Businesses are increasingly relying on data and data-driven technologies, their business-critical data is being generated from a variety of different sources and being shared with a wide range of different enterprise stakeholders. However, its misuse causes detrimental effects. The digital era has opened various concerns such as data theft, data leak, data breach, business email compromise, ransomware, malware, email phishing, scams, and other attacks to name a few.

The Cyber Threat landscape has overhauled in the last few years with the understanding of how cybersecurity has evolved to fight against it. In the recent few years, cyber attackers have become more cautious and are well aware of security measures and techniques used by cybersecurity experts to fight against them.

Attackers have become smarter and no longer use the traditional malware writing approach. These threats are developed in a way that some traditional security measures can no longer detect them while they enter a network, disguised as good traffic. Thus, a newer approach that inspects traffic using more than just the file and web traffic signature is needed to intelligently identify and takes necessary actions against it, securing the network.

Using just the traditional firewalls will not help overcome zero-day threats and safeguard the organizations. Using Data Security Firewall with contextual intelligence engine, one can gain deeper visibility into the network and gain complete control over it.

The Data Security Firewall understands your data and takes the necessary actions to prevent them from being exploited. It uses Advanced Pro-Active Security measures to safeguard the organization’s network from external attacks and keeps away data breach attempts right at the gateway.

Approach:

GajShield Data Security Firewall Appliances sits and the Gateway level and acts as the first layer of defence for network security. GajShield Firewall leverages the Visibility – Control – Protection approach, an approach that uses basic cybersecurity initiatives to protect from latest cyber threats on a real-time basis and improves security intelligence by collecting various threat data to be future-ready.

Visibility is the key to Cyber Security. Using contextual intelligence Engine for Data Layer application, better and deeper than Layer 7(Application) visibility to identify exactly which application, threat vector and the user makes the network vulnerable and increases visibility. Visibility of the network allows organizations to be well aware of complete network activity. The Contextual Intelligence Engine captures various data points of network activities on Various Applications to bring maximum visibility combined by Our latest Firmware GajOS: Bulwark. with its deep and granular reporting tool.  

The Bulwark act as the one-stop place for granular reporting and policy implementation and security and performance. with GajOS Bulwark 4.0, taking actions to control network activity is simpler due to its simplified policy implementation capabilities. A controlled network environment helps in maintaining unauthorized network activity reducing the risk of cyber threat. This also allows controlling of critical data flow out of the network at the Gateway level using a combination of Contextual Intelligence Engine and Data Leak Prevention Solution.

Data points analyzed by Contextual Intelligence Engine and policies implemented using Bulwark is combined with GajShield’s Threat lab to identify anomaly and keep bad actors away from the network. At GajShield’s Threat Lab a database of real-time threat outbreaks is collected and compiled and maintained, through consultation with global Internet Service Providers. Patterns are analyzed, categorized, and cross-matched using algorithms, run to optimize the detection of repeating patterns and their sources. This database, containing approximately six million signatures, is continuously updated every hour.

Using best of breed technology GajShield appliance identify and detection fast-moving exploits like Ransomware, Malware, Spams, Viruses etc. It allows to create users based policies across Firewall, IPS, URL Filtering (Proxy with Caching and Inline), Data Leak Prevention, ISP Failover and Bandwidth Management, P2P & IM control whereby giving granular and complete control of the Security implementation.

GajShield Threat Lab:

Proactive virus detection, Robust and inherent immune system that integrates Zero-Hour (Zero-Day) Virus Outbreak Protection to shield enterprises in the earliest moments of malware outbreaks, and right through as new variants emerge. By proactively scanning the Internet and identifying massive virus outbreaks as soon as they emerge, proactive virus blocking is effective and signature independent. At the Threat Lab, a database of real-time spam outbreaks is collected and compiled and maintained, through consultation with global Internet Service Providers. Patterns are analyzed, categorized, and cross-matched using algorithms, run to optimize the detection of repeating patterns and their sources. This database, containing approximately over six million signatures, is continuously updated with more than 30,000 new unique signatures added hourly.

Features of GajShield Security:

• In-depth Visibility on the applications used by users and not just the ports or protocols. Identify rogue applications and block them using application filtering policies.
• Monitor and Control Data Leak through Web uploads, Instant Messaging and Email protecting important and confidential data. Allows to create policies based on users, groups and provides in-depth visibility using its innovative context-based data leak prevention.
• Identify which user is sending what data, including attachments in Instant Messaging, Web Uploads, Social Networking sites, HTTPS, Email etc. Complete Archiving gives visibility and policy definition increases security.
• Gajshield can monitor & restrict Traffic generated from LAN & Wireless (WLAN) devices at gateway level and enforce policies with the help of UserSence & 2FA (Email & SMS)
• Prevents Ransomware, Malware, Spams, phishing, pharming attack in Real-time. Zero Hour Virus Outbreak prevention identifies new outbreak instantaneously and protects the network. Zero Hour Anti Virus block zero-day viruses much before signature-based virus engines do.
• Detects and blocks spyware, malware, and application vulnerability exploits.
• Detection and Control of evasive and Port hopping applications like IM, P2P and Open Proxies.
• UserSense allows setting granular policies based on users rather than IP address across Firewall, IPS, URL Filtering, Antispam, Antivirus, Data Leak Prevention, ISP Failover & Load Balancing.
• Supports multiple ports/protocols & services (200+)
• Supports Open Standard security group tags and name. 
• Provides Web-based Proxy with URL Filtering and caching. Can work simultaneously in both transparent and proxy mode.
• Best in class Application Filtering with 85+ categories and custom category filtering capabilities.

Value Proposition

GajShield Firewall solutions helps in keeping threats away from the organization right at the gateway level. We understand the cyber threat space and have created solutions that helps in securing the organization from threats that are often left unnoticed. We use the latest and the greatest of technologies like the Contextual Intelligence Engine©, Machine Learning etc. for an Intelligent Security Solutions combined with Advanced Deep Visibility for ultimate security.

Advantages of GajShield

• Data Understanding product & solutions:

Looking at the current cyber-attack trends and other security solutions, GajShield has worked towards developing a product that understand the Data for better security.

• Preventing Data Leaks

GajShield uses a Context Based Network Data Leak Prevention to prevent business critical data from being leaked out through various gateways like Email, SaaS application like Gmail, Google Drive, etc. and other popular social media platforms.

• Protection against Email Borne Threats

Email being the go-to means of business communication, attracts threats through it. GajShield uses Advanced Email Security Solution to protect from Email Borne malware, virus, business email compromise attacks and more. 

• Protection from Threat

At GajShield, we understand various threat vectors and help organizations to protect from the commonly ignored intentional and unintentional threats using intelligent security solutions.

• Security for Roaming Users

Roaming users are the most accessible and easy targets for a lot of a?ackers. GajShield enforces roaming users to route all network traffic through the firewall at HO, bringing them under a secured network.

• Unified Platform for Security

GajShield’s constant research and development has led to the creating of a uniformed platform for both network and data security.

• Contextual Security

GajShield leverages its capability to provide visibility of data context, deeper than the traditional Layer 7 application visibility and performs proactive scanning to identify exactly which application, threat vector and user makes the network vulnerable and increases visibility, data security and performance.

How we use Cloud Application has changed drastically over the recent years. With acceleration in importance of data there is a shift in the way we store and access data today for business efficiency and ease, cloud based infrastructures and cloud application strategies are the most adopted to maximize business efficiency.

We tend to use various Cloud Applications for Mail, File Storing and Data Transfer. With applications like Gmail, Yahoo, Rediff mail, Google Drive, One Drive and more, employees feel ease in accessing data stored, access mails or to help share data within or out of the organization. However, with this ease of usability, use of such applications leads to a major flaw in Data Security efforts by the Cyber Security team. This is majorly because of the visibility that the Next Generation Firewall cannot provide. The traditional Next Generation Firewall with Layer-7 security firewalls can analyze only the application interfaces, i.e., at the points where the data enters or leaves an application. However, it does not offer any visibility or control over how the applications use this data.

Data Being crucial and a very important asset of any organization, the organization must have visibility on all the transaction involving data in order to protect it and prevent exploitation. Not having visibility has resulted in a lot of data leaks in the past involving both intentional and unintentional actions by an internal user and data breaches involving internal and external actors for financial and non-financial gain.

A Data Security Firewall goes beyond application layer visibility and identifies critical data even when it is used on cloud and web based applications. As a result it can prevent data leaks when shared using such tools. Additionally, a data security firewall uses contextual intelligence to gain a deeper understanding of data transactions. By doing so, it can detect the attempts to share critical data outside the organization using such platforms, thereby eliminating the risk of data loss.

Gain Visibility Control and Protection using GajShield Data Security Firewall that uses a combination of GajShield Contextual Intelligence Engine, GajOS Bulwark and GajShield Threat Lab for a 360⁰ protection.

Features:

Deeper Visibility

Visibility is the key to cyber security and thus having an overview is not enough. Our GajOS Bulwark features advanced reporting for Greater visibility across the network supporting various logs and packet information essential for security. We use information from the Contextual Intelligence Engine and inject valuable information gathered to create contextual information that allows organizations to deep dive into granular details, achieving deeper visibility. With GajShield Advanced Visibility capability extends your visibility across various Mailing, file sharing, File uploading/Downloading, cloud data storage, instant messenger and social media platforms for complete monitoring on these business and non-business applications.

Control Collaborative Applications:

With the capability of the Data Security Firewall to deep dive into contextual data of web applications, the Data Security Firewall allows organizations to set granular data security policies that allows the organizations restrict such collaborative business application to business use only.

1. Use of Corporate Login on Gmail, Yahoo, Rediff Mail, G-Drive, One-Dive, Social Media platforms like Facebook etc.
2. Restrict Personal ID Use on these SaaS applications.
3. Restricting to send mail with absence of reporting manager in CC
4. View Mode: allowing to access but not able to perform any action.
5. Prevent data leak from such apps.
6. Control on sending Mails to IDs other than predefined IDs/Domains
7. Control of Data Uploads based on file size, type, content and more.

Data Leak Prevention

                A Unique Context Sensitive Data Leak Prevention Solution to protect Data Leak. The Data Leak Prevention Solution identifies, monitors and protects the data in motion on your network through deep content inspection and a contextual security analysis of transactions, Data Leak Prevention systems act as enforcers of data security policies. They provide a centralized management framework designed to detect and prevent the unauthorized use and transmission of your confidential information. Data Leak Prevention protects against mistakes that lead to data leaks and intentional misuse by insiders, as well as external attacks on your information infrastructure.

Advanced Threat Protection

Advance threat protection keep zero-day and advanced threats away from entering an organization’s network. The ATP combined with advanced Machine Learning capability, understands and learns usage pattern and finds outlier to identify suspicious traffic for further process by the security engines and preventing zero-day threats and keeping them away from the network. An Intelligent Sandboxing technique that uses machine learning, identifies a malicious file, sandboxes it and traps the malware that are injected even in sleep mode for it to remain in hibernation mode and attack once it stays in the network for a period of time. Our advanced sandboxing simulates clicks and key strokes to capture malware that uses Click and Key inputs to activate such carefully engineered malware.

Secured Connectivity

A multi cloud environment often struggles with a secured way to connect with. Using high-speed VPN and Secured Connectivity methods, we combine intelligence from Contextual Intelligence Engine with security policies, organizations can now interact with Cloud applications and Data centers more securely than ever.

Roaming users are the most vulnerable entry point to any organizations and with remote working becoming an increasingly popular trend among workers, enterprises are feeling the need to implement strict policies to secure their valuable data. However, despite devising strict and detailed policies for the use of personal mobile devices, enterprise cybersecurity teams are often let down by solutions that fail to enforce their security policies across a variety of devices and networks (like public Wi-Fi hotspots). As a result, they are vulnerable to data leaks and cyber-attacks through the devices carried by their roaming users.

That’s why, to prevent data leaks and act as the threat vector, roaming users regardless of the device and network they use, GajShield’s Data Security Firewall with the help of Enterprise Cloud Solution, ensure that all users, roaming or otherwise, are secured when they access enterprise data and applications when they step out of the enterprise network. Even if they use public Wi-Fi networks, the cloud security solution scans every packet of data being transmitted by users with its Deep packet Inspection (DPI) capability combined with Contextual Intelligence Engine to create context of all the traffic for the Data Security Firewall to understand and take necessary action. As a result, if any communication to or from the roaming user contains sensitive data that shouldn’t leave the organization, the Data Security Firewall blocks such communications based on defined data security policies. It also identifies malware and suspicious files that can infect the enterprise applications and blocks them from running and causing harm to the enterprise network, saving from a cyber-attack. 

GajShield’s Enterprise Cloud Solution enforces routing of all traffic through the HO’s Data Security Firewall (Public or Private) and applies all the data security and global security policies to all the browsing and network activity. This allows the organizations to gain complete visibility on all the network traffic of the roaming user for monitoring along with the greatest of security solutions to ensure maximum Security and prevent data leak.

GajShield allows organization to decrypt SSL traffic to detect and block hidden malicious content or outgoing sensitive information. GajShield inspects and protects the organization against known viruses and worms using signature and heuristic technologies. GajShield’s architecture provides inspection at many levels and at regular times with the speed of most competitive products, ensuring full protection without introducing latency. In addition to this, a range of spyware, including malicious Trojans, system monitors, key-loggers, and adware, which are pervasive threats and significant security risks, are effectively detected and stopped by GajShield’s antispyware. Security is ensured to the roaming users even when they are a part of an insecure network like public Wi-Fi, etc.

Besides this, GajShield allows that organization to decrypt SSL traffic to detect and block hidden malicious content or outgoing sensitive information.

As the traditional perimeter is vanishing with enterprises connecting to their customers and partners, data leakage and cyber-attacks are becoming an expensive, burdensome problem. Employees, whether their intent is innocent or malicious, can easily send a Webmail or IM with confidential information. Information can be posted on social networks and blogs instantaneously. Private information, such as consumer’s Social Security and Credit Card numbers are protected by Government regulations and leakage creates legal liabilities and harms brand reputation. Furthermore, leaks of sensitive company information may lead into financial losses.

Enterprise Cloud Functionality:

GajShield Data Security Firewall provides an integrated, best-of-breed, and comprehensive functionality. It allows organizations to create common, granular policies for various areas. It has an intuitive user interface, so that use of the service literally requires no training. There are three key areas of functionality: secure, manage, and comply GajShield inspects all outbound and inbound web traffic to protect enterprises from these threats.

• Enforcing of security policies and control including web filtering, application filtering, DLP along with visibility of roaming users (using cloud client).
• Restricts roaming users to disable security policies.
• Viruses, Malwares & Spyware: The Known Threats.
• GajShield inspects and protects against known viruses and worms using signature and heuristic technologies.
• GajShield’s architecture provides inspection at many times the speed of most competitive products, ensuring full protection without introducing latency. In addition, spyware is a pervasive and significant security risk. GajShield antispyware detects and stops a range of spyware, including malicious Trojans, system monitors, keyloggers, and adware.
• Web traffic is increasingly being encrypted using the SSL protocol. If an organization selects SSL decryption policy, GajShield allows that organization to decrypt SSL traffic to detect and block hidden malicious content or outgoing sensitive information.
• As the traditional perimeter is vanishing, with enterprises connecting to their customers and partners, data leakage is becoming an expensive, burdensome problem. Employees, whether their intent is innocent or malicious, can easily send a Webmail or IM with confidential information. Information can be posted on social networks and blogs instantaneously. Private information, such as consumers’ Social Security and credit card numbers, is protected by government regulations and leakage creates legal liabilities and harms brand reputation. Further, leaks of sensitive company information risk financial loss.
• Several companies have emerged to offer specialized solutions to prevent data leakage. These solutions often require extensive implementation and consulting services. They are also just another point solution to be added to an already-crowded perimeter gateway. Not surprisingly, less than 5% enterprises have deployed data loss prevention (DLP) solutions today.
• GajShield CASB (Cloud Access Security Broker) provides in depth security for well-known SaaS applications like Google G-Suite, Office 365, Yahoo, Rediff Mail, Facebook and others. Cloud Access Security Broker (CASB).
• GajShield DLP solution provide in depth visibility to the data which is sent out of your corporate asset

Benefits:

• No end point security product required, improves performance
• Mobile users comply to company policies even when they are not in the network
• Central policies with ease of management for mobile users
• High end infrastructure protecting cloud user

Further Reading

Download Brochure

Case Study: Zodiac Clothing Company uses GajShield Cloud Security to secure its 130+ stores