@versim.pl PL | EN
extreme networks nac

Solutions

Endpoint protection

Despite the fact, that antivirus solutions protect almost every workstation and server in the world, the number of security breaches is growing alarmingly. This is mainly due to the fact that traditional antivirus systems are reactive solutions, that focus on detection and response to already known threats.

Today however, experienced attackers are able to easily evade traditional antivirus solutions using low cost and automated online tools that allow them to generate the countless number of unique, previously unknown attacks. Therefore, traditional antivirus as a security breaches prevention system is no longer sufficient.

Organization, if it wants to prevent intrusions and data leakages must defend itself against known and unknown threats as well as from the weakness of traditional antivirus solutions. To achieve this, it should put emphasis on prevention. Prevention is in fact the only effective way to reduce the frequency and consequences of cyber-breaches. The old truth: Prevention is better (and cheaper) then cure…

In today’s reality of common use of previously unknown threats and vulnerabilities in targeted attacks, it is more important than ever that workstations are actively protected.

Endpoint Protection class solution should provide users a convenient experience and enable them to conduct their daily activities without concern about infection. An advanced workstation protection product must allow users to freely use mobile and cloud technologies, while ensuing protection against unknown threats. Users must be confident and know that they are protected against accidental execution of malware or exploit, that could comprise their system.

Advanced endpoint protection solution should provide:
• Prevent all exploits, including those utilizing unknown zero-day vulnerabilities
• Prevent all malicious executables, without requiring any prior knowledge of the threat
• Detailed data about prevented attacks
• High scalability with minimal system load
• Tight integration with network and cloud security solutions

Offered by Versim, the advanced next generation endpoint protection solution – Palo Alto Networks Traps, fulfills all the above mentioned conditions. The operation of Traps solution comes down to core techniques, that any attacker must use in order to conduct a successful attack. Using such approach, Traps can block attacks before malicious code succeed.

Palo Alto Networks Traps – Multilayer Endpoint Prevention Method against known and unknown Malware threats.

Palo Alto Advanced Endpoint Protection Traps integrated with Palo Alto Next-Generation Firewall create innovative security platform (Next-Generation Security Platform), that provides security of application delivery process and protection against both known and unknown network, cloud and endpoint threats.

 

Want to know more? Contact Us!
Use our security questionnaire!

Privilege Access Management

Hackers and cybercrime players  easily get access into critical systems and important data without any alerts raised due to lack of control over privileged accounts and weak  overall security. Privileged access problems are responsible of 80% of security breaches. Intruders often choose the easiest way to the target. They get the access via trusted vendor or an external engineer that use account with broad access rights. Most sensitive data can be accessed this way so all the privileged accounts have to be under tight control. Common practice sometimes differ from the best one though. Some accounts are shared between company IT staff and external entities. Nobody knows what happens during the connection. Cybercrime actors are aware of that.

Quick breach, slow reaction
Attackers have a lot of time for their actions. Time from security breach to answer to this breach is 240 days on average. It is almost a year! Control can be taken over whole IT infrastructure, all sensitive data can be either stolen or encrypted for ransom.

Remote access the right way
If an external consultant or a vendor needs remote access to IT systems in organisation a typical procedure is implemented as follows. Therefore it has many important weaknesses:

1. As a vendor needs access to internal systems the company decides that Virtual Private Network is to be used. It’s still considered best for such purposes because it can prevent Man in the Middle attacks.
2. This VPN channel gives more access than really needed and can lead to network penetration. Many companies don’t place ACL (access control lists) for blocking unwanted connections that can come via VPN  tunnel.
3. Cybercrime players and hackers know that VPN access given to third party is one of the best ways to take control over a target.
4. As the bad players have access and time they can break into all target systems and get all the sensitive data they want.
5. IT staff does not control any of the connections. Security breach is even easier to achieve via VPN than from local network because it can be done remotely.

Right now we have alternatives to VPN access that can save us from such a black scenario – it’s BOMGAR Privileged Access Management, available in VERSIM portfolio. BOMGAR PAM can be deployed to provide secure access with full visibility and audit at any time. As the access does not require setting up a VPN connection network penetration is harder. PAM offers continuous audit with session recordings and activity detection, all access can be granted by another person acknowledgement and two factor authentication if needed. Session can be saved for later use. All user authentication can be integrated with Active Directory or similar services by default. By using Bomgar Vault all the passwords needed for privileged sessions can be centrally managed and injected into a session. Applications and systems access can also be limited. As an option two-factor authentication can be integrated using Bomgar Verify tokenless solutions. All connections are encrypted using high grade ciphers. The company has control over encryption chain as all the certificates are put in place by IT staff.

Leader in Secure Access solutions
Bomgar is the leader in Secure Access solutions that empower businesses. Bomgar’s leading remote support, privileged access management, and identity management solutions help support and security professionals improve productivity and security by enabling secure, controlled connections to any system or device, anywhere in the world. More than 10,000 organizations across 80 countries use Bomgar to deliver superior support services and reduce threats to valuable data and systems. Bomgar is privately held with offices in Atlanta, Jackson, Washington D.C., Frankfurt, London, Paris, and Singapore.

BOMGAR REMOTE SUPPORT – allows you to access and fix nearly any remote device, running any platform, located anywhere in the world. Using Bomgar, technicians can chat with an end-user, view and control remote systems and devices, and collaborate with other technicians or external parties to resolve issues…all with the highest levels of security. Bomgar Remote Support offers the security, integration, and management capabilities your IT and customer support organizations need to increase productivity, improve performance, and deliver a superior customer experience.

BOMGAR PRIVILEGED ACCESS MANAGEMENT  enables security professionals to control, monitor, and manage access to critical systems by privileged users. With Bomgar, you can obtain detailed visibility into sessions and access rights. Plus provide administrators, vendors, and business users with the access they need to improve productivity, while protecting your high-value infrastructure, assets, and applications.

BOMGAR VAULT helps companies secure, manage, and administer shared passwords and credentials for privileged users and IT vendors. Manage and rotate privileged account credentials to improve security and compliance. Quickly identify and gain control of vulnerable privileged credentials. Combine with Privileged Access Management to improve productivity and auditing.

BOMGAR VERIFY is a two factor authentication solution that allows privileged users to leverage their existing personal devices to authenticate to critical systems. Two factor authentication enables a second security check beyond user name and password, by utilizing something the user knows (password) together with something the user has (device). With quick deployment and flexible device options, Bomgar Verify helps organizations to dramatically improve security for reasonably little effort and investment. When implemented with Bomgar’s full range of Secure Access solutions, Bomgar Verify is part of a true ‘defense in depth’ solution for securing privileged access.

BOMGAR CONNECT –  enables small to medium sized businesses to provide secure remote support to employees and customers anytime, anywhere. With easy-to-use features such as screen sharing, remote control, file transfer, and chat, support representatives are armed with the tools necessary to quickly connect to and fix remote systems and devices without sacrificing security or reliability.

Want to know more? Contact Us!
Use our security questionnaire!

Security Operation Center (SOC)

Despite increasing investments in security solutions, 80% of organizations are victims of hacking into their systems. Advanced attacks bypass traditional security solutions, while the effectiveness of security professionals and analysts is weakened by the lack of full visibility of threats, too many alerts and the shortage appropriately qualified employees.

In this situation, a completely new cyber-security paradigm is needed. A proactive solution, that controls every link in the attack chain and continuously looks for attackers. The new forensics strategy, that continuously gathers evidences, process them intelligently and provides real-time information allowing to detect cyberattack and rapidly and effectively respond on it, eliminating the threat at an early stage.

Are you struggling with such problems today?
1. Thousands of alerts a day and to many false-positives?
2. Point, siloed security tools, generating independent alarms, that are impossible to gather and analyze as a whole, in order to detect an attack?
3. Conducting of forensics analysis in order to establish the most effective response is too complex, time-consuming and expensive?
4. Lack of suitably qualified employees?

Therefore, it is a time to change the way of defense against cyber threats.

Organizations that want to increase the effectiveness of protection against attacks, while increasing the operational efficiency of their security teams and maintain a reasonable level of costs, must change their approach to that protection against cyber threats, from siloed to integrated (unified).

And when we talk about creating an effectively working SOC (Security Operations Center), which constantly monitors security posture, there is no doubt that such integrated approach is definitely the most cost-effective way to build it. It provides full visibility of threats in the entire infrastructure, streamlines management of these threats and accelerates response time. Deployment of the unified SOC concept enables organizations to reduce the need for purchase of siloed, not integrated tools, and also the need for qualified employees, who maintain and support such siloed solitons.

By reducing the number of tools along with lower demand for staff, overall TCO savings may even reach 60% in comparison to the traditional approach to SOC. Moreover, unified approach minimalizes the risk of costly data security breaches by faster and more effective detection and response to threats.

 

Verint Threat Protection System™ is a unified and intelligent platform, implementing the concept of unified SOC deployment, it revolutionizes the way analysts work, covering the whole cyber-attack chain (full kill chain). Verint TPS enables analysts to automate forensics analysis process, transforming thousands of data sources into meaningful information – which shortens the time required to detect an attack and eliminates the delay between detection and response.

According to Gartner, many „organizations show a more mature approach to security, when they struggle with issues related with notification and response to incidents, and looking for a way to improve SOC productivity”. With the ability to automate forensics, the Verint system simplifies the entire process, which not only increases productivity, but also enables first-tier analysts to resolve problems by themselves, which previously required involvement of expert.

Verint Threat Protection System ™ combines multivector detection of threats with proactive gathering of evidences and forensics analysis, and with automation of the most difficult and time-consuming investigation phase, to finally generate an effective response recommendation. Thus, it creates a holistic platform that can stop the attack before it reaches its target and damages it.

Such unified integrated platform enables proactive and extremely effective operation. With a transparent view of threats in the entire infrastructure, the SOC team can rapidly respond even to the first attack symptoms, getting ahead of the attacker and undermining his plans, instead of putting out fire after attack, that breaks out with huge force.

With automation of the most difficult and time-consuming investigation phase, Verint TPS system simplifies analytics, not only by increasing productivity, but it also enables Tier 1 analysts to support incidents, that previously required an involvement of expert.

Want to know more? Contact Us!
Use our security questionnaire!

Network Access Control (NAC)

extremeThe vast majority of enterprises and institutions that planning strategy of their resources security take into account firewall class systems. Firewalls are an essential component responsible for protection of organization’s data against unauthorized access and external attempts to violate data. Malware in e-mails and botnet attacks are one thing, but we are also exposed on internal attacks. Unaware employee, guest user acting on behalf of competitive companies, disgruntled employee, cleaner called Mitnick… Trust in human relations is a very important factor impacting on the quality and satisfaction of business, but it is worth to equip ourselves in a tool which will ensure that our trust won’t be abused. We often see that inconsistency in the security policy implementation or hardware limitations make sensitive data available to unauthorized people, at their fingertips. But not only this is a problem. How many devices, exactly, are connected to your network? Who is using your network and what access privileges to server resources does he have? Therefore it is good to include network access control (NAC) system when creating a security policy.

 

NACOffered Extreme Control Identity & Access Management system is a NAC grade solution that perfectly addresses the needs of enterprises and institutions in the field of network access layer security. Full visibility of devices connecting to the network, extensive capabilities to profile wire and wireless devices, dynamic assignment of security policies binding VLAN, ACL, QoS, etc., as well as the possibility to validate compliance and vulnerability of end systems – all those features are the invaluable asset in the security information management. ExtremeControl IAM, available as a physical and virtual gateway interceding in authentication process (MAC, 802.1x – AD/LDAP, RADIUS), also allows the implementation of flexible browser based portal, which can be used to login employees and guests. Extensive capabilities of guests services, including sponsored access, SMS codes and multilingual captive portal that can be visually customized to your brand requirement – make that Extreme Networks NAC system is able to meet every needs connected with network access control. Integration with other solutions (such as firewalls, SIEM, MDM, building access control systems) significantly increases the level of automatization of network access processes. Cooperation with third party active LAN devices allows to achieve visibility and basic security without the need to rip and replace the entire infrastructure for a single manufacturer.

 

Want to know more? Contact Us!
Use our security questionnaire!

Firewalls

paloaltoFirewall systems monitor the exchange of network traffic exchange between local organization network and public internet network. Therefore they have the greatest strategic importance among all components of security infrastructure, and are an ideal point to enforce policies. However, traditional systems during classification of network traffic take into account only ports and protocols, thus allowing more advanced applications and users to easily bypass safeguards using simple methods as dynamic port changing, transmission via port 80, SSL encryption and use of untypical ports.

 

Resulting loss of transparency and control exposes company to temporary drop in productivity, creates problems with regulatory compliance, increases operational costs and creates a risk of sensitive data loss. Traditional approach to above problem involves the need to use additional elements to support firewall operations. Such approach, besides additional costs, does not solve the problem, as it reduces the transparency of network traffic, increases the complexity of management, increases delays connected with multi-scan architecture and limits the bandwidth.

 

Modern firewall systems from Palo Alto Networks, offered by VERSIM, give enterprises the transparency of network communication and control over applications, scanning their content for threats, thus allowing for effective risk analysis. Key features of PaloAlto firewall systems:

  • Ability to identify applications on all ports, regardless of used protocols, SSL encoding or other transmission methods used to avoid detection,
  • Ability to control policy not only on IP address basis but also based on user identity and/or its membership in a specific group,
  • Providing real-time security against attacks and malware existing in application network traffic,
  • Providing multi-gig throughput without performance loss when operating in in-line mode

foto4

 

Want to know more? Contact Us!
Use our security questionnaire!

SIEM systems

A security architecture used as the first line of defense is changing too slowly in comparison to the newest methods of attack – and as a result, it increasingly fails. ADS (Attack Deception System) is an original product of the Polish company STM Solutions, created and designed from ground up based on many years of experience in conducting authorized hacking attacks in many Polish companies. As a result, the solution is tailored to the specifics of Polish organizations and ensures high efficiency. ADS is an implementation of a new approach to cyber-security, originating from well-known “honeyspot” mechanism, which is aimed at attracting an intruder to a separated place within the infrastructure – trap. Thus, the intruder will divert his attention from mission-critical and strategic components of the infrastructure.

ADS system allows for detection of anomalies and unauthorized activities in IT systems, industrial automation systems and using data from physical access control systems and CCTV solutions, combining:

  • reactive protection – the basis of the solution is detection of attacks based on logs from corporate security systems

and

  • proactive protection – an integral part of the solution are so-called honeypots in a form of 3 types of modules: Wi-Fi, SCADA and DMZ. Honeypots are „traps”, that are isolated from the essential production environment. These components mimic the protected infrastructure and are configured in such a way, that their security mechanisms are moderately complicated to compromise for an experienced hacker. After penetrating by attacker, ADS enables mechanisms to identify and register methods and tools used by attacker. Security managers of client environment are observing the attack and are able to control the hacker’s activity to analyze, identify and implement risk mitigation method and reduce attack results such as theft of key data, services degradation or disrupting of business continuity.

 

What is unique in the ADS solution?

  • The solution created by a Polish company, based on its own assets – therefore the source code of the software is located on the territory of Poland and is unavailable to foreign entities.
  • The product is a result of many years of experience in conducting of authorized hacking attacks in many Polish companies (the manufacturer provides IT security services, including penetration tests).
  • The solution has a Polish-language user interface.
  • The ADS system is implemented in the Customer’s infrastructure by Polish engineers, who are able to provide direct technical support, both during system stabilization and when there is a need to modify or expand it.
  • An important component of the solution are so-called honeypots in a form of security modules: DMZ, Wi-Fi, SCADA, providing proactive protection against various types of attacks, complementing reactive protection, including detection of attacks by collecting and correlating logs.
  • The product may optionally be equipped with modules, that are not currently available in products of this category, allowing for: detection of critical infrastructure ports scanning, searching of improperly configured corporate Wi-Fi networks clients or detecting of potentially malicious base stations.
  • The ADS has embedded alarms related to the most important events, reflecting typical unauthorized activities, and in order to maintain a high level of immediate responsiveness, customer may choose correlation rules, from the numerous possibilities, that are the most important for him.
  • The ADS detects attacks, reconnaissance and unknown infrastructure as well as misconfiguration of user’s endpoint devices.
  • It allows to “control” the attacker in order to limit the scope of the attack, delay the achievement of the target, gather better data for attack analysis and forensics.
  • Provides detection of new and unknown methods of attack
  • Comprehensively protects working environment, including IT, OT, physical access control systems and CCTV systems.
  • Flexible licensing model irrespective on the volume of collected data and the number of events per second
  • Many ideas regarding further development of the system and its additional modules, primarily taking into account expectations and needs of organizations operating on the Polish market.

 

Want to know more? Contact Us!
Use our security questionnaire!

MDM systems

fancyfon1Does your organization have a fleet of smartphones and tablets? Do you store and process sensitive data about customers and projects or classified information, or personal data? If so, it is important to properly secure company mobile devices. Almost every lost phone faces an attempt to get access to it and review its contents. Theft of device or unaware downloading of malware application by employee also creates risk on key company information – for example company’s mail with data about customers, offers and projects. Such information can cost a fortune and therefore it is worth to consider the implementation of mobile device management (MDM) system.

 

MDM FAMOCFAMOC system has been created by native FancyFon company as a response to above mentioned challenges that result from – undoubtedly very attractive for every company – mobility. On the one hand, you receive a security mechanism implemented at the device, system and application level, such as enforcement of screen lock, list of allowed applications or password protected access. On the other hand, you gain a convenient tool to manage inventory of your fleet – SIM cards data, contracts with operator, repair history, assigned users, etc. For the purposes of remote collaboration with phone user, it is possible to use geolocation functions and remote desktop. In critical situation remote operations on the device are available – locking of screen with the change of password, applications management with starting and stopping, and finally very useful feature of remotely restore the device to factory setting when it was stolen or lost, it protects your device against loss of information, which are more valuable than a phone.

 

The FAMOC also offers a high class and responsive technical support, which does not have language barrier.

 

The FAMOC system, as a result of our efforts, can by integrated in your infrastructure together with Extreme Networks NAC, providing additional information about user’s device to NAC. If a device is not compliant with corporate security policy, access to critical network data will be blocked.

 

Due to differences between manufacturers of mobile devices and implementations of operating system, a set of available MDM features is heterogeneous.

 

Want to know more? Contact Us!
Use our Kwestionariusza Mobilnej firmy!

Data management platform

KODO is the cutting edge endpoint management platform that unifies backup, file sharing & synchronization, protection and compliance functionalities in one product. How it works?

Data protection
Storware KODO is a next generation of enterprise data protection software for Windows/OS X and mobile platforms (Android, iOS, Windows Phone). The robust protection, it provides, is fundamental both to IT admins and business users. KODO fights against thefts, malware attacks (incl. ransomware) or human errors.

  • Enterprise engine (+1000 users)
  • File versioning
  • Continuous data protection
  • Space saver – deduplication
  • E-mail protection (Lotus Notes, Outlook, etc.)
  • Roam Aware function for mobiles

Empower Your workforce
KODO is a very practical tool which gives you the access to the bunch of platforms where your data are stored. It empowers management and employees to access the demanded data quickly, improving the decision making and productivity.

  • Encrypted links for big files sharing
  • Online access to different device data sets
  • Data and device migration
  • Corporate book

 

Security
We are in alliance with companies like Samsung, IBM or Fancyfon for whom the security is the highest priority. It focuses on employee, systems, devices and data safety. KODO fits in that trend delivering different layers of security, including variety of administration roles.

  • Data encryption
  • Safe, encrypted transfer
  • Device geo-location
  • Wipeout lost device
  • Audit logs

 

Simplified IT
Managing IT infrastructure of the company is never easy. Nethertheless KODO could be IT department’s best friend. System simplifies the implementation, user and data management as well as processes such as restoring the crucial data or fleet migration. KODO and its open API allows to integrate with MDM platforms, asset management or helpdesk ticketing systems.

  • Active Directory integration
  • “User transparent” or magic link deployment
  • MDM system integration
  • Different backup policies
  • Easy restore
  • Ready for ticket system integration

 

 

Want to know more? Contact Us!
Use our security questionnaire!

Anty DDoS

dataspace1DDoS attack is a form of DoS attack where a target (company’s network) is simultaneously attacked from multiple locations. Attacks are conducted from computers that where earlier taken over using special software (bots and Trojans). Within specified time computers start to simultaneously attack targeted system, flooding it with false request to use its services. For each such request, attacked computer must allocate some resources (memory, CPU time, network bandwidth) and when we take into account a very large number of request it leads to exhaustion of available resources, which translates into interruptions in operation or even system crash.

 

Effective DDoS attack have real consequences:
1. 1. Loss of revenues – an interruption in communication with customers, sales representatives or partners translates into loss of revenues. In case of financial institutions it also means the inability to obtain market data and to execute of orders.
2. Loss of reputation – for every recognizable brand cyber-attack means a risk of huge reputation loses. Especially when company cannot protect itself against DDoS attacks, that are very cheap to conduct.
3. Market valuation – listed companies are especially vulnerable to DDoS attacks. Any bad news have a negative impact on assets valuation and deter investors.
4. Legal risk – loss of control over customers’ data is a serious violation of law, leading to sanctions imposed by regulatory bodies.

 

Anti-DDoS is a service that limits DDoS attacks and it is offered by VERSIM S.A. in cooperation with Data Space company – a specialized data center located in Poland focused on cyber-attack defense services. The Anti-DDoS service is based on Radware solutions – a leading global provider of IT security technologies.

foto5
Data Space Anti-DDoS system monitors client network connection to identify abnormal traffic. In case of an attack, the protection mechanism is activated in a few seconds and whole traffic is redirected to the Scrubbing Center. Then it is cleaned from bad packets and as a neutral traffic goes back to the corporate network. Anti-DDoS service provides protection against volumetric attacks (DDoS), attacks performed on the application layer, “low & slow” attacks, attacks on the network layer and SSL attacks.