|
CyProtect AG - Apani EpiForce Enterprise |
zurück
zur CyProtect - Produkte -
Apani - Apani EpiForce Enterprise
Apani EpiForce Enterprise
Key Features & Benefits
• Enterprise-Wide Network Protection
• Regulatory Compliance, Auditing
• Security Zones/ Network Segmentation
• Selective Encryption Across Network
• Multi-Layered Access Control
• Centralized Policy Implementation |
EpiForce - Network Security From The Inside Out
The value of the personal data on networks is soaring, just as the challenges faced securing that data have skyrocketed. External threats pose a well-publicized, ongoing risk. Internal threats have become the source of nearly 50% of data losses. Even more threatening, the old ways of securing your data – firewalls and physical segmentation – no longer work in a world of e-commerce, virtual networks and outsourcing. And if personal data is compromised, new laws and regulations impose heavy fines, not to mention lost reputation, stock value and customers.
It’s time for a whole new approach to network security. A way to protect all of your data, all across your network, all of the time.
Apani EpiForce works throughout your network.
Protecting critical data from the inside of your network out requires a comprehensive approach. Network security should also be transparent to users, so you can quickly protect your data today with minimal training and implementation cost, and continue to secure and document your network as infrastructure and policies evolve.
EpiForce Capabilities :
Network Segmentation
EpiForce lets you quickly create and modify overlapping, layered security zones. Group security boundaries can be based on applications, IP addresses, ports, geographic regions, user groups – almost any factor - to compartmentalize access and risk.
Encryption
EpiForce provides internal network security by authenticating and selectively encrypting critical data across your network. This makes it practically impossible to steal passwords, user names or encryption keys.
Device Authentication
EpiForce delivers device-level access control, offering strong enterprise data protection without the problems of two-factor authentication. According to the U.S. Department of Justice, device authentication would prevent 84% of data loss crimes. (August 28, 2006)
Central Management
EpiForce is centrally managed and transparent to users and applications, enabling network security policy updates to be easily distributed and updated. Compliance reports and audit trails can be automatically created.
EpiForce provides a strong functional and conceptual foundation for in-depth data defense across your entire network. Data access and delivery can be quickly and transparently secured. Policy developments and implementations rolled out rapidly. And audits and reports demonstrating compliance generated automatically.
EpiForce Features and Benefits
Comprehensive Security Design
Using a holistic approach of encrypting all network traffic traveling to and from non-public networked devices satisfactorily addresses IT security components of regulatory compliance. EpiForce automatically audits and enforces network security relationships providing dynamic access control to protect and secure data-in-motion.
Global Enterprise Scalability
Tiered administrative design is flexible and scalable, supporting multiple security zones, which may be either centrally or locally managed. The modular system architecture enables multiple deployment schemes for consoles, administrative servers and agents to meet the stringent and unique needs of global enterprises or large government installations.
Ease of Implementation
Universal software Agents are automatically installed, run transparently to the end-user and may be deployed over most operating systems. Security zones provide custom policies for multiple user groups; zone policy changes are automatically configured to each impacted Agent. Administration consoles have fail-over capability to maintain security if a loss of connectivity occurs.
Central Management Interface
EpiForce includes a central management infrastructure through which security zones may be flexibly created and modified. These zones elegantly manage access to network devices according to your unique security policies.
Flexibility to Secure Entire Network
EpiForce was designed to work with any operating system or existing legacy system within your network core. Available as software or as a free-standing appliance, EpiForce may be deployed anywhere to protect any device, to provide comprehensive protection for your sensitive customer data.
EpiForce Architecture Overview
EpiForce is architected to deliver enterprise class performance featuring multi-threaded architecture, fault tolerance, massive scalability and plug-in interface architecture to enable the integration of new value-added components as well as compatibility with legacy systems. Apani Networks’ EpiForce secures data-in-motion within the network perimeter, provides machine-level access control, and is easily deployed and administered throughout large networks across multiple platforms. More importantly, by functioning at the network layer, this security technology enables a ubiquitous deployment of security policies throughout the enterprise without the displacement of existing networking equipment.
Apani's EpiForce was engineered to be combined with your existing perimeter-based security defenses to deliver a robust, comprehensive and centralized network security management solution that satisfies IT security requirements necessary for regulatory compliance.
Administration Server
The Administration Server acts as the liaison between the Universal Agents and the data base, confirming security policies, and as a full certificate authority: issuing, revoking and expiring certificates. It may reside on a dedicated machine or with other components or other processes. Multiple servers may be utilized to support the scalability necessary for large-scale deployments.
Administrator Console
The Administrator Console offers an enterprise-wide view of the entire EpiForce system, managing the security relationships between each Universal Agent and its assigned network device. The Admin Console creates and edits security policies for each Agent or groups of Agents, provides certificates for host authentication and maintains these relationships within a database store. Managed attributes include encryption levels, data integrity protection, data compression and anti-replay protection. The Administrator Console interoperates with popular databases and has a fail-over capability.
Universal Agent
EpiForce’s software Agents are universal, OS-agnostic and enforce network layer protection right at the point of packet creation. This ensures security rules will be executed according to the administrator-defined security policy. For legacy computers or other IP devices (printer, fax, etc.), the universal hardware Agent may be deployed as a “bump-in-the-wire”, or stand alone appliance, maintaining the same level of protection as the software agent.
Database Store
May be deployed on Oracle or MySQL platforms; multiple data store backups may be incorporated for load-sharing or fail-over capability.
EpiForce - Data Protection
EpiForce operates at the network layer, so network security is transparent to applications and their users. EpiForce provides data integrity and confidentiality across all your enterprise’s IP network nodes - including printers and devices without direct user interfaces. Industry standard IPsec protocols and strong encryption algorithms protect data from unauthorized or accidental access or modification while moving across your enterprise network. Combined with Security Zones and Access Control, EpiForce Data Protection provides a unified security and compliance solution for Windows, Linux, Solaris, AIX and HP-UX OS platforms.
EpiForce - Security Zones
EpiForce Security Zones can be viewed as logical or virtual networks within a network. Zones let administrators dynamically segment your enterprise network into more secure and isolated logical networks, reflecting your organization’s security policies. Overlapping access by database, application, server or other functionality can be defined without any costly changes to your existing network infrastructure or applications. Security Zones create an additional layer of policy-based network security protection, helping you:
- Effectively guard against costly and disruptive network attacks – from inside or outside of your organization
- Prevent unauthorized access to trusted networked resources – without inflexible, hardware-based expense
- Meet regulatory compliance requirements with automatic reports, complete audit trails, dynamic, centralized management
- Reduce overall operational costs of providing enterprise network security and meeting compliance requirements
EpiForce - Access Control
Access control isn’t just about keeping the bad guys out—it’s about controlling who gets into your enterprise network infrastructure, then limiting where they can go. EpiForce provides a comprehensive, policy-based enforcement architecture that allows your enterprise to secure both internal communications and protect internal hosts and other network resources from being accessed by unauthorized systems and users. Your administrators also need the ability to efficiently manage dynamic access to security zones, while demonstrating compliance with numerous laws and regulations. And some users may even require access to multiple zones/applications. With EpiForce, you can allow specific users access to multiple zones with a few mouse clicks. This flexibility is simply impossible to achieve with traditional, hardware-based methodologies.
Haben Sie Interesse an Apani Lösungen? Bitte nehmen Sie mit uns Kontakt auf.
Copyright © 2000 - 2008 - CyProtect AG. - Alle Rechte vorbehalten.
Kontakt: info@cyprotect.com
- CyProtect AG, Schatzbogen 58, 81829 München
Tel. 089/420447-0 Fax. 089/420447-79 |
|
|
