dystrybutor extreme networks
tel. +48 61 628 43 70 info@versim.pl PL | EN
extreme networks nac

Solutions

Endpoint protection

Despite the fact, that antivirus solutions protect almost every workstation and server in the world, the number of security breaches is growing alarmingly. This is mainly due to the fact that traditional antivirus systems are reactive solutions, that focus on detection and response to already known threats.

Today however, experienced attackers are able to easily evade traditional antivirus solutions using low cost and automated online tools that allow them to generate the countless number of unique, previously unknown attacks. Therefore, traditional antivirus as a security breaches prevention system is no longer sufficient.

Organization, if it wants to prevent intrusions and data leakages must defend itself against known and unknown threats as well as from the weakness of traditional antivirus solutions. To achieve this, it should put emphasis on prevention. Prevention is in fact the only effective way to reduce the frequency and consequences of cyber-breaches. The old truth: Prevention is better (and cheaper) then cure…

In today’s reality of common use of previously unknown threats and vulnerabilities in targeted attacks, it is more important than ever that workstations are actively protected.

Endpoint Protection class solution should provide users a convenient experience and enable them to conduct their daily activities without concern about infection. An advanced workstation protection product must allow users to freely use mobile and cloud technologies, while ensuing protection against unknown threats. Users must be confident and know that they are protected against accidental execution of malware or exploit, that could comprise their system.

Advanced endpoint protection solution should provide:
• Prevent all exploits, including those utilizing unknown zero-day vulnerabilities
• Prevent all malicious executables, without requiring any prior knowledge of the threat
• Detailed data about prevented attacks
• High scalability with minimal system load
• Tight integration with network and cloud security solutions

Offered by Versim, the advanced next generation endpoint protection solution – Palo Alto Networks Traps, fulfills all the above mentioned conditions. The operation of Traps solution comes down to core techniques, that any attacker must use in order to conduct a successful attack. Using such approach, Traps can block attacks before malicious code succeed.

Palo Alto Networks Traps – Multilayer Endpoint Prevention Method against known and unknown Malware threats.

Palo Alto Advanced Endpoint Protection Traps integrated with Palo Alto Next-Generation Firewall create innovative security platform (Next-Generation Security Platform), that provides security of application delivery process and protection against both known and unknown network, cloud and endpoint threats.

 

Want to know more? Contact Us!
Use our security questionnaire!

Security Operation Center (SOC)

Despite increasing investments in security solutions, 80% of organizations are victims of hacking into their systems. Advanced attacks bypass traditional security solutions, while the effectiveness of security professionals and analysts is weakened by the lack of full visibility of threats, too many alerts and the shortage appropriately qualified employees.

In this situation, a completely new cyber-security paradigm is needed. A proactive solution, that controls every link in the attack chain and continuously looks for attackers. The new forensics strategy, that continuously gathers evidences, process them intelligently and provides real-time information allowing to detect cyberattack and rapidly and effectively respond on it, eliminating the threat at an early stage.

Are you struggling with such problems today?
1. Thousands of alerts a day and to many false-positives?
2. Point, siloed security tools, generating independent alarms, that are impossible to gather and analyze as a whole, in order to detect an attack?
3. Conducting of forensics analysis in order to establish the most effective response is too complex, time-consuming and expensive?
4. Lack of suitably qualified employees?

Therefore, it is a time to change the way of defense against cyber threats.

Organizations that want to increase the effectiveness of protection against attacks, while increasing the operational efficiency of their security teams and maintain a reasonable level of costs, must change their approach to that protection against cyber threats, from siloed to integrated (unified).

And when we talk about creating an effectively working SOC (Security Operations Center), which constantly monitors security posture, there is no doubt that such integrated approach is definitely the most cost-effective way to build it. It provides full visibility of threats in the entire infrastructure, streamlines management of these threats and accelerates response time. Deployment of the unified SOC concept enables organizations to reduce the need for purchase of siloed, not integrated tools, and also the need for qualified employees, who maintain and support such siloed solitons.

By reducing the number of tools along with lower demand for staff, overall TCO savings may even reach 60% in comparison to the traditional approach to SOC. Moreover, unified approach minimalizes the risk of costly data security breaches by faster and more effective detection and response to threats.

 

Verint Threat Protection System™ is a unified and intelligent platform, implementing the concept of unified SOC deployment, it revolutionizes the way analysts work, covering the whole cyber-attack chain (full kill chain). Verint TPS enables analysts to automate forensics analysis process, transforming thousands of data sources into meaningful information – which shortens the time required to detect an attack and eliminates the delay between detection and response.

According to Gartner, many „organizations show a more mature approach to security, when they struggle with issues related with notification and response to incidents, and looking for a way to improve SOC productivity”. With the ability to automate forensics, the Verint system simplifies the entire process, which not only increases productivity, but also enables first-tier analysts to resolve problems by themselves, which previously required involvement of expert.

Verint Threat Protection System ™ combines multivector detection of threats with proactive gathering of evidences and forensics analysis, and with automation of the most difficult and time-consuming investigation phase, to finally generate an effective response recommendation. Thus, it creates a holistic platform that can stop the attack before it reaches its target and damages it.

Such unified integrated platform enables proactive and extremely effective operation. With a transparent view of threats in the entire infrastructure, the SOC team can rapidly respond even to the first attack symptoms, getting ahead of the attacker and undermining his plans, instead of putting out fire after attack, that breaks out with huge force.

With automation of the most difficult and time-consuming investigation phase, Verint TPS system simplifies analytics, not only by increasing productivity, but it also enables Tier 1 analysts to support incidents, that previously required an involvement of expert.

Want to know more? Contact Us!
Use our security questionnaire!

Network Access Control (NAC)

extremeThe vast majority of enterprises and institutions that planning strategy of their resources security take into account firewall class systems. Firewalls are an essential component responsible for protection of organization’s data against unauthorized access and external attempts to violate data. Malware in e-mails and botnet attacks are one thing, but we are also exposed on internal attacks. Unaware employee, guest user acting on behalf of competitive companies, disgruntled employee, cleaner called Mitnick… Trust in human relations is a very important factor impacting on the quality and satisfaction of business, but it is worth to equip ourselves in a tool which will ensure that our trust won’t be abused. We often see that inconsistency in the security policy implementation or hardware limitations make sensitive data available to unauthorized people, at their fingertips. But not only this is a problem. How many devices, exactly, are connected to your network? Who is using your network and what access privileges to server resources does he have? Therefore it is good to include network access control (NAC) system when creating a security policy.

 

NACOffered Extreme Control Identity & Access Management system is a NAC grade solution that perfectly addresses the needs of enterprises and institutions in the field of network access layer security. Full visibility of devices connecting to the network, extensive capabilities to profile wire and wireless devices, dynamic assignment of security policies binding VLAN, ACL, QoS, etc., as well as the possibility to validate compliance and vulnerability of end systems – all those features are the invaluable asset in the security information management. ExtremeControl IAM, available as a physical and virtual gateway interceding in authentication process (MAC, 802.1x – AD/LDAP, RADIUS), also allows the implementation of flexible browser based portal, which can be used to login employees and guests. Extensive capabilities of guests services, including sponsored access, SMS codes and multilingual captive portal that can be visually customized to your brand requirement – make that Extreme Networks NAC system is able to meet every needs connected with network access control. Integration with other solutions (such as firewalls, SIEM, MDM, building access control systems) significantly increases the level of automatization of network access processes. Cooperation with third party active LAN devices allows to achieve visibility and basic security without the need to rip and replace the entire infrastructure for a single manufacturer.

 

Want to know more? Contact Us!
Use our security questionnaire!

Firewalls

paloaltoFirewall systems monitor the exchange of network traffic exchange between local organization network and public internet network. Therefore they have the greatest strategic importance among all components of security infrastructure, and are an ideal point to enforce policies. However, traditional systems during classification of network traffic take into account only ports and protocols, thus allowing more advanced applications and users to easily bypass safeguards using simple methods as dynamic port changing, transmission via port 80, SSL encryption and use of untypical ports.

 

Resulting loss of transparency and control exposes company to temporary drop in productivity, creates problems with regulatory compliance, increases operational costs and creates a risk of sensitive data loss. Traditional approach to above problem involves the need to use additional elements to support firewall operations. Such approach, besides additional costs, does not solve the problem, as it reduces the transparency of network traffic, increases the complexity of management, increases delays connected with multi-scan architecture and limits the bandwidth.

 

Modern firewall systems from Palo Alto Networks, offered by VERSIM, give enterprises the transparency of network communication and control over applications, scanning their content for threats, thus allowing for effective risk analysis. Key features of PaloAlto firewall systems:

  • Ability to identify applications on all ports, regardless of used protocols, SSL encoding or other transmission methods used to avoid detection,
  • Ability to control policy not only on IP address basis but also based on user identity and/or its membership in a specific group,
  • Providing real-time security against attacks and malware existing in application network traffic,
  • Providing multi-gig throughput without performance loss when operating in in-line mode

foto4

 

Want to know more? Contact Us!
Use our security questionnaire!

SIEM systems

A security architecture used as the first line of defense is changing too slowly in comparison to the newest methods of attack – and as a result, it increasingly fails. ADS (Attack Deception System) is an original product of the Polish company STM Solutions, created and designed from ground up based on many years of experience in conducting authorized hacking attacks in many Polish companies. As a result, the solution is tailored to the specifics of Polish organizations and ensures high efficiency. ADS is an implementation of a new approach to cyber-security, originating from well-known “honeyspot” mechanism, which is aimed at attracting an intruder to a separated place within the infrastructure – trap. Thus, the intruder will divert his attention from mission-critical and strategic components of the infrastructure.

ADS system allows for detection of anomalies and unauthorized activities in IT systems, industrial automation systems and using data from physical access control systems and CCTV solutions, combining:

  • reactive protection – the basis of the solution is detection of attacks based on logs from corporate security systems

and

  • proactive protection – an integral part of the solution are so-called honeypots in a form of 3 types of modules: Wi-Fi, SCADA and DMZ. Honeypots are „traps”, that are isolated from the essential production environment. These components mimic the protected infrastructure and are configured in such a way, that their security mechanisms are moderately complicated to compromise for an experienced hacker. After penetrating by attacker, ADS enables mechanisms to identify and register methods and tools used by attacker. Security managers of client environment are observing the attack and are able to control the hacker’s activity to analyze, identify and implement risk mitigation method and reduce attack results such as theft of key data, services degradation or disrupting of business continuity.

 

What is unique in the ADS solution?

  • The solution created by a Polish company, based on its own assets – therefore the source code of the software is located on the territory of Poland and is unavailable to foreign entities.
  • The product is a result of many years of experience in conducting of authorized hacking attacks in many Polish companies (the manufacturer provides IT security services, including penetration tests).
  • The solution has a Polish-language user interface.
  • The ADS system is implemented in the Customer’s infrastructure by Polish engineers, who are able to provide direct technical support, both during system stabilization and when there is a need to modify or expand it.
  • An important component of the solution are so-called honeypots in a form of security modules: DMZ, Wi-Fi, SCADA, providing proactive protection against various types of attacks, complementing reactive protection, including detection of attacks by collecting and correlating logs.
  • The product may optionally be equipped with modules, that are not currently available in products of this category, allowing for: detection of critical infrastructure ports scanning, searching of improperly configured corporate Wi-Fi networks clients or detecting of potentially malicious base stations.
  • The ADS has embedded alarms related to the most important events, reflecting typical unauthorized activities, and in order to maintain a high level of immediate responsiveness, customer may choose correlation rules, from the numerous possibilities, that are the most important for him.
  • The ADS detects attacks, reconnaissance and unknown infrastructure as well as misconfiguration of user’s endpoint devices.
  • It allows to “control” the attacker in order to limit the scope of the attack, delay the achievement of the target, gather better data for attack analysis and forensics.
  • Provides detection of new and unknown methods of attack
  • Comprehensively protects working environment, including IT, OT, physical access control systems and CCTV systems.
  • Flexible licensing model irrespective on the volume of collected data and the number of events per second
  • Many ideas regarding further development of the system and its additional modules, primarily taking into account expectations and needs of organizations operating on the Polish market.

 

Want to know more? Contact Us!
Use our security questionnaire!

MDM systems

fancyfon1Does your organization have a fleet of smartphones and tablets? Do you store and process sensitive data about customers and projects or classified information, or personal data? If so, it is important to properly secure company mobile devices. Almost every lost phone faces an attempt to get access to it and review its contents. Theft of device or unaware downloading of malware application by employee also creates risk on key company information – for example company’s mail with data about customers, offers and projects. Such information can cost a fortune and therefore it is worth to consider the implementation of mobile device management (MDM) system.

 

MDM FAMOCFAMOC system has been created by native FancyFon company as a response to above mentioned challenges that result from – undoubtedly very attractive for every company – mobility. On the one hand, you receive a security mechanism implemented at the device, system and application level, such as enforcement of screen lock, list of allowed applications or password protected access. On the other hand, you gain a convenient tool to manage inventory of your fleet – SIM cards data, contracts with operator, repair history, assigned users, etc. For the purposes of remote collaboration with phone user, it is possible to use geolocation functions and remote desktop. In critical situation remote operations on the device are available – locking of screen with the change of password, applications management with starting and stopping, and finally very useful feature of remotely restore the device to factory setting when it was stolen or lost, it protects your device against loss of information, which are more valuable than a phone.

 

The FAMOC also offers a high class and responsive technical support, which does not have language barrier.

 

The FAMOC system, as a result of our efforts, can by integrated in your infrastructure together with Extreme Networks NAC, providing additional information about user’s device to NAC. If a device is not compliant with corporate security policy, access to critical network data will be blocked.

 

Due to differences between manufacturers of mobile devices and implementations of operating system, a set of available MDM features is heterogeneous.

 

Want to know more? Contact Us!
Use our Kwestionariusza Mobilnej firmy!

Data management platform

KODO is the cutting edge endpoint management platform that unifies backup, file sharing & synchronization, protection and compliance functionalities in one product. How it works?

Data protection
Storware KODO is a next generation of enterprise data protection software for Windows/OS X and mobile platforms (Android, iOS, Windows Phone). The robust protection, it provides, is fundamental both to IT admins and business users. KODO fights against thefts, malware attacks (incl. ransomware) or human errors.

  • Enterprise engine (+1000 users)
  • File versioning
  • Continuous data protection
  • Space saver – deduplication
  • E-mail protection (Lotus Notes, Outlook, etc.)
  • Roam Aware function for mobiles

Empower Your workforce
KODO is a very practical tool which gives you the access to the bunch of platforms where your data are stored. It empowers management and employees to access the demanded data quickly, improving the decision making and productivity.

  • Encrypted links for big files sharing
  • Online access to different device data sets
  • Data and device migration
  • Corporate book

 

Security
We are in alliance with companies like Samsung, IBM or Fancyfon for whom the security is the highest priority. It focuses on employee, systems, devices and data safety. KODO fits in that trend delivering different layers of security, including variety of administration roles.

  • Data encryption
  • Safe, encrypted transfer
  • Device geo-location
  • Wipeout lost device
  • Audit logs

 

Simplified IT
Managing IT infrastructure of the company is never easy. Nethertheless KODO could be IT department’s best friend. System simplifies the implementation, user and data management as well as processes such as restoring the crucial data or fleet migration. KODO and its open API allows to integrate with MDM platforms, asset management or helpdesk ticketing systems.

  • Active Directory integration
  • “User transparent” or magic link deployment
  • MDM system integration
  • Different backup policies
  • Easy restore
  • Ready for ticket system integration

 

 

Want to know more? Contact Us!
Use our security questionnaire!