A Cloud Access Security Broker (CASB) is a system working between cloud service users and cloud applications to monitor all activity and enforce security policies. A CASB can offer a variety of services, including but not limited to monitoring every action of the users, warning administrators on specific actions that are seen as potentially hazardous, enforcing compliance to security policies and taking automatic actions for malware prevention. These services fall under the umbrella of Shadow IT (Cloud Services in use) and Shadow Data (user behaviour within these services)
IP Performance's CASB service offering is an API-centric CASB which uses a direct API to the cloud services. It is fast, non-intrusive and focuses on detecting, analysing, managing and preventing user activity. It benefits from cloud technology scalability and speed and can seamlessly integrates with major cloud applications.
IP Performance partner with Symantec to provide CASB services. We can also offer a free CASB audit, with detailed reporting, so that customers can test drive the service before deciding whether to subscribe. Click on the partner logo below for more information.
In networking terms, compliance enforcement is the process of ensuring compliance with legislation, regulations, governance, standards and internal policies. Many network devices and software have the ability to detect and inspect network traffic, match it against policy rules, and either allow, deny (drop) or forward to another system for further analysis. This is particularly critical with new and possibly disruptive regulations such as the General Data Protection Regulation (GDPR) coming into force in the very near future.
IP Performance's partners of choice for compliance enforcement are LogRhythm and Symantec. Click on the partner logos below for more information.
Data loss prevention systems detect potential data breaches/data exfiltration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). In data leakage incidents, sensitive data is disclosed to unauthorized parties by either malicious intent or an inadvertent mistake.
IP Performance partner with Symantec for DLP solutions, and integrate other security portfolio solutions with the Symantec DLP offerings.
Click on the partner logo below for more information.
Encryption and Tokenisation
Encryption And Tokenisation satisfies industry mandates and legal requirements associated with protecting sensitive data in SaaS cloud applications.
Encryption is the process of using an algorithmic scheme to transform plain text information into a non-readable form called ciphertext (a key).
Tokenisation is the process of randomly generating a substitute value, or token, that is used in place of real data, where the token is not computationally derived in any way, shape or form from the original data value. The most common form of tokenization uses a highly secure lookup table (called a vault) to keep track of the relationships between real data and the substitute token value.
IP Performance's partner of choice for encryption and tokenisation is Symantec. Click on the partner logo below for more information.
Malware Analysis & Sandboxing
Malware Analysis is most commonly used for computer security Incident Response Management: If an organisation discovers or suspects that some malware may have penetrated its systems, a response team may wish to perform malware analysis on any potential samples that are discovered during the investigation process to determine if they are malware and, if so, what impact that malware might have on the systems within the target organisations' environment.
Dynamic or Behavioral analysis is performed by observing the behavior of the malware while it is actually running on a host system. This form of analysis is often performed in a sandbox environment to prevent the malware from actually infecting production systems; many such sandboxes are virtual systems that can easily be rolled back to a clean state after the analysis is complete.
IP Performance's partner of choice for this technology is Symantec. Click on the partner logo below for more information.
Mobile Device Security
Mobile Device Management (MDM) ensures employees stay productive and do not breach corporate policies. MDM primarily secures emails and corporate documents on devices, enforcing corporate policies, integrating and managing corporate-owned mobile assets including laptops tablets and mobile phones. MDM implementations may be either on-premises or cloud-based.
Bring Your Own Device (BYOD) is less a technology than a business policy or strategy, allowing employees, contractors and visitors to connect their personal devices to the corporate network, wired or wirelessly. This poses various security risks and privacy issues. For example, technologies exist to carry out host integrity checking, policy compliance and patch management, but imposing these on a privately-owned, non-corporate owned device is problematic. A typical solution to non-compliant devices is to redirect them to a captive portal, offering Internet access and limited (or no) corporate resources.
IP Performance's partner of choice for Mobile Device Security is Symantec. Click on the partner logo below for more information.
Privileged User Access
Privileged User Access (or Privileged Account Management) is focused on the special requirements of powerful accounts within the IT infrastructure of an enterprise. It is frequently used as an information security and governance tool to help companies in meeting compliance regulations and to prevent internal data breaches through the use of privileged accounts. The management of privileged identities can be automated to follow pre-determined or customized policies and requirements for an organisation or industry.
Privileged Account Management technology needs to accommodate for the special needs of privileged accounts, including their provisioning and life cycle management, authentication, authorisation, password management, auditing, and access controls.
Click on the partner logos below for more information.
Web Application Firewall
A web application firewall (or WAF) filters, monitors, and blocks HTTP traffic to and from a web application. A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers. By inspecting HTTP traffic, it can prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations.
IP Performance partner with Brocade and Symantec to provide this functionality. Click on the partner logos below for more information.
Web Security Service
New devices, cloud use, and the evolution of the network have complicated the battle against web and cloud-based threats. Cloud-based web security services help to mitigate advanced threats, malware, and zero-day attacks. Web security services may include antivirus scanning, malware analysis, DLP, sandboxing, and security policies derived from threat intelligence and investigation.
Symantec's cloud-delivered Web Security Service allows enterprises to control access, protect users from threats, and secure their data.
Click on the partner logo below for more information.
Cloud Computing has become the new networking paradigm. It was a while before it gained wide acceptance, mainly because of suspicions about the security of data in motion (network traffic) and at rest (storage) in the cloud. These security concerns have now been addressed. IP Performance offer a comprehensive portfolio of cloud security solutions. Please click through and browse our technologies and partners.