Along with the development of the Internet, network security situation is not optimistic. Security vulnerabilities and attacks continue to occur, following with bleeding heart vulnerabilities, broken shell vulnerabilities and vulnerability disclosures. The popularity of BYOD, cloud computing and social network also increases the risk of enterprise IT systems being attacked.
With years of professional experience in Information Security, we integrate the security products from various brands like CISCO, Check Point, Palo Alto, Fortinet and Sangfor etc. Based on different industry features, we customize the security solutions for enterprises with higher visibility, better flexibility and stronger security protection.
Based on function area, Wafer Systems Security Solution is separated as External Security, Internal Security and Inter-Network Security, including:
1.The Next Generation Firewall
1）Basic Firewall: covering functions of traditional firewall, providing VPN networking, link load balancing and high availability modules.
2）Application Visualization: the application visualization capability provides an effective support for advanced security features, including application identification, user identification, terminal identification, traffics management, BYOD identification modules.
3）Integrated Security Protection Engine: features like integrated IPS, Cloud Antivirus and URL filtering can effectively handle with the potential risks lurking in the application content.
4）Data Leakage Prevention: with capability to filter keywords at the file content level, protect property rights, design and personal sensitive information to avoid financial losses
5）Proactive Defense: provide unique data analysis mechanism like integrated relevance, data mining and zombie host discovery etc.; trace the risk via data relevance and behavior models.
6) Application High Performance: The single path heterogeneous processing engine fully performs to adapt to the scene of large traffics scenarios of carriers and data centers with all functions on.
An automated security policy management platform enables you to implement secure access to network resources based on scenarios. The CISCO Identity Service Engine (ISE) can provide excellent user and device visibility, whether it is for business mobile experience or for access control. In addition, ISE can share data with integrated user solutions, enabling it to discover, relieve and repair the damage caused by threats in a shorter period of time.
ISE is with rich functions:
1) Simply Visitor Experience: ISE can management visits and visitors more easily. Via the easily customized ISE mobile and desktop visitor portal, the access could be configured in just a few minutes. The intuitive dynamic workflow allows you to fully manage all aspects of visit access.
2) Simply self-brought devices and enterprise mobile management: ISE provide self-help device activation and management function, which is easy to use. Functions include internal certificate authority, Active Doreen Directory Support and integrated Enterprise Mobile Management (EMM) partner software.
3) Improve highly secure access experience through integrated and unified access policy management. Users can access your network securely and consistently whether they are using a wired connection, a wireless connection or a VPN connection.
4) Provide a more in-depth visibility and realize more accurate device identification. The ISE advanced device analysis and zero day device identification library upgrade service can ensure you to get the latest device update profile. These two functions complement each other and help reduce the number of unknown terminals (and potential threats) on the network.
5) Implement software-defined network segments based on enterprise roles: ISE can use the Cisco TrustSec technology embedded in existing infrastructure. With ISE, you can create flexible access control strategy based on roles, so as to achieve dynamic access by segment without increasing complexity. The ability to perform traffics classification based on terminal identification can ensure that you don’t need to redesign the network after changing the policy. This product supports 250 thousand concurrent activities and up to 1 million registered devices, which could help enterprise to complete the mobile terms in the entire network.
6) Share scenario data with Wafer Systems / User Systems: ISE can share scenario data by using the Cisco Platform Exchange Grid technology.
Based on the rich knowledge of the scenario to relate files with remote sensing data and file behaviors, so as to proactively prevent a variety of known threats and new threats.2）Unknown Threats
According to more than 700 kinds of behaviors, automatically execute static and dynamic analysis on files. These analysis can detect hidden threats, help security team to understand various complex attacks, so as to determine response priorities and prevent these attacks.3）Malware Detection Box and Interception
Use Anti-Virus (AV) detection engine, one to one signature matching, machine learning and fuzzy matching fingerprint technology to analyze files in the entrance so as to capture a variety of known and unknown malware.4）Continuous Analysis and Traceability Security
By sending a retrospective alert to tell where the malware came from and where it has been to as well as what operations it is performing, security personnel needs only a few clicks to complete the containment and repair.4.Content and Application Control
Threat centric mail security protection: based on Cisco ESA system to provide zero hour antivirus solution for users. Provide the best sensitive outbound mail control and encryption function, simultaneously integrates multi-layer defense in single device, which can quickly stop inbound attack.
1) The scenario analysis function can effectively prevent phishing and snowshoes spam attacks
2) High spam capture rate (over 99%) with very low false rate
3) Provide file reputation, dynamic analysis (sandbox) and traceable security functions by Cisco AMP Threat Grid (US)
4) Graymail management and Web Interaction Tracking
As the WEB applications become more and more abundant, WEB servers gradually become the main attack target for its powerful computing capability, processing performance and relatively high value. Security incidents like SQL injection, web tampering, web Trojan occur frequently. Web Application Firewall (WAF) represents a new class of information security technology to solve the web application security problems that cannot be solved by traditional devices like firewall. Different from the traditional firewall, WAF works in the application layer, so it has a natural advantage on WEB application protection. Based on the deep understanding of WEB application business and logics, WAF detects and verifies content of requests from WEB applications to ensure the security and legitimacy. The illegal requests will be blocked in real-time, so as to carry out effective protection of various website.
Understand and establish a connection to a large number of event data related to IT environment applications, users, devices, operating systems, vulnerabilities, services, processes, network behavior, files and threats.Advanced Threat Protection
With the best protection against the latest threats, the product has been verified by testing from independent third party and thousands of loyal customers worldwide.Intelligent Security Automatic Function
Significantly reduce the Total Cost of Ownership and enhance user response speed to keep up with the rapidly changing environment. Make full use of the automatic event impact assessment, IPS policy adjustment, policy management, network behavior analysis and user identification.High Performance and Scalability
Create a dedicated device and integrate low latency and single channel design to achieve high performance and scalability.Optional Application Control, URL Filtering and Advanced Malware Protection
Through the precise control of a variety of applications and categories of URLs, we help you narrow the scope of attack, discover, track and prevent the development of suspicious files and malicious software to prevent the scope outbreak and reinfection.