1. "KROZ":

    • Combined functionality in one device (firewall, DoS/DDoS detection and filtering, blocking of prohibited URL, extended statistics);
    • Traffic management by rules from 2 to 7 levels of OSI model;
    • Active DPI analysis solution for integration into the channels of telecoms operator (compatible with any Lawful Interception system);
    • Purchasing of necessary functional and its extension on the existing equipment;
    • Possible expansion of the range of services provided by the telecoms operator;
    • Possible connection schemes: inline bypass or capture of traffic on BGP.

Blocking of prohibited URL

Blocking of prohibited URL - limits the access to the Internet resources that contain th information the dissemination of which is prohibited.

  • Support manual and automated adding URL;
  • Detailed statistics on the blocked URL (for each access attempt), the ability to export;
  • Full-text URL search (support for regular expressions).

Traffic management

Firewall, setting rules on: blocking, breaking TCP-connections, redirection, statistics calculation or passing of traffic. The rules include a set of elements:

  • Link layer: MPLS, VLAN, packet length;
  • Network layer: network address, geographic location, protocol, TTL, TOS;
  • Transport layer: a set of ports, TCP-flags;
  • Application Layer: HTTP URL, FTP URL, DNS NAME/CNAME.

Filtering DoS/DDoS attacks

Protection from against network attacks as a service for the network of telecoms operator and Data Center.

  • Conventional methods of filtration (channel protection, protection of TCP/IP stack server and level of applications);
  • Own innovative methods of dealing with DoS/DDoS attacks and optimization of clients requests to reduce the load on the server;
  • An automated mode whitch does not require human intervention (suitable for 95% of attacks);
  • Reporting to clients - users Dashboard and export the report (in pdf format).

The detection of anomalies

Detection of vulnerabilities and anomalies and BotNet networks, both at the time of their creation and operation on the basis of:

  • Regular expressions;
  • Behavioral and empirical analysis;
  • Deviations from the statistics;
  • Regular inspections.

Extended Statistics

Extended statistics is calculated both on the basis of "raw" packets, and the interaction of NetFlow, BGP, SNMP. 100% control and monitoring of traffic in the network. Display of statistics in real-time mode or for a specified period with wide filtering capabilities.

  • Requested hosts, URLs, file names, etc.;
  • Calculation of trends and changes in hosts and URLs popularity;
  • Identification of  dns/http/ftp/proxi/mail services and the load analysis;
  • Statistics on interaction with neighboring telecoms operators;
  • Interaction with the equipment of telecoms operator: monitoring of interface utilization, CPU utilization, Memory utilization, the instability of the routes, etc.;
  • Possibile network expansion plan.

Scheme of BGP capture traffic

 Scheme of usage "inline bypass"

The main advantages of integrated "KROZ" solution:

  • The comprehensive solution provides the deployment and extension of a range of services to manage traffic and to comply with the legislation from a service provider;
  • Minimization of costs due to the combined functionality in one device;
  • Purchasing of necessary functional and its extension on the existing equipment;
  • Installiation of LI with additional range of services as a bonus;
  • Warranty service and extension of functional capacity in accordance with changes to legislation.

Brochure "KROZ" (pdf)