- Maximum protection from malwares;
- Control of Internet connections: it provides monitoring and Web resource user access control;
- Protection against hacker attacks: effective prevention of not authorized access to corporate network computers;
- Blocking of dangerous programs and websites;
- Safe work with e-mail;
- Removal of Internet threat during web browsing and email;
- Control of several Internet access points and users' access;
- Blocking of different protocols and types of traffic;
- Strict control of matching of all network transactions with known transfer protocols;
- Blocking of all unrecognized network activities;
- Exception of user stations' directly contacting Internet data;
- Monitoring and logging of the blocked sessions, network attacks and network viruses on the signature base;
- Convenient graphical access point setting tools;
- Possibility of filter connection into the channel break without resets in target network (embedding in existing network);
- Easy scalability: different versions of a complex are intended for organizations with tens, hundreds and thousands of users.
Blocked threats and modular architecture:
The modular scalable architecture of "Langraf-IP" complex allows to design solutions for provision of network security in small corporate networks, as well as in organizations with hundreds of hosts. Functionality of the complex is most demanded in organizations with tough security policy.
"Transparent proxy-server" (HTTP/SMTP/POP3 / IMAP)
|Network layer||Application layer||Applications layer
|The Network attacks, DDoS, the network worms, DNS spoofing;||Vulnerabilities in applied network protocols (breakdown of a stack, manipulating, etc.);||Embedding of the malicious code during browsing in the Internet;|
|Open ports, services available by default;||Management of infected computers, their activity (spamming, conducting of another activity in the Internet).||Embedding of the malicious code during receiving and checking letters;|
|"Trojan" activity, setting of tunnels.||Potentially dangerous actions, for example, downloading of exe, doc, msi, and other types of files.|
"Langraf-IP" carries out monitoring of:
- Volumes of transmitted information;
- Time of users' activity, activity in non-work and night time;
- Outside initiative activity.
The principle of operation:
To provide the requirements of guaranteed safety the "Langraf-IP" complex uses the simplest and most reliable principle of protection, that is blockage of an attacking contact and its potential victim. The system of proxying solutions is ranged up to the layer of pages and e-mail browsing and does not admit a contact of a browser and other applications of your PC with a body of viewed pages and received files. Thus a barrier appears on the path of a malefactor, overcoming which is rather difficult due to the prohibition of any changes in its code.
|Inclusion of a light version of the complex||Inclusion of the complex "in break" for small organizations||Inclusion of the complex «in break» for large organizations|
The additional features of the solution:
- Possibility of installation of a light version of the complex for a WWW and e-mail defense not requiring the network break;
- No need of important changes in local network;
- Complete autonomy of the complex work;
- Impossibility of remote modification of a complex by a malefactor;
- Mode of an "invisibility" of the local network from outside (not compatible with P2P applications operation such as Skype, Torrent, SIP);
- Possibility of illegal content blocking;
- Reports on use of Internet resources by users of local network.
The "Langraf-IP" complex:Hardware composition:
- 1U server on 1G Internet connection;
- 2U traffic filtering server on 50 Internet users.
- "Web sandbox" - the system of WWW and mail "proxying";
- System of the complex protection against changes and copying;
- System of network/applied activity logging;
- Analyzer of applied flows (optionally);
- An adaptive firewall (optional).
- Complex integrated protection against all types of computer threats;
- Effective means of control over implementation of corporate security policies, convenient management tools;
- High level of scalability;
- Universality: protection of corporate networks of any scale and complexity;
- Round-the-clock technical support oriented towards the Customer.