Secure Access to Internet and Cloud Services
Using social media efficiently yet safely
The R&S®SITGate ( Fig. 1) can identify and distinguish between several hundred cloud-based applications. For example, the
R&S®SITGate can permit the posting of Facebook messages during lunch hours but not at other times. The R&S®SITGate also allows the definition of user-specific rules so that the marketing department can post news on social media sites at any time, yet access for other departments is restricted. This enables organizations to implement highly granular security policies to control corporate communications.
A professional safeguard against botnets and zero-day exploits
Attackers today work with highly professional development
tools to exploit known and new computer system vulnerabilities. Zero-day exploits targeting security gaps in system functions are sold at high prices on the black market and are used to orchestrate cyber-attacks such as Stuxnet and Flame. Infected host systems can then harvest documents and addresses without being detected. Attackers can even use systems’ microphones and cameras to make audio and video recordings – locally and on accessible network resources. This critical information is subsequently sent over the Internet to a central command server.
The R&S®SITGate continually validates the (entire) communications protocol of every single connection. All dangerous transmissions are identified – even those running over legitimate channels. Every anomaly results in the connection being aborted.
Single-pass technology keeps track of everything
The R&S®SITGate incorporates single-pass technology to concentrate all the security checks at a single point on the network. Single-pass technology combines application detection and protocol validation with malware and antivirus protection, intrusion prevention and web filtering. The required signatures – for current malware, for example – are continuously updated online. With single-pass technology, corporate security policies are as easy and flexible to implement as configuring local network access. This reduces complexity significantly and thus the numbers of false positives and false negatives
