Full check of your network for fault tolerance.
Information security audit is where we recommend to start designing a resilient infrastructure. We will check your network. Let's identify errors in the configuration. We will provide a report with a list of vulnerabilities and recommendations for their elimination. Following the recommendations of our experts, you will receive an infrastructure that meets modern security standards.
3 types of testing to adequately assess the state of the infrastructure
Testing the network and software for stability in conditions exceeding the limits of normal operation.
Why do a stress test
Typically, systems are designed to function normally. In the case when the possibility of an increase in the load is allowed, the real volumes of its increase are not taken into account.
We recommend stress testing if:
- There is an SLA on the service level and the cost of system failure in extreme conditions can be very high
- Detection of some errors or defects in the functioning of the system is not always possible using other types of testing
- Developer testing may not be sufficient to emulate system failure conditions
- It is preferable to be prepared to handle extreme system conditions than to expect system failure.
What is included in testing
- Investigation of error and exception handling by the system at peak loads
- Study of "bottlenecks" of the system or individual components under disproportionate loads
- General Study of System Behavior at Peak Loads
- System capacity estimation
Scanning the external security loop of the local network.
Why conduct a pentest
Penetration testing will expose vulnerabilities in the network and its components, which can be exploited by attackers to hack, unauthorized access to confidential data, or take over your system.
What are the stages of a pentest
Collection of informationDiscovery of all available systems and services to obtain as much information as possible
Threat modelingIdentifying vulnerabilities in systems using automatic scanning and manual deep diving methods
Vulnerability analysisDocumenting and analyzing vulnerabilities to develop an attack plan
PenetrationReal attempt to penetrate the network
ReportingPrepare, rank and prioritize to create actionable evidence-augmented recommendations
Who conducts the penetration test
The attack is feigned by security professionals with experience supporting networks, systems, and hosts. They focus on critical issues, determine the level of risk for your company, and provide actionable recommendations to remedy the situation.
How long does it take
2-3 weeks depending on the size and complexity of the network.
Website vulnerability scanner
Identification of all vulnerabilities of the web resource.
Why identify vulnerabilities in web resources
Website security auditing is essential because attackers can exploit the slightest vulnerability to break into the system. Your company can be compromised and suffer both reputational and financial damage.
What threats can be avoided
A website scanner is a set of tests that are used to identify existing vulnerabilities in a web resource. It will help keep the resource operational and avoid the following threats:
- personal data leaks
- violations of the integrity of website data
- an intruder gaining unauthorized access
Together with a list of discovered vulnerabilities and recommendations for their elimination, we will offer protection for WAF web applications under special conditions.
How much does a complete infrastructure security audit cost?
Each project is individual. The total cost of an audit is determined by the complexity of the network and its components. (For example, when determining the workload, we take into account the number of valid IP addresses and other parameters.) Leave a request if you want to get a true picture of the state of your network and web resources.
Fault Tolerant Networking Architecture
We will design a fault-tolerant network for your business processes.
How we design a turnkey resilient infrastructure
- Assessing the scale of the network
- We carry out an inventory of network equipment
- We check the connection diagrams for compliance with reliability requirements and accepted industry standards
- We develop a new architecture
- We select advanced software and hardware solutions in accordance with the best world practices
- We draw up a network modernization plan, form a budget
- We carry out commissioning of new network equipment and migration of services
- Installing a traffic analyzer
- We manage the equipment of the DDoS protection complex and the peer-to-peer policy
Tell us about your infrastructure tasks. We will offer the best solution based on your capabilities.
Protecting your network from DDoS attacks
We protect against DDoS attacks at L2 – L7 levels using our own traffic filtering center.
Why enable DDoS protection
Modern DDoS attacks are complex and dangerous because they can lead to:
- critical operational disruptions
- unavailability of services and applications
- hacking and stealing confidential information
- reputational damage
- falling positions in credit ratings
- rising insurance prices
Which companies are at risk
Banks, data centers, government agencies, online stores and electronic media are most at risk of getting under a DDoS attack. Any large company is at risk.
How protection works
We offer firewall technology that is suitable for 80% of today's attacks. Without blocking legitimate users and reducing the performance of services.
They fire at the moment of exceeding and redirect traffic to the filtration center. (If the threshold is not exceeded, then the traffic goes as usual.)
Filtering rule templates
Countermeasures that start automatically filtering traffic when the detection thresholds are exceeded.
Channel overflow attacks (L2 – L4)
We monitor traffic up to the 4th level of the OSI model and analyze for the presence of anomalies based on Netflow received from border routers. When an attack is detected, we send a FlowSpec-announcement that blocks it.
Infrastructure attacks (L4 – L6)
We perform fine cleaning of traffic on Arbor Peakflow equipment using filtering rules for logical objects of the client's network
Application attacks (L7)
We use Arbor Peakflow scavenging along with innovative machine learning methods for BIG-IP F5 traffic, with full SSL decryption and malware detection and blocking
How traffic flows during an attack
When an anomaly occurs, only the attacked IP is sent for cleaning. This allows legitimate traffic to go transparently, without the influence of the complex.
От каких атак мы защищаем
- TCP, SYN Floods (SYN, ACK, RST, FIN, PUSH)
- UDP Floods (DNS, NTP, IP Fragment, Chargen, QOTD, QNP, Kad, Steam
- Protocol NetBIOS, 0 source port, TFTP, SNMP, LDAP, SSDP, Memcached)
- ICMP/Ping Floods
- ICMP Fragmentation Attacks
- Teardrop TCP Fragmentation Attacks
- DNS Query Floods
- DNS NXDOMAIN Floods
- SSL Floods
- SSL Renegotiation
- Detection of botnets based on signatures and behavioral analysis
- Anomaly detection based on geographic information
- Limits on the number of TCP sessions from each client
- Detailed configuration of TCP / UDP protocols for each protection profile
- Cleaning TCP / UDP traffic for multiple attack components (payloads)
- Cleaning SIP traffic
How to connect
We connect network protection through a GRE tunnel, L2-channel or physical junction in any commercial data center in Moscow.
Turnkey game server protection
Double filtering of traffic by TCP and UDP protocols.
How we protect game servers
First, traffic is filtered on Arbor equipment. It is then finely analyzed and cleaned on Mitigator hardware and delivered to your server. For the most popular online games, we offer ready-made individual protection schemes.
Game servers that we know how to protect
- Arma III
- Team Fortress Classic
- Counter-Strike 1.6
- Counter-Strike: Source
- Half-Life Deathmatch Classic
- Half-Life 2
- Half-Life 2: Deathmatch
- Team Fortress 2
- Counter-Strike: Global Offensive
- Grand Theft Auto San Andreas
- Multi Theft Auto: San Andreas
- TrackMania (+ протокол TCP)
- TrackMania 2 (+ протокол TCP)
- GTA 5
- ShootMania Storm (+ TCP protocol)
- Minecraft Pocket Edition
- ARK: Survival Evolved
Web Application Protection + WAF
Filtering malicious traffic to the web application, mobile applications and APIs.
Why WAF is needed
Web applications can be vulnerable to many threats. To protect not only the application infrastructure, but also user data, we recommend using WAF. The web application firewall complements traditional network firewalls, which are primarily designed to protect ports and protocols.
How WAF works
WAF analyzes all incoming web application traffic. If an attack is suspected, traffic is routed to a legitimacy check. Unlike a traditional network firewall, WAF detects threats in more detail. For example, it can validate form input and protect application cookies. The WAF is specifically designed to prevent attacks without blocking legitimate users or slowing down the performance of web applications.
We protect against any attacks on web applications
Top 10 threats on the OWASP list
- SQL injection
- Cross-site XSS scripting
- Cross-site CSRF request forgery
Application Layer DDoS Attacks
- HTTP/S Floods (GET, POST)
- Randomized HTTP Floods
- Cache-bypass HTTP Floods
- WordPress XMLRPC Floods
- Low-and-slow attacks
Application attacks (L7)
- Selection of authorization data
- Auto registration
- Web scraping
- Copying content
Benefits of our WAF
- Filtering HTTPS traffic without exposing the SSL certificate
- Detect and manage zero-day vulnerability remediation
- 99.9% web application availability guarantee
- The ability to set unique rules
- Training on traffic from real users and building relevant protection patterns
- The ability to integrate into cloud or physical infrastructure
Which applications are at risk
- Online Stores
- Internet media
- Personal accounts of web services
- Remote banking systems
- Insurance companies
How to connect WAF
Protection is enabled through your personal account. To connect, just change the DNS record at the registrar.
Protecting web applications without transferring encryption keys.
Why we created a neural network
The neural network we have developed is a unique product that combines the advantages of analytical methods and the effectiveness of recurrent neural networks for calculating IP addresses from which DDoS attacks occur in real time.
Thanks to machine learning and deep learning algorithms, the network detects a DDoS attack within 2 seconds. It does not require the transfer of encryption keys and can be easily integrated with any blocking solution.
How does it work
After receiving and processing the logs, signs are formed that allow analyzing user behavior. On their basis, the neural network makes a decision about the harmfulness of requests coming from an IP address. The requests are then either blocked or passed on to the customer's equipment. The network learns on the fly. This increases the accuracy of detecting attacks compared to scripts up to 95%.
Qualified technical support 24/7
24/7 incident response by experienced engineers.
Benefits of our technical support
- Each first-line support technician is JNCIA certified
- JNCIA is Juniper's globally recognized certification for networking fundamentals and basic routing and switching skills.
- The second line engineers on duty have many years of experience in operating and maintaining fiber-optic communication lines
- In the event of anomalies and attacks, the client is instantly notified via telegram or phone
- Support by email or in the usual tickets allows you to quickly contact technical support for any questions
Personal account features
The user-friendly interface of your personal account allows you to control traffic and anomalies, and receive notifications about attacks in real time. Adapted for mobile and desktop devices.
Detailed traffic statistics
Instant notification of attacks
Detailed information on attacks
Want to be sure your infrastructure is resilient?
We are ready to become your outsourced network technology department. We will not only quickly and guaranteedly protect your network and web applications from any cyberthreats, but also check them for vulnerabilities, design a fault-tolerant architecture and provide round-the-clock technical support.