Enterprise Network Security
Solutions and services we offer in the field of Corporate Network Security;
Network Access Control (NAC) Systems
VPN, SSL VPN Solutions
Log Collection System in Compliance with Law No. 5651
The Law No. 5651 on the "Regulation of Broadcasts on the Internet and Combating Crimes Committed Through These Broadcasts" was published in the Official Gazette No. 26530 on 23 May 2007 and entered into force. Law No. 5651 is the law on systematically ordering and controlling the broadcasts made on the internet, as well as combating the crimes committed through these broadcasts.
Institutions that have opened the internet service within the institution to the use of their customers or employees collectively through wired or wireless connection since the date of entry into force of this law have conditions that they are legally obliged to fulfill. Institutions that are obliged to comply with the directives of this law; They are institutions that open the internet to mass use, such as hotels, shopping malls, universities, cafes, internet cafes, SMEs, factories. The scope of the law includes the free internet service offered by the businesses to their customers and the internet service provided by the companies to their employees within the company. The internet service we use in the cafes we frequent in our daily lives, in the restaurants we eat at or in the institution we work for is within the scope of the law. Wireless hotspots of this type of internet service provided by businesses and institutions are mostly encrypted. Although such services, which are provided without a password, are absolutely not secure, they may cause problems such as theft of the user's private information or the contamination of viruses and similar harmful software. Therefore, unencrypted connections should never be trusted.
Solutions and services we offer in the field of Corporate Internet Security;
While simpler versions of the firewall are available to individual customers, more complex and systematic versions can be developed for companies. The firewall, which protects the network within the company or the computers on the networks against attacks from the internet, controls the network traffic between the internal and external networks based on predetermined principles. This ensures a controlled data flow at all times. In addition, many firewalls can also work with a proxy that handles users' request packets before they go to the network.
Virtual Private Network Access (VPN), SSL VPN Solutions
Attack Detection and Prevention (IDS / IPS )
IPS, on the other hand, are security systems used to detect and prevent malicious movements or harmful connections in your network traffic. It is used as an abbreviation of the words Intrusion Prevention Systems. The purpose of IPS systems is to intercept and prevent malicious connections or movements on network traffic.
Briefly, IDS (Intrusion Detection System) aims to detect attacks, while IPS (Intrusion Prevention System) systems are designed to stop and prevent attacks.
IPS and IDS systems, which are integrated with new generation Firewall devices, play an important role when properly configured in the detection, capture and prevention of attacks that cause serious damage, especially against advanced cyber attacks that have increased in recent years. While IDS detects and logs the attack in in-depth packet analysis, IPS systems prevent attacks by learning or by detecting them through the rule list.
Intrusion detection and prevention systems are software or hardware security systems designed for security analysts or experts.
If IPS and IDS products, which come across as intrusion detection and prevention systems, are used together, it is defined as Intrusion Detection and Prevention Systems, ie IDPS. In advanced systems, IPS and IDS systems are used in an integrated manner.
Although firewall devices can restrict the passage of packets, they are not capable of automatically reprogramming themselves in the event of an attack. They generally come with IPS and IDS features to eliminate this situation. Thanks to Intrusion Detection System (IDS) technology, you can both understand that the corporate network you want to protect has been attacked, and you can prevent the attacker from accessing your system again, thanks to Intrusion Prevention Systems (IPS) systems.
Our network components have become much more complex with internet technologies, the inclusion of our business processes in the internet network, the widespread use of CRM and many similar applications and systems such as the Cloud. With this naturally developing technology network, it becomes difficult to ensure the security of many of our open connections and ports that we have to keep open.
On the security side, Firewall devices have started to be weak in keeping your network clean, as they cannot analyze network traffic in depth on their own. The new generation Firewall devices, which come across as integrated security systems, have gained the ability to analyze network traffic with IPS and IDS features.
IPS and IDS systems basically have two types of working logic in attack detection or analysis. The first is the signature-based operating logic, and the second is the rule-based operating logic.
Intrusion detection, analysis and prevention systems generally have the following features;
1- Sending alerts to security administrators at the time of attack
2- Detection of malicious codes
3- Disconnecting malicious connection sources
4- Dropping and resetting harmful packets
5- Fixing CRC errors
6- Detection of attacks originating from a software or user
7- Attack to strengthen and improve defense recording patterns
8- Keeping forensic records for forensic experts
9- Ensuring data integrity and accessibility
10- Ensuring confidentiality along with security
Advanced Intrusion Detection and Analysis System
Today, the fact that networks have a complex structure, they are connected to other networks, especially the internet, with many access points, the variety and increase of cyber attacks day by day, and at the same time, these complex network systems can no longer be protected only with encryption or firewall, realities such as network traffic is constantly monitored. made real-time detection of attack attempts inevitable.
IDS/IPS systems have functions such as monitoring the network frequently, identifying possible threats and keeping event logs (logs) about them, stopping attacks and reporting to security administrators. These systems can also be used in some cases to reveal weaknesses in the security policies of institutions. IDS/IPS can also detect attackers' information gathering activities about the network, thus stopping attackers at this early stage.
Major IDS methodologies
Signature-based detection: It looks for malicious bytes or strings in network traffic to detect possible threats and compares them with previously detected attack signatures.
Anomaly-based detection: It tries to detect serious deviations from this normal level by comparing the traffic on the network with the previously determined normal traffic. It is effective in detecting previously unknown threats.
Stateful protocol analysis: It includes the steps such as comparing the profiles created by identifying harmless protocol activities with each observed suspicious activity and detecting deviations.
Data Leakage Prevention System
DATA TYPES IN DLP
The job/purpose of data leakage prevention technology, which is evaluated in the category of “data security” in information security, is to protect data throughout its life in the network, storage areas and end user (end) points. In this direction, data is handled in three different ways in
DLP: 1. Data in Motion: It is the type of data that moves within the network, that is, it is in constant motion on transmission channels such as e-mail, instant messaging, web and P2P.
2. Data at Rest: It is the type of data that is sensitive in databases, file systems and other special storage units that is queried and used when necessary, and that is generally required to be protected in the first place.
3. Data in Use: It is an active data type that is connected with sensitive and confidential data, although it is the type that the end user constantly uses and processes.
Many advanced protection products use multiple technologies to keep their users safe. This enables the products to deal with a wide range of cyber attacks such as spyware, keyboard recording, credential stealing, unauthorized cryptocurrency mining, encryption of files due to ransomware, information leaking with trojans, spam and fraud.
Mobile device management and security system
Asset Management with Mobile Device Management (Device type, tracking of operating system version information, list of applications, detection of device when lost), Software Management (Remote version update and patch installation possibility), Configuration management (Management of different devices through a single interface Configuration & Error Reporting: Devices memory, battery, network information, alarm reporting) and Security Management (Password management, remote deletion of corporate information in case of theft or loss of the device, or remote locking of the device, etc.).
In this context, to explain the DDoS attack in its simplest form: imagine a smoothly flowing traffic on the highway. You will have to reduce your speed due to the fact that there is a more than expected vehicle entrance from the side roads, and at some points you will not be able to move at all due to traffic.