It has been evident and have become a thumb rule for cybersecurity to have visibility on things we want to protect. Simply, you cannot protect that you cannot see. While Cybersecurity is never a static, one-time initiative but an ongoing process that should always be top-of-mind for CSOs, CIOs, and other IT leaders. To that end, technology and security leaders should always have access to information regarding the security of their enterprise networks possible only if they have visibility not only on their network but beyond just the network. In fact, not just the leaders but even employees need real-time Data visibility to report any damage to or illicit use of the organization’s Critical Data. And ensuring enterprise-wide Data visibility should be a priority even if the organization uses the most cutting-edge cybersecurity tools and technologies. That’s because cybersecurity systems, while generally being effective at keeping bad actors out and sensitive data in, cannot keep your Data protected all the time and from all threats if it does not have visibility. There can always emerge newer forms of threats that may require the immediate attention of an enterprise’s cybersecurity personnel and leaders. And the time it takes between a threat’s incipience and the cybersecurity team’s awareness of it can be the difference between security and enterprise-wide mayhem.

The most compelling reason as to why data visibility is a must for data security is simply that it is impossible to protect what you can’t see. An enterprise data must be monitored everytime it exists the organization. That means having real-time knowledge of:

• Every piece of information that is transmitted to, from, and within the organizational network.
• The source and destination (E.g. URLs, email IDs, body content, subject, attachments, content of attachments etc.) of every inbound and outbound communication.
• Gains visibility on internet activities of computer devices used by the enterprise, which includes all the laptop computer devices used by employees from other remote locations.

At GajShield we understand how enterprises workforce make use of data in their day to day activities and the importance of data for business continuity. These data are very useful and if fallen in wrong hands, can result into disastrous situations. To protect these data and prevent data exploitation, one must have visibility beyond just the traditional Layer 7 to understand i.e. understand of further contextual data that is associated with the identified application in use.

GajShield Data Security Firewall uses Contextual Intelligence Engine and Combines it with advanced reporting capabilities of GajOS: Bulwark for Enterprises to augment their traditional layer 3 (network level) security with a layer 7 (application level) security solutions and deep dive past than just the layer 7 into Data Context to create contextual information. GajShield Data Security Firewalls perform Data Layer inspection with the help of Contextual Intelligence Engine to create data context and analyze a broader range of parameters with greater in-depth data layer visibility, extending the visibility to more data like Email ID, Sender ID, recipient ID, CC mentions, Subject, Mail Body, Signature, File Content, downloader, uploader etc. across web traffic and SaaS applications to identify abnormal behaviors that may indicate potential cyber and data threats.

Analyzing these parameters, the Data Security Firewall determines the safety and legitimacy of communications & transactions and takes necessary actions to prevent data exploitation and this capability can is useful in mitigating the impact of a zero-day attacks.

Using GajOS Bulwark, GajShield Data Security Firewall provides

• Complete visibility of the applications and bandwidth used.
• Complete visibility of evasive applications like P2P and Skype application.
• Complete insight on :
  • Content upload via Web uploads ex: webmail, Social networking sites, Blogs, Instant Messaging, Mail.
  • Content sent through email.
  • Content sent through Instant Messaging.
• Comprehensive reporting on :
  • Top Internet Users.
  • Top Bandwidth Users.
  • User/Group Activity.
  • Application Traffic.
  • P2P Usage.
  • URL/Category Usage.
  • Total Internet Traffic.
  • Application Traffic, Total Traffic, Application set and application detail.
  • Web Browsing by URL, Category and User.
  • Trend Analysis of applications, users and bandwidth.
  • Current, Daily, Monthly, Yearly reports And much more.

BYOD is increasingly becoming more popular, not just nationally but also globally. A recent survey has indicated that about 28% of the global workforce used personal devices for official purposes and the mobile workforce worldwide is expected to rise from the current 1.45 billion to 1.87 billion by 2022. With such a remarkably increasing popularity of the Bring Your Own Device (BYOD) program, it becomes an organization’s responsibility to manage the various multifarious devices that the employees perform their work related tasks through and at the same time protect the data from being compromised. GajShield’s BYOD management gives the enterprises a complete solution by providing them with the ability to set policies and restrictions to keep the data safe and seamless.

The rise in the occurrence of data leaks can be, in part, attributed to the propagation of enterprise mobility and the Bring Your Own Device (BYOD) culture, without due attention directed towards the associated data and cybersecurity risks that emerge. Businesses, in an attempt to increase employee productivity and to save on heavy infrastructure costs, are encouraging employees to use their personal devices for work. As a result, it is becoming harder for the enterprise cybersecurity team to monitor every device and implement a uniform data security policy across all devices. This results in users using their devices to share information outside the organization accidentally. Even if an enterprise uses email security to prevent employees from leaking information, users can use other applications using their personal devices to share information.

Using a Data Security Firewall solution with BYOD protection can ensure that data security policies are applied to all devices, regardless of differences in their manufacturers or operating systems. It prevents users from sharing confidential data to those outside the organization. Using a BYOD security system also prevents suspicious and risky applications from running and leaking critical enterprise data without the knowledge of users. 

GajShield’s BYOD Policy works effectively on its Data Security Firewall series. GajShield’s BYOD feature aims to enhance the UserSense engine in the popular DC and NU Series to inspect, detect and monitor the traffic and control the devices being used by employees. BYOD management is able to identify the end point including whether it is coming from a mobile device or a desktop. This information greatly helps the enterprises to set up different BYOD policies limiting the access to internet or mobile applications as per their requirements.

It often happens that employees are allowed to bring in devices which are not controlled by the enterprise. Many of these devices have varied Operating Systems like Android, iOS, Windows, etc. and the chances of malicious apps been downloaded on these devices is very high. These devices can compromise the enterprise network with unaccounted traffic. In order to overcome this issue, GajShield’s Data Security Firewall.

Uses and Object-Oriented Policy security management that allows enterprises to take various steps to step up the security of their system.

Enterprises can block access to critical servers in DMZ to BYOD devices, they would be able to setup Data Leak Prevention solution and apply data security policies that would help them to monitor and block all data uploads from these devices, furthermore, risky applications with possible data leak threats could be easily blocked

GajShield also helps enterprises to set up policies to limit access to the internet (based on time) from these devices and control and limit the bandwidth used by these devices. All the BYOD devices can be redirected to non-critical internet links so that the business applications are not affected.

By incorporating these security features, enterprises can avail the advantages of lesser investments in hardware as employees would bring in their own devices and GajShield’s BYOD would ensure security as well. For employees, it is a win-win situation as well as it provides them with flexibility and technology familiarity as employees tend to be familiar with their own devices.

KEY FEATURES:

• Block access to critical servers in DMZ to BYOD devices
• Setup Data Leak Prevention policies which monitor and block all upload from these BYOD devices
• Block risky applications which can lead to data leak from BYOD devices
• Setup policies to limit access to internet from these devices
• Control and limit the bandwidth used by these devices
• Control and limit unauthorised access
• Limit access to internet based on time. (Education institutes do not want students to have access to internet during class hours)
• Redirect the BYOD devices to non-critical internet link so business applications are not affected
• Individual user wise report based on BYOD devices.

The GajShield Sangam is a Centralized Management System dedicated to manage GajShield’s Data Security Firewall all at one place. Sangam enables network admin to manage distributed network of GajShield Data Security Firewalls, managing all aspects of device configuration, push data security policies, global security policies, view all firewall traffic, and generate reports — all from one central location using a single console.

Single Platform for Security.

GajShield Sangam provides administrators of simple or complex network environments with a powerful, intuitive interface to centrally manage multiple GajShield Data Security Firewall appliances including network policies, URL filtering, Data Leak Prevention, Application Filtering, IPS, Gateway Antivirus, Gateway Anti-spam, ISP Failover & Load Balancing and software updates.

One Point Reporting:

Sangam offers Real-time visibility of threat summary and trends. its powerful reporting allows network and security manager to manage and view complete security report from a single management platform.

Centralized Management:

Sangam offers a unified platform for managing all the firewall in the organization’s network. It offer the Ability to individually configure advanced options of the firewall, Ability to define Firewall, IPS, URL Filtering, DLP, Application Filtering, Gateway Antivirus, Gateway Anti-spam, ISP Failover & Load-balancing policy implementation from central offices, functionality to add Groups and configure multiple firewalls together at the same time, feature to retrieve all the firewalls health status in a single dashboard, Intuitive and comfortable UI, ability to work with Pseudo Interfaces/Hosts/User Groups and be independent from firewall constraints like IP addresses and usernames, functionality to take firewall backups and save them in a central location, Add new firewalls to a group to make it act as the one amongst the group, Have the server auto-synchronize all the firewalls at regular intervals, etc.

Single-Touch Deployment:

Single-Touch Deployment. GajShield’s simplified deployment capabilities allow enterprises to ship unconfigured GajShield NGFW appliances to each remote site. When plugged in, the appliance connects to the service in Centralized Management Service Server. Within seconds, the server authenticates the remote device and connects it to a Central Management System for easy policy deployment.

Advantages

• Centralized Policy management
• Easy operations with minimum learning curve
• Flexible deployment
• Consolidated Network and threat visibility
• Reduced operational cost
• Allows grouping of security appliances
• Create policy templates, which can be re-used.

The Data Security Firewall uses an Advanced threat protection is a solution that helps keep zero-day and advanced threats away from entering an organization’s network. These threats are usually engineered to be disguised as good traffic and evade security measures used by the target organization. These can be a malicious file, URL or a constructed mail for well a planned attack.

GajShield’s Intelligent Sandboxing technique identifies malicious files and sandboxes it in a virtual environment, away from the organization’s network to traps the injected malware.

The ATP combined with advanced Machine Learning capability that finds outlier to identify suspicious traffic for further process by the security engines for preventing zero-day threats and keeping them away from the network. Today's viruses, Malwares, Worms and Trojans target the primary weakness in anti-virus technology: the time it takes for new signatures or heuristics to be developed and distributed. GajShield Next Generation firewall appliances, integrates Zero-Day Virus Outbreak Protection to shield enterprises in the earliest moments of malware outbreaks, and right through as new variants emerge.

GajShield zero-day protection overcomes the newer security issues witnessed, in which large quantities of Trojans and other viruses are being missed by traditional signature-based and heuristic antivirus engines increasing the risk for organizations.

Advantages:

Intelligent Sandboxing:

GajShield’s Intelligent Sandboxing service is a cloud-based sandbox designed to discover unknown threats such as ransomware at the gateway, by creating a virtual environment away from organization’s network and running the suspicious file to identify previously unseen malware and threats. It analyses executable programs (PE), JAR, APK, DLL, PDFs and MS Office files etc. (50+ types). It has support for multi-operating systems including Windows, Android, Mac OS and Linux. An organization can decide which files it would like to exclude from sandboxing based on file type, name, sender and recipient.

GajShield Threat Lab:

GajShield Threat Lab stores a database of all Proactive virus and malware detections, bad IP addresses, domains and URLs. At the GajShield Threat Lab, a database of real-time spam outbreaks is collected and compiled and maintained, through consultation with global Internet Service Providers. Patterns are analyzed, categorized, and cross-matched using algorithms, run to optimize the detection of repeating patterns and their sources. This database, containing approximately over six million signatures, is continuously updated with more than 30,000 new unique signatures added hourly. GajShield Threat Lab uses honeypots, sensors deployed across the internet which provides early warning of cyber attacks. Machine learning is used to crawl the internet to identify malicious sites. The cyber threat intelligence (Indicator of Compromise list) which consists of bad IP addresses, domains, URLs, file hash (md5/sha256), malware signatures, spam outbreak signatures which are generated by GajShield Threat Lab, is fed into each security component of GajShield NGFW. With the release of GajShield DSF Bulwark firmware, GajShield firewalls intelligently identify various attempts to compromise and alert the administrator in real time. Advance DSF engine monitors traffic in real time and using the IOC list is able to identify attempts to compromise database servers, unauthorised access to Windows or Linux servers, suspicious traffic or even attempts to leak data out of your network.  

Signature – Independent Protection:

Signature-independent protection is an essential complement to traditional AV technologies, security experts agree. By proactively scanning the Internet and identifying massive virus outbreaks as soon as they emerge, GajShield's Zero-Hour (Zero-Day) Solution provides just that: proactive virus blocking that is effective and signature-independent.

Gateway Defence:

GajShield Firewall sits at the gateway and acts as the first point of encounter to all cyber threats. Its proactive security helps in defending cyber-attacks, real-time. It deals with the threats at the gateway, keeping threats away from the organization’s network thus, maintaining a cleaner network environment.

Immediate:

GajShield provides enterprises with proactive virus detection they need to close the early-hour vulnerability gap during which millions of users are infected. GajShield's proactive virus detection capabilities ensure users' protection hours before signatures are released. 

Artificial Intelligence and Machine Learning:

AI and ML-based cybersecurity solutions will become a necessity in the future of cybersecurity as traditional means will become incapable of mitigating the risks posed by ever-evolving malware, hacks, and other types of cyber-attacks. AI-based self-learning applications will become a standard part of cybersecurity teams’ toolkits that will ensure continued protection against evolving risks.

Proven:

Robust and inherently immune to emerging foiling attempts, GajShield has a proven record of being one of the highest performings among proactive virus control solutions. GajShield's Zero-Hour Virus Outbreak Protection is powered by GajShield Threat Lab, which has a track record of protecting millions of users globally.

Features:

• Ransomware Protection
• Malware Protection
• Real-time inspection & protection from unknown threats through proactive/stream mode
• Deploy signatures to the firewall when a file is identified as malware
• Analyses archives like zip, tar, gzip, 7z, rar across all operating systems.
• Analyses many different malicious files irrespective of its size (executables, office documents, pdf files etc.) as well as malicious websites under various operating systems like Windows, Linux, Mac OS and Android.
• Trace API calls and general behaviour of the file and distil this into high-level information and signatures.
• Threat analysis on dashboard
• Analyse network traffic, even when encrypted with SSL/TLS.
• Perform advanced memory analysis of the executable programs to identify and detect potential malicious files.
• Recurrent Pattern Detection of unknown malware through emailing protocols
• Multiple spam classification
• Independent of Content, Format, Language
• Real-time Blacklist (RBL), MIME header checks
• Filter based on message header, size, sender, recipient, subject line tagging
• Zero hour Virus Outbreak Protection
• Anti-botnet security