Network Traffic Security System
Network Traffic Security System or NTSS for short, is an appliance-based scalable IP packet capturing, reconstruction, indexing, storage and search system.
The NTSS is a scalable infrastructure element for corporate and business security, capturing all traffic crossing your network perimeter. It performs full traffic recording and reconstruction into meaningful data objects, storing relevant data into an instantly searchable database, which you can easily access via the web-based interface. With the NTSS it is possible to ask questions like the following, and be alerted with real-time triggers:
- Who posted a comment with known keywords on an Internet portal just now or X months ago?
- Who sent or received emails with attachments or texts that could indicate fraud or other dishonest activities?
- Who is wasting company time viewing websites or downloading video or audio files that breach our corporate IT policy?
The NTSS uses private cloud architecture to flexibly scale out monitoring capacity: data volume captured, stored and indexed, and search response times. The system can be scaled out from a single appliance to a large multi-server cluster.
The main component of Ugunssiena proprietary network security solution. Thanks to filters, it is possible to block unwanted data connections and also to control an access to different types of network services.
- Use of address and protocol groups;
- Up to 50 000 different filters;
- Link state check;
- Failsafe as it is impossible to upload invalid configuration;
- System audit records available.
Network router provides intelligent traffic routing between two or more networks. The user can set its own routing table and dynamically control network traffic flow. Includes NAT and is famous for reliability and stability thanks to the use of FreeBSD as operating environment. User reports suggest that Ugunssiena router is capable of running literally for years without the need to ever reboot.
VPN allows users to build secure intranet even for geographically remote offices and branches by using public internet services readily available almost everywhere and by encrypting and encapsulating the traffic.
Ugunssiena VPN supports various standard protocols for secure communication, including IPSEC and CIPE. Authentication can be done using a so-called preshared key or digital certificates.
Automatic ISP failover for VPN
Unique feature for setups with more than one internet connection. Works also in configuration with more than one office and ensures failover of ISP as well as VPN. VPN connections are not terminated and only short delay is observed by users. Even VoIP connections over VPN are not timed out.
E-mail control system protects your e-mail from viruses and unwanted e-mails. If infected or unwanted e-mail is detected, it is contained in user’s quarantine account on the Email Security server and only notifications are sent to both sender and recipient as well as to administrator of the e-mail system. It allows notified users to easily inspect quarantined emails and if necessary, enforce reception of accidentally stopped as spam false positives. E-mail control system is integrated with third party antivirus and it can be used with any antivirus running on FreeBSD.
Email Security uses Bayesian statistics based machine-learning methods to identify spam email, with completely automatic learning of spam patterns. Additionally, it enables users to easily custom train Bayesian antispam patterns database for the maximum accuracy using particular emails as samples, or completely retrain the filtering system if needed. Email Security quarantine reports enable users by one-click ad hoc training directives immediately specify to Bayesian algorithms which email should or should not be considered as spam, gradually increasing Email Security “artificial intelligence” accuracy to the ultimately the best possible for a specific customer.
Combined automatic machine learning with interactive training facility for building and fine-tuning the corporate antispam database enables Email Security customers to maintain the full control over their e-mail management. Quarantine list reporting of all contained emails, with a tunable frequency of reporting, also efficiently solves the problem of false positives, enabling manual overwrite of machine-learning statistics driven “Artificial Intelligence” decisions of Bayesian statistics. As a result, Email Security provides one of the most productive and reliable customer experience with antispam and malware services in the industry, along the high levels of email user satisfaction.
SSL proxy serves as a man-in-the-middle HTTPS proxy, enabling NTSS to view the communication between web browser and SSL web server. It is necessary as today most of the traffic is SSL encrypted and thus protected from monitoring by your implementation of the NTSS.
SSL proxy does this by becoming a man-in-the-middle. Instead of your browser seeing the server’s certificate, SSL proxy dynamically generates a certificate for the server and signs it with its own root certificate. SSL proxy receives the server’s certificate, while your browser receives SSL proxy’s certificate.
SSL Certificate server provides certificates for secure communication over the internet. In essence, SSL allows for a private “conversation” just between the two intended parties.
To create this secure connection, an SSL certificate (also referred to as a “digital certificate”) is installed on a web server and serves two functions:
- It authenticates the identity of the website (this guarantees visitors that they’re not on a bogus site)
- It encrypts the data that’s being transmitted
E-mail server with webmail
A standard POP3/SMTP e-mail server that also includes a WEB interface (webmail). It works in SSL mode so your email conversation is protected from eavesdropping.