Skip navigation
  • Support Portal Icon

01275 393382

Next Generation Security Information and Event Management (SIEM)

Modernize your threat detection, accelerate your threat management workflow, and advance your security maturity with next-gen SIEM solutions from LogRhythm.

Contact us
 

Network SecurityNetwork Security

AV

Antivirus (AV) software and hardware, more commonly referred to now as anti-malware, is a component of Advanced Threat Protection (ATP), which protects networks, hosts, servers, email and web traffic from Advanced Persistent Threats (APTs).

Preventing advanced threats from reaching their targets requires a layered defence strategy. Software, virtualised or physical appliances can be located a strategic points (access perimiter aggregation points, core, local hosts) in the network. At each ATP instance, multi-layered defence pre-filters possible threats by using increasingly sophisticated analysis, to optimise efficiency and ensure rapid response to any type of attack without compromising network performance or security policies. These layers may include machine learning, Advanced Threat Signatures, heuristic and behavioural analysis, static code anaysis, and finally, CPU-emulation sandboxing.

Any true ATP solution will leverage a global threat intelligence, ingesting, uploading and sharing new threat information from deployed instances in real time.

Click on the partner logos below for more information.

  • Barracuda - AV Logo
  • Symantec - AV Logo
Contact Us

DDoS

Distributed Denial of Service (DDoS) attacks are on the increase - a simple strategy, basically these are large numbers of hijacked browsers or botnets programmed to make constant repeated requests to a webserver or cluster thereof until it/they crash due to CPU or bandwidth overload. DDoS mitigation is built into many of IP Performance's solution offerings, measuring number of web requests and frequency, and blocking or dropping requests as necessary.

Click on the partner logos below for more information.

  • Allot Communications - DDoS Logo
  • EfficientIP - DDoS Logo
Contact Us

DLP

Data loss prevention systems detect potential data breaches/data exfiltration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). In data leakage incidents, sensitive data is disclosed to unauthorized parties by either malicious intent or an inadvertent mistake.

IP Performance partner with Symantec for DLP solutions, and integrate other security portfolio solutions with the Symantec DLP offerings.

Click on the partner logo below for more information.

  • Symantec - DLP Logo
Contact Us

DNS Security

The original design of the Domain Name System (DNS) did not include any security details; instead, it was designed to be a scalable distributed system. The later Domain Name System Security Extensions (DNSSEC) standard seeks to address this by adding security, while maintaining backward compatibility. DNSSEC was designed to protect applications (and caching resolvers serving those applications) from using forged or manipulated DNS data, such as that created by DNS cache poisoning.

DNSSEC can protect any data published in the DNS, including text records (TXT), mail exchange records (MX), and can be used to bootstrap other security systems that publish references to cryptographic certificates stored in the DNS such as Certificate Records (CERT record), SSH fingerprints (SSHFP), IPSec public keys (IPSECKEY), and TLS Trust Anchors (TLSA).

Click on the partner logos below for more information.

  • Bluecat - DNS Security Logo
  • EfficientIP - DNS Security Logo
Contact Us

Endpoint Security

Endpoint Security is an approach to protecting corporate networks from remotely-attached devices (laptops, tablets, mobile phones and other wireless devices), as well as the devices themselves from external threats, by ensuring that the devices comply with the organisation's policies and standards. Typically consisting of a VPN client, client OS and a centralised endpoint manager, centralised control can be on-premise or hosted in the Cloud as a SaaS service.

Click on the partner logos below for more information.

  • LogRhythm - Endpoint Security Logo
  • Pulse Secure - Endpoint Security Logo
  • Symantec - Endpoint Security Logo
Contact Us

IDS & IPS

IDS and IPS are intelligence modules (either hardware, software or virtual instances) that are often incorporated into firewalls, although they can be standalone appliances communicating with a firewall.

An Intrusion Detection System (IDS) is a device or application that analyses whole packets, both header and payload, looking for known events. When a known event is detected a log message is generated detailing the event.

An Intrusion Prevention System is a device or application that analyses whole packets, both header and payload, looking for known events. When a known event is detected the packet is rejected.

Click on the partner logos below for more information.

  • Barracuda - IDS/IPS Logo
  • Fortinet - IDS/IPS Logo
  • Juniper Networks - IDS/IPS Logo
Contact Us

Malware Analysis & Sandboxing

Malware Analysis is most commonly used for computer security Incident Response Management: If an organisation discovers or suspects that some malware may have penetrated its systems, a response team may wish to perform malware analysis on any potential samples that are discovered during the investigation process to determine if they are malware and, if so, what impact that malware might have on the systems within the target organisations' environment.

Dynamic or Behavioral analysis is performed by observing the behavior of the malware while it is actually running on a host system. This form of analysis is often performed in a sandbox environment to prevent the malware from actually infecting production systems; many such sandboxes are virtual systems that can easily be rolled back to a clean state after the analysis is complete.

IP Performance's partner of choice for this technology is Symantec. Click on the partner logo below for more information.

  • Symantec - Malware Analysis & Sandboxing Logo
Contact Us

Next Generation Firewalls

Network Firewalls are the first line of defence into the private network. Early firewalls were simple packet filters, allowing or denying traffic based on source and destination IP addresses. The second generation of network firewalls were known as Stateful Inspection devices, extending their functionality to the Transport layer of the OSI stack. Next Generation Firewalls (NGFW) are an evolution of the Application level firewall that followed. Most network firewalls today are Application level or NGFW devices, and may include routing and switching capabilities.

Click on the partner logos below for more information.

  • Barracuda - Firewalls Logo
  • Fortinet - Firewalls Logo
  • Juniper Networks - Firewalls Logo
Contact Us

Privileged User Access

Privileged User Access (or Privileged Account Management) is focused on the special requirements of powerful accounts within the IT infrastructure of an enterprise. It is frequently used as an information security and governance tool to help companies in meeting compliance regulations and to prevent internal data breaches through the use of privileged accounts. The management of privileged identities can be automated to follow pre-determined or customized policies and requirements for an organisation or industry.

Privileged Account Management technology needs to accommodate for the special needs of privileged accounts, including their provisioning and life cycle management, authentication, authorisation, password management, auditing, and access controls.

Click on the partner logos below for more information.

  • Pulse Secure - Privileged user access Logo
  • WALLIX - Privileged user access Logo
Contact Us

Secure Remote Access

In this connected age, remote access is vital for employees to get to corporate resources when they are on the move, or from home, but this has to be effected securely, as the traffic streams may contain sensitive or confidential content, and will be relayed across public networks. Today, such remote access is usually effected across a Virtual Private Network (VPN), secured using Secure Socket Layer (SSL) or Transport Layer Security (TLS) encryption.

A virtual private network (VPN) extends a private network across a public network (the Internet), and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

IP Performance partner with Pulse Secure to deliver SSL/TLS VPN and Remote Access solutions. Click on the partner logo below for more information.

  • Pulse Secure - Secure Remote Access Logo
Contact Us

Security Analytics & Forensics

The purpose of Security Analytics is to detect attacks as fast as possible, enable IT professionals to block or stop an attack and provide detailed information to reconstruct an attack. They do this by collecting, correlating and analysing a wide range of data.

Security Analytics tools help organisations implement real-time monitoring of servers, endpoints and network traffic, consolidate and coordinate diverse event data from application and network logs, and perform forensic analysis to better understand attack methods and system vulnerabilities. Security Analytics and Forensics tools may also provide critical legal evidence for further action. Security Forensics specifically involves monitoring a network for anomalous traffic and identifying intrusions. An attacker might be able to erase all log files on a compromised host; network-based evidence might therefore be the only evidence available for forensic analysis.

Click on the partner logos below for more information.

  • LogRhythm - Security Analytics & Forensics Logo
  • Symantec - Security Analytics & Forensics Logo
Contact Us

Security Automation & Orchestration

Network or Network Security Orchestration is based on the automation of systems deploying elements of control theory.

Orchestration is a service-oriented architecture, providing virtualisation, automation and provisioning on a converged infrastructure and optimise dynamic Datacentre operations. Its purpose is to align the business requirements with the applications, data, and infrastructure securely. It defines the policies and service levels through automated workflows (via RESTful APIs), provisioning, change management and remediation (blocking ports, suspending accounts, redirecting traffic etc). A Security Automation & Orchestration platform should have clear visibility of E-W (lateral, internal) as well as N-S (data entering and leaving the network) traffic, and the ability to provide Command and Control (C&C) and GeoIP feeds, malware identification and remediation, and infected host tracking.

Click on the partner logos below for more information.

  • Juniper Networks - Security Automation & Orchestration Logo
  • LogRhythm - Security Automation & Orchestration Logo
Contact Us

SIEM

Security Information and Event Management (SIEM) is a technology that collects and collates log data from across the network and provides real-time analysis of these security alerts. A SIEM solution will typically offer the following functionality: data aggregation, event correlation, alerting, display dashboards, governance and auditing compliance, data and log retention, and forensic and security analytics.

IP Performance partner with LogRhythm for our SIEM solutions. Click on the partner logo below for more information.

  • LogRhythm - SIEM Logo
Contact Us

SSL Decryption & Inspection

Secure Sockets Layer (SSL) or Transport Layer Security (TLS) is an application-level protocol that provides encryption technology for the Internet.

From virtually nothing just a few years ago, it is not uncommon to see 50 to 70 percent of data centre traffic encrypted today. While encryption improves security, it also creates new problems: Malicious traffic could be encrypted, and DPI detection mechanisms would be rendered ineffective because they would not be able to look inside this traffic.

Organisations therefore need solutions that can provide visibility into the encrypted traffic. This is typically achieved by providing the private keys and certificates to a decryption device. If done in the firewall, the traffic in the data centre or campus is vulnerable. Hence, end-to-end encryption is common nowadays. This means that it is necessary to decrypt TAP’d or SPAN port data for the purpose of visibility and monitoring.

IP Performance partner with Symantec to provide this functionality. Click on the partner logo below for more information.

  • Symantec - SSL Decryption & Inspection Logo
Contact Us

Web & Mail Security

Web & Mail Security are increasingly important as more and mor Web and email applications use public networks and the cloud as a transport. IP Performance deliver our proxy-based architectures as a cloud service, on-premises appliance, or a hybrid of both. Through a combination of critical security functions, customers can safely adopt cloud and mobile technologies, while strengthening security and compliance. These can include: Secure Web Gateways (SWG), Web Application Firewalls and Reverse Proxy systems, Content & Malware Analysis, Cloud-Delivered Web Security Services, and CASB Cloud Security offerings.

IP Performance partner with Barracuda Networks and Symantec to provide this functionality. Click on the partner logos below for more information.

  • Barracuda - Web & Mail Security Logo
  • Symantec - Web & Mail Security Logo
Contact Us

Web Application Firewall

A web application firewall (or WAF) filters, monitors, and blocks HTTP traffic to and from a web application. A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers. By inspecting HTTP traffic, it can prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations.

IP Performance partner with Brocade and Symantec to provide this functionality. Click on the partner logos below for more information.

  • Brocade - Web Application Firewall Logo
  • Symantec - Web Application Firewall Logo
Contact Us

With the threat landscape changing daily, Network Security is more important than ever. IP Performance have been providing our customers with Security solutions for more than two decades, defending them from threats external and internal. Please click through and browse our technologies and partners.

"IP Performance enabled us to trial the system in a test environment and then between Dubai and Edinburgh. They provided us with full support and fast response to any problems."

Gavin Wilson, Systems Development Manager, Heriot Watt University

  • Aerohive Logo
  • Allot Communications Logo
  • Barracuda Logo
  • Bluecat Logo
  • Brocade Logo
  • Efficient IP Logo
  • Fortinet Logo
  • Interoute Logo
  • Juniper Networks Logo
  • LogRhythm Logo
  • Pulse Secure Logo
  • Symantec Logo
  • Vertiv Logo
  • VMware Logo
  • WALLIX Logo

Specialised Network Infrastructure and Systems Integration

IP Performance
1-3 Merietts Court
Long Ashton Business Park
Long Ashton, Bristol
England, UK
BS41 9LW

Contact
T: +44 (0) 1275 393382
T: +44 (0) 870 0434705
F: +44 (0) 1275 395119

  • Facebook icon
  • Twitter Icon
  • LinkedIn Icon
  • Support Portal Icon

© 2018 IP Performance. All rights reserved.