NetSHIELD Network Access Control with Ransomware protection

NetSHIELD NAC – provide Network Access Control for all your Intranet assets, and protect yourself from Ransomware and zero-day attacks.

NetSHIELD™ is a next generation network access control (NAC) appliance that enables you to gain visibility and control over your networks by automatically blocking untrusted devices that should not be gaining access, and quarantining trusted devices that are attempting to connect to malware command and control sites.

Many organisations today are focussed on securing their organization from threats that exist outside the perimeter of their network by using firewalls and IDS/IPS systems. But in fact most of today’s threats are not entering the organization through the firewall, but rather through malware-infected devices behind the firewall. In order to strike at the root cause of this, you need a network access control solution that blocks unwanted and infected devices from accessing your network.

 

 

 

The problem with traditional NACs is that they were complex, costly, and not flexible enough to work within your existing network. NetSHIELD has solved all these problems and is an affordable, easy-to-use, agentless solution, that can be installed and be blocking untrusted devices within minutes.  Nothing to install on your devices - just plug and play.

NetSHIELD's patented Appliances will immediately provide you with an overview of, and precise control over, all your intranet assets. With the ability to automatically detect, alert and block against rogue and malicious insiders, you will dramatically reduce the risk of an internal breach and data theft. These appliances will scale from the smallest remote office to the largest data centre.  And when it comes to risk management and regulatory compliance, CVE Vulnerability reporting and remediation are a few clicks away.

Built on the Core NAC capabilities, Ransomware and Phishing protection allows you to enable auto-blocking of devices that contact malware servers on the Internet.  The Dynamic Block Engine knocks the asset off the network using patented techniques, isolating the threat within milliseconds.  An infected device simply can't spread the infection or encrypt your data.  You get a notification, and get to clean up one PC rather than your entire network.  Unblock the asset when you are happy with the cleanup,  Smart switch integration also allows the NetSHIELD to close the connection at the switch level.

With its "Precognition" functionality, NetSHIELD can even prevent the download of  malware in the first place, taking the user off-line for a configurable length of time so that dangerous click can be stopped in its tracks without requiring IT intervention to get the user back to work.  So, you could set it up to knock the user off for 3 minutes, then an additional 10 minutes if it happens again, making it impossible for the phishing attack to succeed, even against naive users.  (Or if you want to make it a "teachable moment", configure the appliance to block the user until someone has spoken to him/her about phishing and malware.)

More than 95% of security breaches are a direct result of exploiting a common vulnerability and exposure (CVE)®  Vulnerabilities that are already known about, and for which fixes are usually available.  With NetSHIELD's auditing capabilities you can test your connected devices for known vulnerabilities (using the CVE database), and use a ticketing system built in to the device to track the remediation activities.  (Integration with 3rd party helpdesk systems is coming soon.)  So, for example, you can ask the appliance to audit your network, identify and categorise threats, and begin remediation on high-risk vulnerabilities.  You can then run reports over time to assess changes since the baseline was established, to show progress in remediation.  Management-level reports are available, as well as the more detailed IT reports.  It's like having an Ethical Hacker on the payroll full time.

You can even set NetSHIELD to automatically quarantine devices that it finds have a defined level of vulnerability – for example, you could choose to block all that have a CVE vulnerability classed as “High” or “Serious”.

 

Key Features of NetSHIELD

  • Protect Trusted Assets
  • Control Network Access
  • Agentless Network Protection
  • Manage the BYOD Dilemma
  • Find your security vulnerabilities (CVEs)
  • Generate Compliance Reports
  • Control your Internal Risk
  • Harden your Network
  • Track Internal Network Events
  • Detect and Block Rogue Access
  • Block APTs and Zero Day Malware
  • Manage Smartphones and Tablets
  • Non-inline, Plug-and-Play in Minutes
  • SIEM integration

 

Who Needs it?

We really think that if you have a network large enough to warrant an IT staff, you should seriously consider installing a NetSHIELD appliance.  Anti-Virus products have a role, but miss rapidly evolving threats.  You should certainly have AV, but that is not enough any longer.

And costs are very low for a package with such functionality.  Certainly lower than the cost of cleaning up after even a single malware incident…

Contact us to arrange a demo

 

Relevant Links

NetSHIELD home page

Verizon Data Breach Report