Core Cloud IPaaS combines full spectrum threat detection, predictive analytics and automated mitigation to eliminate advanced threats.

According to The Identity Theft Resource Center, enterprise information leakage has become a serious problem in recent years. X-FORT provides a comprehensive endpoint security solution includes DLP, DRM, and ITAM. It prevents confidential information from breaching or losing, and provides the management tools of applications, computer assets, and remote control. Over 400,000 users and 800 organizations are protected by FineArt Technology, and we help worldwide Government and Enterprises, such as NTT Data, China Motor, and Seiko, to protect what matters most to them. Features

• Prevent Data Leak via Computer Peripherals: Control storage devices such as USB flash drive, mobile drive, and memory cards; external devices such as CD burner, printer, IrDA transceiver, Bluetooth, etc. Protect contents of local hard drive through CD/USB drive boot or hard drive cascade. Also provide various controls such as prohibition, read-only, on-the-fly encryption, and write to device with supervisor approval.
• Prevent Data Leak via Network: Strictly monitor cloud service, e-mail, net share, IM software, P2P software, FTP, and Web posts. Also completely monitor Internet 3G/4G card, wireless card, and dial-up Internet service.
• Comprehensive Management tools: Includes PC management functions such as IT asset management, software control, remote deployment & help desk, integrated Windows Update / Hotfix, and provide comprehensive analysis reports.
• Digital Rights Management: SVS (Secure Virtual Storage) and SVT (Secure Virtual Tunnel) provide file encryption and file access rights to protect important data such as intellectual property and source code.
• Self-Protection Mechanism: Prevent destruction and removal by malicious users or process.

Various Optional Modules: Required on demand, easy to expand and upgrade your security system.

CITIC Telecom CPC TrustCSI™ Managed Security Services, complementing multiple Security Operations Centers (SOCs) with high availability and disaster recovery functionality, are designed to help you handle these increasing IT security demands effectively. Based on ISO27001 certified processes, we provide robust 24 x 7 monitoring and help businesses identify and analyze vulnerabilities, prioritize threats as well as refine security policies and processes.

The CrowdStrike Falcon® platform is pioneering cloud-delivered endpoint protection. It both delivers and unifies IT Hygiene, next-generation antivirus, endpoint detection and response (EDR), managed threat hunting, and threat intelligence — all delivered via a single lightweight agent. Using its purpose-built cloud-native architecture, the Falcon platform collects and analyzes over 1 trillion endpoint events per week from millions of sensors deployed across 176 countries.

Ericom Shield handles browsing sessions remotely, blocking web-borne threats from penetrating your enterprise. Isolating users from malicious web content, Ericom Shield eliminates the browsing web threat vector while maintaining user productivity.

【Function Features】
Browse with Confidence

• Empower users to click without fear of data exploits, ransomware, malvertising and other threats.
• Increase productivity by allowing all users to freely access websites they need.
• Download files without concern about malware with factory-integrated file sanitization.
   

Make IT Easy

• Reduce IT complexity, costs and management associated with blocking malware at the end-user device.
• Scale up quickly, without endpoint installations or plug-ins.
• Centrally manage solution across all devices and operating systems.
   

Browser Isolation

• Executes 100% of active web content off of endpoint, in a remote disposable container.
• Renders websites as a safe interactive content stream.
• Delivers transparent, natural browsing experience for users.

We offer IT division an easy interface to manage each employee’s access permission. Access Control offers an array of abilities such as IP restrictions, device certificate and BYOD solution. HENNGE Access Control allows your company an all-round security protection and reduces the potential threats from phishing email or websites. If your company is using AD to manage local accounts, HENNGE Access Control can also synchronize the information from AD to cloud. We provide a comprehensive SSO verification that helps corporates to securely manage authentications of various cloud services.

In comparison to limited storage of traditional email archives in the current market, our unlimited storage space of Email Archive solution is an absolute bargain. By using the archive service, employees won’t need to worry the insufficient mailbox storage. In scenarios of auditors auditing and employee handover, we provide a secure cloud space to archive all inbound and outbound emails. Admins or users can use the search engine to search the specific email quickly and don’t need to look for a needle in a haystack anymore, which will substantially improve work efficiency.

Do you worried about the potential of security data that may leak through employee’ email? We are here to provide the right solution: Data Loss Prevention. Just because Email is becoming the most commonplace means of communication, we should not overlook the importance of Email DLP, in fact, we should value it more. With years of email technical experiences and consulting services in HENNGE, we have tailored the Email DLP product for Taiwanese market. Email DLP allows company sensitive data in the Email to be filtered, email attachment be encrypted and requires sensitive materials to be approved or confirmed by the use of Email suspension period.

Is your corporate facing instability issues when transferring large files? FTP is not satisfying your company’s file transferring demand? The HENNGE Secure Transfer allows you to transfer large files to the recipient simply by quick and easy upload and a past of the link in your Email. You can easily exchange large files with external recipients using our affordable and secure HENNGE Secure Transfer service.

ObserveIT – Insider Threat Solution for Detection, Investigation, Prevention and Analytics

LogRhythm - NextGen SIEM Platform

Thycotic – Privileged Access & Password Management Solution

Ericom Shield - Remote Browser Isolation and File Sanitization

Kaspersky Threat Management and Defense is a unique combination of top tier security technology and internet safety services; providing organizations and enterprises with high adaptability in accordance with their characteristics. The integrated processing procedures offer strategic approaches to prevent advanced threats and targeted attacks. 

Kaspersky Threat Management and Defense supports the development and enhancement for threat management strategies. Not only can it automatically collect information and digital evidence with machine learning to simplify manual detection and automate the event analysis, but also provide a large scale of analytical data for sophisticated investigations, offering you the professional assistance against the most complicated menaces. These features can be managed intuitively with a simple interface, presenting business orientated results through reports and dashboards in a straightforward format.

LogRhythm NextGen SIEM Platform-Achieve End-to-End Threat Detection and Response in a Single Platform
To effectively fight threats, you need the right tools. The LogRhythm NextGen SIEM Platform aligns your team, technology, and processes. It helps you see broadly across your IT environment, identify threats, and quickly mitigate and recover from security incidents.

LogRhythm’s end-to-end solution helps you uncover threats and minimize your risk though Threat Lifecycle Management (TLM), a detection and response framework for security operations centers (SOCs). TLM enables you to sift through the noise, investigate concerning incidents, and increase your organization’s security maturity.

Network Box provides customers with "hybrid firewall", "intrusion detection and protection system", "antivirus gateway", "virtual private network", "spam filtering", "web content filtering", "web application firewall WAF" "DDoS Decentralized Blocking Service Attack Defense" and "Application Control" real-time monitoring and defense management system help enterprises to do the most powerful computer information protection for enterprises in response to rapid network changes and enterprises facing various network threats. To prevent theft of important information, the infringement of electronic digital assets, and the loss of corporate reputation, to prevent and eliminate possible network threats and attacks.

The Security Operation Center provides 7*24 professional monitoring management and consulting, management interface and online real-time reporting, and a professional team provides MSSP (Managed Security Service Provider) web hosting service, complete security management We will help you to solve your own integrated threat management equipment and help enterprises to maximize their protection under a limited budget: (1) Early warning and notification mechanism (2) Instant alarm mechanism, master the latest security trends (3) Alarm message collection And correlation analysis (4) information security equipment adjustment and policy setting (5) accident elimination and tracking processing (6) consulting services (7) to enhance corporate employees' information security awareness

Weakness analysis audit management services for information security threats companies generally can not effectively grasp the threat information, information personnel often play the fire brigade, but can not effectively deal with information abnormal threats, we provide assistance to the customer information system vulnerability scanning risk analysis audit and advisory services can be effective Help customers keep track of the risks of corporate information and effectively reduce risk of control, support IPv4/IPv6 dual protocol, support Unicode, support CVSS score, support CVE, support CIA impact, support command line mode to perform scan auto-detection communication The communication protocol (Protocol) of the service provided by the service includes the ID connection of the CVE, the intelligent scanning of the network, and the simultaneous scanning of IP address hosts and devices using IPv4 and IPv6 protocols.

ObserveIT empowers security teams to detect, investigate, and prevent potential insider threat incidents by delivering real-time alerts, and actionable insights into user activity in one easy-to-use solution.

• Detect Threats in Real-Time

Your biggest asset is also your biggest risk. ObserveIT helps security teams rapidly detect potential insider threats, using user activity monitoring data captured on UNIX/Linux, Windows, and Mac endpoints for both employees and third-party contractors.

ObserveIT empowers security teams to detect, investigate, and prevent potential insider threat incidents by delivering real-time alerts, and actionable insights into user activity in one easy-to-use solution.

• Power Incident Investigations

When a potential insider threat incident is detected, you need answers – fast. ObserveIT is the tool cybersecurity teams turn to first for insider threat investigations, with comprehensive, easy-to-read user activity data delivered in one place.

• Proactively Respond to User Activity

Detecting a potential insider threat is one thing, but how can you prevent an incident? ObserveIT empowers teams to block out-of-policy activity (including forced logouts), and provide interactive prompts and policy reminders to coach users in cybersecurity best-practices.

• Integrate with the Tools You Already Use

Already using a SIEM, log management, password manager, ticketing system, or some other tool that you’d like to integrate with ObserveIT? Don’t worry – we integrate nicely with others.
 

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

Drop your breaches with an analytics-driven SIEM solution.

Securing against unkown threats through user and entity behavior analytics

Harness the full power of your existing security investments. With Splunk Phantom, execute action in seconds not hours.

TrustCSI™ Managed Security Services, complementing multiple Security Operations Centers (SOCs) with high availability and disaster recovery functionality, are designed to help you handle these increasing IT security demands effectively. Based on ISO27001 certified processes, we provide robust 24 x 7 monitoring and help businesses identify and analyze vulnerabilities, prioritize threats as well as refine security policies and processes.

Thycotic Secret Server privileged account management vaults, monitors, audits and automates privileged accounts across a company’s entire IT infrastructure and is designed to reduce internal and external threats, improve security and restrict user access. Rated #1 in customer satisfaction by industry analysts, the tool is used by over 10,000 organizations and 180,000 IT professionals worldwide. 

Password Reset Server password management enforces strong security policies and allows employees and end-users to manage their own Active Directory credentials from their login screen without assistance from the Help Desk. Provides graphic-based, two-factor and SMS authentication methods on self-service resets. Easy setup is made possible through automatic enrollment and email adoption.

Group Management Server Active Directory group management empowers business managers to organize and provision users within their respective AD groups in a controlled, audited manner, increasing security and eliminating pesky help desk tickets. Intuitive UI for non-IT department leaders makes group provisioning a seamless experience.

UPAS uses a whitelist to manage devices. UPAS will apply different management to monitor devices  that use intranets which are:
•Company devices management
•Visitors/BYOD devices manage
•Network Access Control
•IP Location analysis    

After the device is allowed to enter the intranet, UPAS will perform devices compliance check.
•IP、MAC、PC names、 AD account、Switch、Port
•GPO
•OS, Antivirus Update Check
•Forbidden/Required Software
•Vulnerability analysis
•USB, network connection management

UPAS is aimed to fulfill different IP management.

Automated management 
The system automatically distributes the IP to the device; recycles the unused IP; can reserve specify IP from being occupied by other devices; protect the important host IP. 

IP usage record 
Clearly know the location the device and who is the user. A complete IP usage record can use to trace back when an event occurs

IP asset management 
Add up the number of company assets, such as PC, printer, server, switch, mobile device, etc.

IP configuration list
Monitor the IP usage record and keep the tracking your device's IP usage.
 

Automate Detection.
Automate Response.
Prevent Data Theft.

One unified platform ensures faster detection and automated response – providing accuracy, clarity and certainty for your cyber security team.

Elevate Security Operations
Even with many prevention tools in place, organizations are still getting breached. That's why more organizations are shifting from a prevention-focused approach to a detection and response strategy.
Fidelis Elevate is the only security operations platform that provides deep visibility, threat intelligence and context across complex environments to automate detection and response.

A Force Multiplier for Your Security Operations
Fidelis Elevate™ integrates network visibility, data loss prevention, deception, and endpoint detection and response into one unified solution. Now your security team can focus on the most urgent threats and protect sensitive data rather than spending time validating and triaging thousands of alerts.

Enhance Your Visibility and Detection Capabilities

1. Inspect all ports and protocols
2. See north-south traffic, lateral movement and data exfiltration
3. Enrich alerts with data and context from Fidelis Network®, Fidelis Endpoint®, and Fidelis Deception™– all in a unified platform
4. Combine threat intelligence, sandboxing, machine learning, deception, and Fidelis research
5. Capture and store metadata for analysis and threat hunting

Automate Response for Quick and Effective Resolution

1. Draw conclusions with accuracy by automatically collapsing many alerts and events into a single view
2. Automatically validate network alerts on the endpoint with certainty
3. Raise the priority level when evidence is found of increased risk
4. Automatically execute a response playbook to jumpstart your investigation with clarity
5. Stop data leakage, command and control, and active attacks

Best-of-Breed Breach Detection and Data Loss Prevention (DLP)
Gain visibility into content over all ports and protocols to detect threats and prevent data loss.

See More, Inspect More
Identifying threats and data leakage requires deep inspection and analysis of all forms of content, including unpacking and extracting deeply embedded files. Fidelis Network bi-directionally scans all network traffic, regardless of port or protocol, to reveal the network and application protocols, files, and content.

Never miss an attack or data leaving your network
1.    Patented Deep Session Inspection® as well as Deep Packet Inspection gives you unique visibility across all ports and protocols.
2.    By capturing and storing all metadata traffic, you can use with automated analytics or make available for improved threat hunting.
3.    Automatically discover and classify data on your network to prevent unauthorized transfers out of your network.

Detect Threats
By conducting real-time network analysis and identifying behaviors that indicate compromises, Fidelis Network provides automated detection for the proactive discovery of attackers, suspicious hosts, and malware.

Real-time and retroactive detection
1.    Detect and prevent infections at line-speed with real-time network analysis uncovering initial compromises, suspicious hosts, malware and compromised hosts.
2.    Learn about past attacks with retroactive analysis of stored metadata triggered by key indicators derived from threat intelligence, machine learning, sandbox results and Fidelis research to understand attacker TTPs and prevent future attacks.

Eliminate Alert Fatigue
Fidelis Network automatically validates, correlates, and consolidates network alerts against every endpoint in your network. Minimize false positives and shift from clues to conclusions so you can quickly address the alerts that matter most.

Focus on what matters
1.    Gain critical context and save valuable time by automatically validating, correlating and consolidating network alerts across every endpoint.
2.    Make time-sensitive decisions with pre-staged evidence in one view. Suspicious network data, rich content and files are all assessed against industry-best security analytics and rules.

Prevent Threats
Fidelis Network includes multiple sensors that can be placed throughout your network to enforce prevention policies. These sensors can be placed inline or out-of-band based on your network configuration and prevention tolerance.

Terminate threats in progress
1.    Drop sessions in real-time in response to detected policy violations with inline or out-of-band sensors.
2.    Analyze email content (even when encrypted) and prevent compromises by dropping, re-routing or quarantining email messages with the email sensor.
3.    Redirect web pages or drop sessions with the web sensor.

Detect and Prevent Data Loss
Fidelis Network detects and prevents data theft by utilizing our industry-best content decoding and inspection engine. Get ultimate visibility of exfiltration attempts and keep your sensitive data safe.

See everything leaving the network
1.    Analyze network sessions over time to detect data leakage thanks to stored metadata.
2.    Prevent loss of critical and sensitive data through standard and non-standard ports.
3.    Automatically confirm and stop data theft with deep content inspection of all outgoing network activity.
4.    Gain accurate alerts with clear forensic evidence of data exfiltration.

Automate Endpoint
Detection and Response (EDR)

Increase endpoint visibility, reduce response time from hours to minutes, and enhance your endpoint protection.

Greater Visibility Means Deeper Insight
Fidelis Endpoint provides visibility into all endpoint activity including process actions, logged in users, registry writes, file system activity, and memory. Detect threats by applying Fidelis Insight threat intelligence, custom alert rules, YARA and OpenIOC formats to analyze, alert, and collect system events. Fidelis visibility is always on, whether the endpoint is on-network or off.

See all endpoint activity
1.    Gain visibility into all activity at the endpoint.
2.    Monitor endpoints in real-time and retrospectively, on and off the network.
3.    Record key events with playback analysis that automatically delivers a timeline related to suspected incidents, along with the prioritized alerts.

Respond Instantly to Attacks
Automatically respond to any detection by executing tasks either shipped with the system or customized for your environment. Response tasks include endpoint isolation, creating and using restore points, process termination and file wiping. You can also jumpstart investigations including memory analysis, vulnerability scans, and system inventory. Integrate with Fidelis Elevate to execute response actions to threats detected in the network.

Detect and respond to threats faster
1.    Detect threats in real-time through behavioral rules and indicators provided by Fidelis Threat Research, third party feeds, custom rules and indicators, and signature and heuristic-based detections from Fidelis AV.
2.    Integrate with SIEMs, NGFWs, and more to execute response actions.
3.    Ensure faster response with our large library of pre-written scripts – and create and use your own.
4.    Create response workflows to automatically kick off remediation, deep analysis, or custom actions by defining alert responses and actions.

Enhance Your Endpoint Protection
Fidelis Endpoint can be enhanced with Fidelis AV so you can see exactly where threats originate. Fidelis AV provides both traditional signature and heuristic-based detection and prevention of threats on the endpoint. Process scanning allows users to block execution of processes by hash or with easily created YARA rules.

Prevent malware and block execution
1.    Detect and prevent known and unknown threats.
2.    See where a threat was detected or prevented in the chain of events.
3.    Leverage a central repository of detected threats via our Global Quarantine capability.
4.    Block process execution with Process Scanning.

Businesses can be at risk of losing important data. Lost data leads to costly downtime, customer dissatisfaction, regulatory fines, and lost revenue. As a result, IT pros must meet extremely high expectations. You need to keep the company running 24-hours a day.

Acronis Backup delivers the data protection that meets today’s demands. It keeps your business running, protecting any workload, scaling without limits, and saving you money.

Acronis Backup keeps your business operations running by ensuring your data is always available. AI- and ML-based technologies proactively defend data against ransomware attacks, and with near-instant recoveries, you’ll meet even the shortest RTO, avoid operational outages, loss of productivity and costly downtime caused by infections and recovery efforts.

Acronis Backup reliably protects any data source on 21 platforms - virtual, physical, cloud and mobile, regardless of the size or location of the data. As your data needs grow or your infrastructure evolves, keeping company data secure is easy with flexible, scalable storage and simple backup administration.

Increase overall performance of your production systems and avoid unnecessary disruptions while moving to another system. Improve recovery point objectives (RPO) with the ability to run frequent backups. Instantly protect your systems with the simplest install process possible.
 

No other solution offers such a range of powerful protection tools, all through an informative, easy-to-use dashboard.

Back up your Office 365 account directly to the Acronis Cloud. You’ll be safeguarding the emails and attachments in your Microsoft Outlook.com, as well as the files and folders stored on your OneDrive. Not only can you recover the whole mailbox or OneDrive, you also can search for individual emails and files.

Cryptomining may not steal your data, but this malware hijacks your system resources to mine for cryptocurrencies – slowing your performance, straining your system, and increasing your energy costs. Acronis Active Protection puts a stop to it, detecting and halting cryptomining malware in real time.

Recovering after a crash is simple with this all-in-one recovery tool. Created on an external drive, it contains all you need – boot media, system partition, and all of your backups – to reliably restore your entire system. Make your recovery as easy as plugging in an external drive.

Take even greater control over your local backups in order to better manage your disk space. Our new backup cleanup utility allows you to free up space by manually selecting unnecessary versions of your backup, and deleting the files you no longer need. Keep what you need, wipe what you don’t.

Looking to move to a faster Mac or one with larger disk? Clone an exact replica of your system while it is in use – no need to stop and restart your system. Connect a USB-C cable for super-fast data transfers, or plug in an external drive for a bootable copy. Bootcamp installations are supported as well.
 

Enterprise Threat Protector (ETP) enables security teams to proactively identify, block, and defend against targeted threats using Domain Name System (DNS) such as malware, ransomware, phishing, and data breaches. Enterprise Threat Protector leverages the real-time intelligence provided by Akamai Cloud Security Intelligence and Akamai's proven, recursive DNS platform around the world to deliver security, control and visibility to your business while easily integrating with your existing network defenses.

a.Aon Cyber Solutions
b.Aon Cyber Enterprise Solutions^TM

Our platform is to use the big data as the core technology, then collect and preserve all the log data as well as compressed and signed it . We can also integrate with BI report software to enhance the visualization of internal information. In addition, we can automatically forward log data to the threat analysis platform according to the customers’ needs. The main functions of our platform is SIEM, intrusion analysis, behavior monitoring, vulnerability assessment and automation updated threat intelligence database. Nevertheless, we integrate an AI analysis module for continually monitoring the internal environment as well as to enhance the accuracy of the event. We provide correlation rule for any emergency event so the SOC staffs will know immediately and solve the problem in real time. It will effectively enhance a better monitoring for the internal environment. Furthermore, we also integrate the occurring alert and the incident response into the same platform. For speeding up the process time, our platform corresponds with APP, so that the SOC staffs wouldn’t missed any alert messages. When the system match any information of new malicious IP/URL , It will automatically trigger our anti blacklist mechanism to block the attackers. When major incidents need to report and process immediately, It also be strained through incident report and forensic analysis functions. Billows All-In-One SOC is a comprehensive solution that integrates all the information security audits, compliances regulatory and automated processing for you to easily manage your internal information security monitoring.

From private cloud datacenters to public clouds and SaaS applications, CloudGuard provides comprehensive cloud security solutions to keep enterprise data, assets and apps free from even the most sophisticated attacks.

Designed specifically for payment applications, payShield 9000 from Thales eSecurity is a proven HSM that performs such tasks as PIN protection and validation, transaction processing, mobile and payment card issuance, and key management. The payShield 9000 payment HSM security solution delivers high assurance protection for automated teller machine (ATM) and point of sale (POS) credit and debit card transactions.

• Cryptographic Algorithms Supported, including Symmetric, Asymmetric, and Hashing.
• Certifications：FIPS 140-2 level 3, PCI HSM V1 (selected configurations only), APCA, MEPS
• Key Management Support：including Thales Key Block, RSA Public Key, Master/Session Key Scheme, Racal Transaction Key Scheme, AS2805, etc.

The Vormetric Data Security Platform makes it easy and efficient to manage data-at-rest security across your entire organization. Built on an extensible infrastructure, the data security protection platform features multiple data security products that can be deployed individually or in combination to deliver advanced encryption, tokenization and centralized key management. This data security solution prepares your organization for the next security challenge and new compliance requirement at the lowest TCO.

• Policy and Key Management：FIPS 140-2 compliant virtual appliance or hardware appliance.
• Supported Environments：Physical Server, Virtual Server, Public-Private-Hybrid Cloud, Big Data, Container.
• Encryption Techniques：Advanced Encryption Standard (AES), Format Preserving Encryption (FPE), Granular Database, Transparent File-level.
• Data Pseudonymization Techniques：Cryptographic Tokenization, Random Tokenization, Dynamic Data Masking, Static Data Masking, Batch Transformation.
   

The nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more.

• To suit your specific environment, the nShield family of general purpose HSMs are available in three FIPS 140-2 certified form factors：

       nShield Connect－Network-attached appliances
       nShield Solo－PCIe cards for embedding in appliances or servers
      nShield Edge－Portable USB-based modules

• nShield HSMs support for wide variety of uses and deployment scenarios, including PKI, SSL/TLS encryption key protection, code signing, digital certificates/ signing and blockchain, as well as industry’s most widely used operating systems and APIs.
• Cloud-friendly web service interfaces.
• Stronger key management for your cloud data with nShield BYOK.
• Certification to industry standard, such as FIPS 140-2, Common criteria and eidas compliance.
   

Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Founded in 2002, we have enjoyed a steady history of growth and success, with over 5,200 customers and more than 500 partners in 100+ countries worldwide. Imperva has been named a Leader in the Gartner 2018 Magic Quadrant for Web Application Firewalls (WAF), five years in a row.

The Sonatype journey started 10 years ago, just as the concept of “open source” software development was gaining steam.  From our humble beginning as core contributors to Apache Maven, to supporting the world’s largest repository of open source components (Central), to distributing the world's most popular repository manager (Nexus), we’ve played a meaningful role in helping the world embrace the power of open innovation.

Overtime, we witnessed the staggering volume and variety of open source libraries that began flowing into every development environment in the world.  We understood that when open source components are properly managed, they provide a tremendous energy for accelerating innovation.  Conversely, when unmanaged, open source "gone wild" can lead directly to security vulnerabilities, licensing risks, enormous rework, and waste.

Core Cloud IPaaS combines full spectrum threat detection, predictive analytics and automated mitigation to eliminate advanced threats.

1.Privileged Account Security: Monitors and records privileged account activities; detects and alerts malicious activities, preventing unauthorized users from accessing privileged account credentials.
2.Endpoint Privilege Manager: Grey-listing effectively blocks malicious attacks which strengthens protection and detection.

1.Votiro Disarmer for Email: 24-Hour real-time protection. No need to wait for a problem to be realized to take action.
2.Votiro Disarmer for File Transfer: Disarms any malicious file threats, including macro, script, VB… etc.
3.Votiro Disarmer for Web: Allows user to access websites through a powerful filter which eliminates any malicious threats from URL links.

Non-invasive security control. It detects malware by analyzing all data flow. It discovers blind spots of security, or any hidden malware. By analyzing data history, it is able to utilize a better security method. 

XRVision provides solution to ubiquitous facial recognition. Through many years of experience in smart city security, a big discrepancy between the market needs and functions is realized. XRVision is determined to develop a facial recognition system to be used under uncontrolled conditions. With these challenging restraints, XRVision has achieved an accuracy rate (True Positive) of 75%, under circumstances even reaches 85%, three times higher than the average rate. XRVision has become an effective tool to be used under uncontrolled environment such as for military police, security organizations, and businesses (for example: hotels, casinos, transportation, and recreation).

• IDC - We have three of our own data centers in Taiwan, built up Direct Peering network agreements with major local telecompanies, and 24/7 service which includes Security, System Integration and IDC services.
• Security - Our experienced techs use their security knowledge to offer advanced protection. We also offer consulting with customer-focused security services that are available separately.
• Cloud - Our international cloud services integrate with dedicated servers and private virtual clouds, giving flexibility for allocation and maximizing efficiency with minimal costs.
• App Security - Our premier anti-attack technologies prevent tampering and fraud after launch. Dual-platform security monitoring collects operational data and searches for information about risks automatically.

Web／Data／Email／APT

Web／Document／Email

Metadefender

New generation endpoint protection

Privileged account management

Firewall／UTM／Email

DNS Security

Endpoint DLP

Cloud DDoS Protection Service offering Radware’s industry leading DDoS protection services including Hybrid Cloud DDoS Protection Service integrated with a fully-managed on-premise DDoS protection device, an Always on Cloud DDoS Protection Service where all the traffic is routed through Radware’s cloud centers, and an On-Demand Cloud DDoS Protection Service where traffic is diverted to Radware’s cloud centers only when an attack is detected.

Cloud WAF Service offering always on WAF service to protect both on premise and cloud-based applications. The service is also offered in a hybrid environment with fully-managed on premise WAF to protect premise-based applications.

Alibaba Cloud Anti-DDoS Premium is a value-added DDoS protection service. This service is used to protect servers against volumetric DDoS attacks and ensure the availability of business. By modifiying DNS records to redirect malicious traffic through Anti-DDoS Premium’s dedicated IP address, Anti-DDoS Premium, protects your online presence.

Anti-DDoS Pro is a value-added service used to protect servers, including external servers hosted in Mainland China, against volumetric DDoS attacks. You can redirect attack traffic to Anti-DDoS Pro to ensure the stability and availability of origin sites.

Web Application Firewall (WAF) protects your website servers against intrusions. Our service detects and blocks malicious traffic directed to your websites and applications. WAF secures your core business data and prevents server malfunctions caused by malicious activities and attacks.

You can use content delivery network (CDN) to deliver content to users from the nodes that are nearest to them, accelerating the response to user requests and increasing the response rate. CDN also resolves the delivery latency problem that is usually caused by distribution, bandwidth, and server performance issues. CDN has been applied in multiple scenarios, including site acceleration, on-demand streaming, and live streaming.

An Endpoint Detection & Response tool designed to exploit ESET's multilayered Endpoint Protection Platform. All layers send relevant data to ESET Enterprise Inspector, which analyzes vast amounts of real time endpoint data. The result is complete prevention, detection and response solutions for quick analysis and remediation of any security issue in the network enabling organizations to take immediate action to:Detect advanced persistent threats/Stop file less attacks/Block zero-day threats/Protect against ransomware/Neutralize state-sponsored attacks

Get in-depth, up-to-date global knowledge about specific threats and attack sources, traditionally difficult to detect for security engineers, who access information only within their own networks. Enable your organization to:Block targeted attacks/Protect against phishing/Stop botnet attacks/Detect advanced persistent threats
 

A Network Traffic Analysis tool helps enterprise, government, and critical infrastructure users make their IT operations secure and reliable through advanced artificial intelligence, machine learning, and big data analysis.
#Provides round-the-clock security monitoring
#Gives you powerful rapid detection & response capabilities
#Take advantage of the solution’s powerful detection capabilities
#Let’s you gain a deep visibility into the internal network
#Powerful and easy to use

provides another layer of security for ESET products like Mail Security and Endpoint products by utilizing a cloud-based sandboxing technology to detect new, never before seen type of threats. Future proof your company IT security with:Behavior-based Detection/Machine Learning/Zero-day Threats Detection/Cloud Sandbox

Leverages a multilayered approach that utilizes multiple technologies in dynamic equilibrium to constantly balance performance, detection and false positives enabling organizations to:Protect against ransomware/Block targeted attacks/Prevent data breaches/Stop file-less attacks/Detect advanced persistent threats

Provides advanced protection for your company’s data passing through all general servers, network file storage including OneDrive, and multi-purpose servers to ensure business continuity via:Ransomware prevention/Zero-day threats detection/Data breaches prevention/Botnet protection

Provides an additional layer of security to organizations who are interested in stopping threats from ever reaching their users – multilayered security of the host itself with:Anti-malware/Anti-spam/Anti-phishing/Optional Cloud Sandbox analysis

Provides real-time visibility for on-premise and off-premise endpoints as well as full reporting for ESET enterprise-grade solutions from a single pane of glass securely deployed on premise or in cloud.(Complete network visibility/Full security management/Flexible reporting/Security management automation)

#Low System Demands. Leaves more system resources free while still delivering complete protection
#Remote Management. Fully manageable via ESET Remote Administrator 6
#Employs ESET's award-winning LiveGrid® scanning engine

A simple to use encryption application providing full remote control of endpoint encryption keys and security policy for files on hard drives, portable devices and emails. Ensures:Zero data breaches/Compliance with requirements/Seamless encryption

A simple, effective way for businesses of all sizes to implement multi-factor authentication across commonly utilized systems. Enables your organization to:Prevent data breaches/Meet compliance requirement/Easily manage authenticati/Secure mobile devices

#Covers all data leak channels
#Saves the cost of repairing a data breach.
#Identifies suspicious activities before they result in lost time and money.
#Reduces personnel costs by identifying productivity issues and improving work performance.

With ESET Shared Local Cache and the protection of an ESET security product, one of which must be present on each virtual machine, you get the same full set of tools and security features that you would have in a physical environment, plus significantly boosted scanning speed.

By leveraging VMware agentless technology, protecting compatible hypervisors is as simple as using ESET Virtualization Security Appliance. The solution is natively compatible with ESET Remote Administrator 6, ESET’s web-based console for rapid task execution and complete endpoint security management.

Leverages a multilayered approach to provide complete protection and secure device management of your Android mobile devices. Enables:Protection against ransomware/Data loss prevention/Application control/Remote management

Set-up, configure and monitor all company iOS devices from a single pane of glass. Enables:Anti-theft/Web content filtering/Applications white/black listing/Device security

Scalable on-site business security for organizations of all sizes 
Designed to simplify the demanding security needs of today's organizations

F-Secure Business Suite is an on-site business security solution that offers the best continuous protection for your organization by combining the best of accumulated expertise, advanced technologies, and modern, cutting-edge features with full on-site control. It is a full protection bundle designed to cover the demanding business security needs from gateway to endpoint.

• Layered protection to protect your assets from gateway to endpoint
• Best protection levels covering both known vulnerabilities and new, emerging threats
• Advanced management features to allow you full control of your organization's IT security
• Less work through automation of daily tasks
• Less hassle with a scalable all-in-one package with flexible and transparent licensing for organizations of all sizes
   

Premium cyber security for you and your devices

What does F-Secure TOTAL include?

• SAFE internet security

The world's best antivirus, brought to you by 30 years of cyber security experience. Includes family rules to let you limit children's device use. 

• FREEDOME VPN

The privacy app which received special mention in an independent comparison of over 300 competitors. Make your devices invisible online.

• KEY password manager

A light and easy password manager, allowing you to store your passwords securely and access them from any device.

Organize your SSL traffic to protect your application

Imperva CounterBreach protects enterprise data stored in enterprise databases, file shares and cloud applications from the theft and loss caused by compromised, careless or malicious users.

Automate Detection.
Automate Response.
Prevent Data Theft.

One unified platform ensures faster detection and automated response – providing accuracy, clarity and certainty for your cyber security team.

Elevate Security Operations
Even with many prevention tools in place, organizations are still getting breached. That's why more organizations are shifting from a prevention-focused approach to a detection and response strategy.
Fidelis Elevate is the only security operations platform that provides deep visibility, threat intelligence and context across complex environments to automate detection and response.

A Force Multiplier for Your Security Operations
Fidelis Elevate™ integrates network visibility, data loss prevention, deception, and endpoint detection and response into one unified solution. Now your security team can focus on the most urgent threats and protect sensitive data rather than spending time validating and triaging thousands of alerts.

Enhance Your Visibility and Detection Capabilities

1. Inspect all ports and protocols
2. See north-south traffic, lateral movement and data exfiltration
3. Enrich alerts with data and context from Fidelis Network®, Fidelis Endpoint®, and Fidelis Deception™– all in a unified platform
4. Combine threat intelligence, sandboxing, machine learning, deception, and Fidelis research
5. Capture and store metadata for analysis and threat hunting

Automate Response for Quick and Effective Resolution

1. Draw conclusions with accuracy by automatically collapsing many alerts and events into a single view
2. Automatically validate network alerts on the endpoint with certainty
3. Raise the priority level when evidence is found of increased risk
4. Automatically execute a response playbook to jumpstart your investigation with clarity
5. Stop data leakage, command and control, and active attacks

Best-of-Breed Breach Detection and Data Loss Prevention (DLP)
Gain visibility into content over all ports and protocols to detect threats and prevent data loss.

See More, Inspect More
Identifying threats and data leakage requires deep inspection and analysis of all forms of content, including unpacking and extracting deeply embedded files. Fidelis Network bi-directionally scans all network traffic, regardless of port or protocol, to reveal the network and application protocols, files, and content.

Never miss an attack or data leaving your network
1.    Patented Deep Session Inspection® as well as Deep Packet Inspection gives you unique visibility across all ports and protocols.
2.    By capturing and storing all metadata traffic, you can use with automated analytics or make available for improved threat hunting.
3.    Automatically discover and classify data on your network to prevent unauthorized transfers out of your network.

Detect Threats
By conducting real-time network analysis and identifying behaviors that indicate compromises, Fidelis Network provides automated detection for the proactive discovery of attackers, suspicious hosts, and malware.

Real-time and retroactive detection
1.    Detect and prevent infections at line-speed with real-time network analysis uncovering initial compromises, suspicious hosts, malware and compromised hosts.
2.    Learn about past attacks with retroactive analysis of stored metadata triggered by key indicators derived from threat intelligence, machine learning, sandbox results and Fidelis research to understand attacker TTPs and prevent future attacks.

Eliminate Alert Fatigue
Fidelis Network automatically validates, correlates, and consolidates network alerts against every endpoint in your network. Minimize false positives and shift from clues to conclusions so you can quickly address the alerts that matter most.

Focus on what matters
1.    Gain critical context and save valuable time by automatically validating, correlating and consolidating network alerts across every endpoint.
2.    Make time-sensitive decisions with pre-staged evidence in one view. Suspicious network data, rich content and files are all assessed against industry-best security analytics and rules.

Prevent Threats
Fidelis Network includes multiple sensors that can be placed throughout your network to enforce prevention policies. These sensors can be placed inline or out-of-band based on your network configuration and prevention tolerance.

Terminate threats in progress
1.    Drop sessions in real-time in response to detected policy violations with inline or out-of-band sensors.
2.    Analyze email content (even when encrypted) and prevent compromises by dropping, re-routing or quarantining email messages with the email sensor.
3.    Redirect web pages or drop sessions with the web sensor.

Detect and Prevent Data Loss
Fidelis Network detects and prevents data theft by utilizing our industry-best content decoding and inspection engine. Get ultimate visibility of exfiltration attempts and keep your sensitive data safe.

See everything leaving the network
1.    Analyze network sessions over time to detect data leakage thanks to stored metadata.
2.    Prevent loss of critical and sensitive data through standard and non-standard ports.
3.    Automatically confirm and stop data theft with deep content inspection of all outgoing network activity.
4.    Gain accurate alerts with clear forensic evidence of data exfiltration.
 

Automate Endpoint
Detection and Response (EDR)

Increase endpoint visibility, reduce response time from hours to minutes, and enhance your endpoint protection.

Greater Visibility Means Deeper Insight
Fidelis Endpoint provides visibility into all endpoint activity including process actions, logged in users, registry writes, file system activity, and memory. Detect threats by applying Fidelis Insight threat intelligence, custom alert rules, YARA and OpenIOC formats to analyze, alert, and collect system events. Fidelis visibility is always on, whether the endpoint is on-network or off.

See all endpoint activity
1.    Gain visibility into all activity at the endpoint.
2.    Monitor endpoints in real-time and retrospectively, on and off the network.
3.    Record key events with playback analysis that automatically delivers a timeline related to suspected incidents, along with the prioritized alerts.

Respond Instantly to Attacks
Automatically respond to any detection by executing tasks either shipped with the system or customized for your environment. Response tasks include endpoint isolation, creating and using restore points, process termination and file wiping. You can also jumpstart investigations including memory analysis, vulnerability scans, and system inventory. Integrate with Fidelis Elevate to execute response actions to threats detected in the network.

Detect and respond to threats faster
1.    Detect threats in real-time through behavioral rules and indicators provided by Fidelis Threat Research, third party feeds, custom rules and indicators, and signature and heuristic-based detections from Fidelis AV.
2.    Integrate with SIEMs, NGFWs, and more to execute response actions.
3.    Ensure faster response with our large library of pre-written scripts – and create and use your own.
4.    Create response workflows to automatically kick off remediation, deep analysis, or custom actions by defining alert responses and actions.

Enhance Your Endpoint Protection
Fidelis Endpoint can be enhanced with Fidelis AV so you can see exactly where threats originate. Fidelis AV provides both traditional signature and heuristic-based detection and prevention of threats on the endpoint. Process scanning allows users to block execution of processes by hash or with easily created YARA rules.

Prevent malware and block execution
1.    Detect and prevent known and unknown threats.
2.    See where a threat was detected or prevented in the chain of events.
3.    Leverage a central repository of detected threats via our Global Quarantine capability.
4.    Block process execution with Process Scanning.
 

Enterprise SD-WAN Meets the #1 
Most Secure Next Gen Firewall

an advanced network traffic mining system to provide decision support on network service operation, network security reinforcement on locating problems instantly, powerful traffic analysis with flexibility, and various traffic statistics reports.

A highly flexible and scalable big data platform for network traffic and security analytics, providing immediate network operational insights for carriers, ISPs, and enterprises with large networks through powerful big data analytic ability and rich data visualizations.

GigaSECURE® is purpose-built to reduce architectural complexity, stop tool sprawl and contain costs. Deliver relevant network data to downstream inline threat prevention tools at the rate they can consume.

GigaVUE® Visibility Appliances deliver consistent insight into data that travels across your network, including data centers and remote sites. With the Gigamon solution, you will have the coverage and control you need to safeguard critical network and business assets.

The GigaVUE-HC3 visibility node offers up to 25Tbps of traffic intelligence processing across 32 clustered nodes. The GigaVUE-HC3 enables global 2000 enterprises, government agencies and service providers to gain deeper insight into network traffic, minimize traffic overload and provide more effective options to deploy both inline and out-of-band security tools.

ANCHOR (Ark of Network, Cyber Hamper for Operations Reliability) starts with the spirit of ISO and best practice experience. Each management link in the privileged account lifecycle (certification, application, review, activation, notification, connection, monitoring, reporting, auditing) corresponds to the managing process and auditing requirements and other functions that constitute a centralized managing platform to save the traditional high cost of implement and time costs.
This product uses single portal to complete the privileged account lifecycle management, includes controlled device/group authorization management, temporary ID/connection/password application, audit, auto sign-in, live monitoring, playback, reporting and audit workflow. To exempt unnecessary risks and avoid maintenance disputes, the controlled-device does not need to be installed any software or opened catalogue (Agent-less). It is a solution with best security, best convenience, best initiative, best immediacy, best importability and best usability.

With the advent of the era of IOT networking, the issue of security has surpassed the IT (MIS) level has become a "business risk", This has caused the company to suffer significant losses such as income, competitiveness and company's reputation. However, it is undoubtedly full of challenges to protect itself. Due to a large number of IOT devices, not only the intrusion points are increased, the defense boundaries are expanded, but also the soft firmware update and management are not easy, and the existing security equipment does not cooperate with each other. It is feared that companies will lack visibility of security and will not be able to properly prioritize defenses.Focusing on the threat of IoT equipment, the threat of enterprise protection should be evolved as soon as possible. It is not appropriate to stay in the past to set up multiple devices, write multiple specifications, but neglect to check whether it is implemented or not, it is necessary to define its own important Assets, a thorough understanding of the background of key assets and services, will be able to establish a monitoring mechanism based on this, and be able to accurately identify various normal or abnormal patterns at any time, and finally to the strength of active protection. The main connotation of active protection is similar to the PDCA management cycle. Enterprises first develop KPIs and then based on two major aspects: active attack and strong fortifications. Use SIEM and deep packet analysis systems to detect suspicious activities, and then use firepower to counter and delay each other's speed. It is difficult for hackers to make progress, and finally, based on the clues found, invest resources to implement customized protection measures, and through this evolutionary cycle, continuously strengthen their own fortifications.

The issue of information security is not born now, and it has evolved many times from the past to the present. At the beginning of the period, including anti-virus, firewall, Web, E-mail and other gateway protection, all focused on a single point of protection, a device represents a defense function; later, with the advent of malicious attacks, coupled with the rise of the Internet, the network devices surged, The number of hackers has increased, and the single-point defense is not enough. As a result, the concept of collaborative defense is raised, and the information is exchanged through different types of gateway devices, and then combined with cloud, endpoint and other protection mechanisms to form a joint defense network.
In view of this, HwaCom big data platform for the conduct underlying the development of value-added, and carries out the majority of enterprises to meet the anticipated war intelligence center to help businesses keep abreast of the status of information security, in the moment of the event, send an SMS, App push Or E-mail and other pipelines to provide warnings to help managers know what the current situation of the security and what should be disposed of. Through customization, the corresponding instructions can be issued according to the threat type and policy to the relevant security equipment, and the initiative will be blocked.
In the era of IoT, more and more devices have IP , and they all have the ability to connect to the Internet. For example, in the office, PCs, IP phones, printers, IP cameras, and even punch-clock can all be connected. The intrusion point of malware may also become an accomplice to horizontal spread infection. Therefore, in addition to the protection of the network ( north-south direction), enterprises must also pay attention to the protection of physical devices and internal network behaviors, and establish east-west defense as soon as possible. The emergence of a new generation of Security Dashboard of Hwacom helps enterprises to resist stubborn malicious attacks, firmly guard digital assets, keep pace with the times, adapt to the evolution of security, and quickly establish the corresponding supply of security services. Nowadays, they work with the vendor who has AI analysis on network and endpoint to gather together as a strong security defense fortress.

eDectector is a practical and powerful remote malware-scanning and detecting tool. It detects the behavior of processes and assists users to find out and mark the malwares, even the unknown ones. With this function, you would never be helpless against APT attacks. Besides, eDetector can assist to build an Intranet Security Alarm System, which makes it possible to find the hiding zombie computers earlier. We could hence take the necessary actions against attacks in the shortest time, avoiding the enlarged tragedy of the information security issues.

AXIOM is the only platform that captures and analyzes smartphone, computer, cloud, IoT, and third-party image data, in a single case file — ensuring that no evidence is missed. AXIOM simplifies investigations by surfacing the most relevant evidence into user-friendly artifacts.

Imperva CounterBreach protects enterprise data stored in enterprise databases, file shares and cloud applications from the theft and loss caused by compromised, careless or malicious users.

■ Filtering Threats Inside https
Nowadays cloud services and hacker C&C are all encrypted in https connections, causing traditional security solutions fail to filter the contents. Such services include Hacker Cloud (Botnet C&C / APT), WebMail Cloud (Gmail / Outlook / Yahoo Mail), Social Cloud (Facebook / Twitter / Google Plus), WebHD Cloud (Dropbox / Google Drive / One Drive), Messenger Cloud (Line / Skype / Google Hangout / Facebook Chat). Research reports indicate that at least 60% of the total traffic hides in https tunnels. Auditing, filtering, and forensics the content of traffic is not easy anymore. It’s time to face the truth.

■ Ransonware & Confidential Data Leakage
Recently many computers are locked by ransomware, meaning anti-virus is not fast enough to defend vulnerabilities. Stopping botnet’s command and control return path with malware sandbox are the last defend line for enterprises. InstantCheck® has integrated Google Safe Browsing® malicious website database, Malware Patrol® ransonware C&C prediction, NICST blacklists. Moreover, decrypted malicious files can be sent to InstantTrace® sandbox cloud for further analysis. 

■ Regulatory Compliance
Corporate scandals and breakdowns such as the Enron case have increased calls for stronger compliance and regulations in different kinds of industries, such as Sarbanes–Oxley, ISO27000, PCI-DSS, HIPAA, SEC, FINRA, FSA, IIROC, FERC, NERC, CFTC, NFA. They all require electronic communications to be logged for years for auditing. Of course, it is a must to audit https traffic since most crime activities hide themselves in encrypted https tunnels. 

■ User-Unaware Installation and Digital Forensics
User-unaware installation is extremely important for such auditing tools. InstantCheck® employs transparent mode or proxy mode to install without changing your network architecture. Currently InstantCheck® can filter detailed behaviors and reconstruct mainstream webmail contents (Gmail / Outlook / YahooMail ) webhd contents (Dropbox / One Drive / Google Drive), messenger contents (Line / WeChat / Facebook Chat / Gmail Chat), social contents (Facebook / Twitter) for network data forensics.

■ Professional Apps For Further Analysis
After SSL decryption, InstantCheck® can call the following apps:
(1) Built-in AegisLab® virus signatures who has been listed in VirusTotal® since 2013
(2) Built-in Google Safe Browsing® service for blocking malicious malware URL/IP
(3) Built-in Malware Patrol® ransomware C&C domain prediction engine
(4) Built-in IP/URL blacklists from FireHOL®, Cisco Talos®, NICST®, AegisLab®, ...
(5) Optional InstantAudit® End-Point for audting messages / files of Line/Skype/WeChat
(6) Optional InstantLock® DLP engine for recognizing privacy / confidential data / intellectual properties
(7) Optional InstantTrace® malware analysis for sandboxing unknown threats

AXIOM is the only platform that captures and analyzes smartphone, computer, cloud, IoT, and third-party image data, in a single case file — ensuring that no evidence is missed. AXIOM simplifies investigations by surfacing the most relevant evidence into user-friendly artifacts.

Traditional security solutions are reactive. First detect the threat. Then deal with it. But today’s threats are too sophisticated, too dynamic, too fast to get caught.Networks are often infected before alarm bells go off.Menlo eliminates all web and email security risks through isolation—providing the first truly 100 percent safe browsing experience. The Menlo Security Isolation Platform works by moving the fetch and execute functions of web browsing away from your network to our cloud-based platform. Only sanitized, nonexecutable content is rendered safely in users’ devices—providing a safe yet seamless experience that is no different than before. Suspicious web forms—a common target for hackers—can be rendered in read-only mode, preventing anyone from entering their credentials by accident or on purpose.

The nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more.

• To suit your specific environment, the nShield family of general purpose HSMs are available in three FIPS 140-2 certified form factors：

        nShield Connect－Network-attached appliances
        nShield Solo－PCIe cards for embedding in appliances or servers
        nShield Edge－Portable USB-based modules

• nShield HSMs support for wide variety of uses and deployment scenarios, including PKI, SSL/TLS encryption key protection, code signing, digital certificates/ signing and blockchain, as well as industry’s most widely used operating systems and APIs.
• Cloud-friendly web service interfaces.
• Stronger key management for your cloud data with nShield BYOK.
• Certification to industry standard, such as FIPS 140-2, Common criteria and eidas compliance.
   

High performance UTM & Next- Generation Firewall

High port density and powerful Next-Generation Firewall

Let’s face it. There is no peace time. Whether it be new forms of DDoS attacks, ransomware, phishing attempts compromised BYOD and IoT devices, organizations are under constant threat from all types of advanced cyber threats. To address these evolving threats, overtime, the modern-day security stack has become larger, more complex but unfortunately still is failing as evidenced by the daily reports of data breaches and downtime. 

Security teams need best of breed cyber security solutions that can detect and stop all types of cyber threats - both inbound threats and outbound malicious communication from compromised internal devices. As importantly, these solutions must also be able to integrate into an organization’s existing security stack and/or consolidate functionality to reduce cost, complexity and risk. 

NETSCOUT AED (Arbor Edge Defense) is such a solution. AED’s unique position on the network edge (i.e. between the router and the firewall), its stateless packet processing engine and the continuous reputation based threat intelligence it receives from NETSCOUT’s ATLAS Threat Intelligence feed enable it to automatically detect and stop both inbound threats and outbound communication from internal compromised hosts – essentially acting as the first and last line of defense for organizations.

Governance for all your identities, data and privileged access with visibility, reduced risk and increased control on-prem, hybrid or cloud. Gain simplicity and affordability with a unified governance foundation that addresses the management, auditing and compliance needs that are prerequisites to strong governance.

One Identity Privileged Access Management solutions mitigate security risks and help you achieve compliance by securing, controlling, monitoring, analyzing and governing privileged access to critical organizational data and applications. Our privileged access management solutions enable you to provide the full credential when necessary or limit access with granular delegation for least privileged access. All privileged activity is recorded and all keystrokes are logged with real-time analyzation of activity and data. This eliminates shared credentials and assigns individual accountability to administrator activity with the ability to detect and halt unknown threats immediately. The result is enhanced security and easier compliance with more efficient administration and governance of privileged access.

Administrators struggle to keep up with requests to create, change or remove access with today’s hybrid AD environments and the limited capabilities of native tools of Microsoft Active Directory (AD) and Azure Active Directory (AAD). Thankfully, help has arrived. With One Identity Active Roles, you can solve your security issues and meet those never-ending compliance requirements by securing and protecting on-prem and cloud AD resources simply and efficiently.

Take the stress out of protecting your privileged accounts by securely storing, managing, recording and analyzing privileged access with One Identity Safeguard. Available as a hardened appliance with an intuitive interface, Safeguard can detect and halt unknown threats while satisfying your auditors and admin. It is an integrated solution that combines a secure hardened password safe and a session management and monitoring solution with threat detection and analytics.

The MailCloud messaging system is based on a proprietary big data mail receiving/sending core that provides a variety of access interfaces and a mail archival solution tailored to the customer’s needs. The system can be used and managed over a browser at any time, greatly reducing the cost of e-mail system deployment. Multiple security mechanisms provide effective protection against infected e-mails and spam, phishing e-mails, DoS attacks, and social engineering attacks to create a secure organizational messaging and communication environment.
MailCloud offers full IPv6 support and can run reliably on various types of virtualization platforms to cope with massive increases in mail traffic. It offers a next-generation online service designed to meet the high network traffic generated by cloud technology.
MailCloud has been selected by more than 10,000 local and overseas customers. It is a proven product with more than 10 million licensed users in the public sector as well as telecommunications, construction, financial and service industries.

MailBase Replication Mode makes the archiving of e-mails easy and requires absolutely no changes to the existing network structure and mail process. Its high level of compatibility with cloud mail and mail servers makes deployment fast and easy. Mail life cycle management can store archived e-mails on the local server, cloud service or other external storage media based on access frequency. If there are hundreds of millions of e-mails, a distributed architecture can be used to process all e-mails, speed up searches and carry out mail browsing and auditing tasks. 

E-mails containing all kinds of information can be thoroughly vetted using MailAudit to effectively intercept those that contain personal information such as name, birth date, contact details (e-mail, address, telephone etc.), financial information (credit card number, ID number), etc. Whenever abnormal information traffic or e-mails that may compromise sensitive information are detected, monitoring personnel are immediately notified and a full report is made available to the auditor. Normal e-mails are allowed to pass through while confidential business documents can be sent securely using corporate signatures, PKI encryption and ZIP encryption to the correct recipient.

The ArkEase Pro cloud storage platform can create a secure sharing space that allows users within the organization to share files easily with colleagues or external partners. Recipients, passwords and expiry times can be set for each shared file. A file access history and AES level file encryption function are also available to support ransomware protection which can immediately detect malware and recover the infected files from the platform while keep on sharing file in ease method. The ArkEase Pro cloud storage platform can also synchronize files with designated devices so that users can access the latest files at any time and in any place. Keeping files up to date greatly boosts productivity.

Data Sanitization (CDR) – Sanitize over 30 common file types, and rebuild each file ensuring maximum usability with safe content.
Multi-Scanning – Scan with over 30 anti-malware engines using signatures, heuristics, and machine learning technology for the highest and earliest detection of known and unknown threats.
Vulnerability Assessment - Detect known vulnerabilities in more than 20,000 software applications using over 1 billion hashes.
Data Loss Prevention (DLP) - Content-check emails and 30+ common file types for sensitive information before they are transferred
 

Data diodes are hardware based, bound by the laws of physics and not susceptible to zero day vulnerabilities or any other hacks. These solutions are data and network agnostic, have been deployed across a range of industries and are recommended by the Department of Homeland Security. 
Being data agnostic we can move files, streaming video, TCP/IP, UDP, database records, historians, sensor data, high-res images, system backups, personnel records and many other types of data; along with industrial protocols like Modbus and OPC.  And our network independence lets us work on unclassified, secret and top secret networks for government solutions and IT and OT (Operations Technology) networks for our commercial and industrial customers.

We offer all-in-one solutions with a standard 19” 1U rackmount form factor and a DIN rail form factor for industrial environments.  We also offer server based solutions that utilize off-the-shelf servers populated with our data diode cards.

Designed to be scalable, new software licenses and modules allow end-users to increase bandwidth, add-on new interfaces, and support new protocols.

Cybersecurity spending in the public and private sectors continues to grow, but it is still unresolved in the face of a huge amount of data, highly sophisticated networks and diversified attacks. 
GRISM, the next-generation network visibility platform, can tackle the challenges mentioned above by forming the analysis-assisted monitoring fabric for accurately directing the production network traffic to varied security devices achieving more efficient inspection. GRISM also can extract network metadata that assist behavior tracking, such as DDoS or lateral movement detection, and block massive malicious list of IPs/Domains/URLs according to threat intelligence. That is, GRISM provides not only pervasive and adaptive network visibility but also front-line security.
 

Regardless of the website scale, the vulnerabilities in the website programs are fatal threats to the enterprises. The hackers keep seeking for the vulnerabilities in the website programs. dotDefender uses a variety of program engines which Pattern Recognition, Signature Knowledgebase, Data Leak Prevention, and Upload Inspection included to detect and prevent hacking attacks. dotDefender is the most suitable solution for the Web Application Security. It provides powerful and proactive security protection for websites and web applications.

Database Application Firewall integrates Data Auditing, Data Security, and Data Masking, these main functions. It provides comprehensive security protection for the database to minimize the leakage possibility of confidential information of enterprise by Data Auditing in advance, Data Security immediately and Data Masking in the after. And it could also be integrated with third-party security management (SIEM) systems. Database types supported: MySQL, MsSQL, Oracle, IBM DB2, MariaDB.

Up to 90% of websites are hacked without being awareness about it. Hackers hack the websites to steal data and implant malwares. The goodwill of company might be ruined and you have no idea about is totally. Vulnerability Assessment takes different hacking ways to find out different website vulnerabilities by imitating the hacker behavior. During the process, it won’t affect website performance. By using automatic tool to scan website, we will give you the vulnerability report in detail to list security concerns. The software will be updated or upgraded according to the TOP 10 security vulnerabilities listed by the OWASP every year to strengthen the security of websites.

The cloud hosting is developed by R&D departments in PUMO based on three core ideas, effective, stable and security. The enterprises could use high specification cloud hosting by renting instead of buying. You don’t need to buy the servers, you don’t need to build systems and you don’t need to hire MISs to manager it. Concatenating to the TOP 3 ISPs, hence you don’t be afraid of being disconnected. With a backup architecture, you don’t be worried about server malfunction. With load balance, you don’t be worried about the over loading. Your website will always be available anytime. We value cyber security more than you.

Alteon is Radware’s next-generation application delivery controller (ADC) and the only load balancer that guarantees application SLA. It provides advanced, end-to-end local and global load balancing capabilities for all Web, cloud and mobile-based applications.
Alteon load balancer combines best-of-breed application delivery capabilities, market-leading SSL performance that supports all of the latest encryption protocols, and advanced services to companies with ongoing application lifecycle management challenges that impact the performance of web applications (such as heavier, more complex web content); mobility, and the migration to the cloud.
 

DefensePro provides advanced DDoS prevention, protection and IoT botnet attack mitigation. DefensePro is an award-winning, real-time, perimeter DDoS defense and attack mitigation device, securing organizations against emerging network and applications threats. Part of Radware’s attack mitigation solution, DefensePro provides automated DDoS defense and protection from fast moving, high volume, encrypted or very short duration threats, including IoT-based attacks like Mirai, Pulse, Burst, DNS, TLS/SSL attacks and those attacks associated with Permanent Denial of Service (PDoS) and Ransom Denial-of-Service (RDoS) techniques.

Web application development is becoming increasingly complex and more rapid. DevOps is increasing the level of functionality and frequency of product releases. With application availability more important to the user experience than ever, web applications are becoming increasingly vulnerable, exposing enterprises to the risk of data breach and financial loss.

Distributed denial-of-service (DDoS) attacks are becoming more frequent, more powerful and more sophisticated. With the growing availability of attack tools and global botnets, the pool of possible attacks is larger than ever. Relying on humans to block attacks is simply not enough, and organizations dependent on manual-based protection are not fully protected from today’s threats.

The requirements for documents security of Taiwanese businesses have grown from 「image capture backup」to focusing on「audit trail record」. The protection of businesses secrets has evolved from after-the-fact auditing to analyzing and preventing unusual activities in advance of the businesses secrets leaking. Ricoh Taiwan will unveil DocTracker AI during the 2019 Cybersec. Combining Machine Learning, this solution will achieve the ultimate goal of taking preemptive measures to protect business secrets and Ricoh Taiwan will usher in the next era of document security.

Sangfor IAM is a superior internet access management solution, which consists of professional bandwidth management, application control, URL filter, traffic control, information control, illegal hotspot/proxy control, behavior analysis, wireless network management and many more features. This solution can truly help you achieve Unified Internet Behavior Management of all clients in the entire network.

Sangfor NGAF is the world's first AI enabled and fully integrated NGFW + WAF with an all-around protection from all threats. It is a truly secured, integrated and simplified firewall solution, providing holistic overview of the entire organization security network, with ease of management for administration, operation & maintenance.

Sangfor aCloud is the new generation of cloud IT architecture. It is built on innovative hyper-converged technology, with complete IT infrastructure and O&M management service capabilities. It can carry key business applications such as core databases, ERP, financial systems, production systems. Unlike traditional cloud solutions, Sangfor Enterprise Cloud built on HCI is more simplified and flexible, enabling users to quickly build business-driven cloud computing data centers; no matter it’s private, hybrid or industrial cloud. It delivers to users IT resource pool, IT as a Service, and automated IT O&M, making it easy for key business to migrate to the cloud. It is the preferred solution for government, organization and enterprise users.

Sangfor aDesk VDI – A Virtual Desktop Infrastructure Solution Sangfor aDesk VDI (Virtual Desktop Infrastructure) Solution is the latest virtual desktop cloud solution based on hyper-converged infrastructure. Through deeply integrated server virtualization, desktop virtualization and storage virtualization, it only takes an aDesk thin client appliance and a cloud terminal to deliver rapid deployment of cloud platform. This desktop virtualization solution assures an outstanding user experience, and software/hardware/peripheral comparable to PC.

Sangfor WANO (WAN Optimization) can be deployed in the WAN gateway of data centres and branch offices. Through traffic reduction, stream compression, stream cache, protocol acceleration and other leading technologies, Sangfor WANO can cut up to 70% of redundant traffic, reduce packet loss rate to below 1%, save 50 % of link costs and improve application speed by 3-10 times to achieve huge improvement for application performance & WAN speed.

Sangfor IAM is a superior internet access management solution, which consists of professional bandwidth management, application control, URL filter, traffic control, information control, illegal hotspot/proxy control, behavior analysis, wireless network management and many more features. This solution can truly help you achieve Unified Internet Behavior Management of all clients in the entire network.

Sangfor NGAF is the world's first AI enabled and fully integrated NGFW + WAF with an all-around protection from all threats. It is a truly secured, integrated and simplified firewall solution, providing holistic overview of the entire organization security network, with ease of management for administration, operation & maintenance.

Sangfor aCloud is the new generation of cloud IT architecture. It is built on innovative hyper-converged technology, with complete IT infrastructure and O&M management service capabilities. It can carry key business applications such as core databases, ERP, financial systems, production systems. Unlike traditional cloud solutions, Sangfor Enterprise Cloud built on HCI is more simplified and flexible, enabling users to quickly build business-driven cloud computing data centers; no matter it’s private, hybrid or industrial cloud. It delivers to users IT resource pool, IT as a Service, and automated IT O&M, making it easy for key business to migrate to the cloud. It is the preferred solution for government, organization and enterprise users.

Sangfor aDesk VDI – A Virtual Desktop Infrastructure Solution Sangfor aDesk VDI (Virtual Desktop Infrastructure) Solution is the latest virtual desktop cloud solution based on hyper-converged infrastructure. Through deeply integrated server virtualization, desktop virtualization and storage virtualization, it only takes an aDesk thin client appliance and a cloud terminal to deliver rapid deployment of cloud platform. This desktop virtualization solution assures an outstanding user experience, and software/hardware/peripheral comparable to PC.

Sangfor WANO (WAN Optimization) can be deployed in the WAN gateway of data centres and branch offices. Through traffic reduction, stream compression, stream cache, protocol acceleration and other leading technologies, Sangfor WANO can cut up to 70% of redundant traffic, reduce packet loss rate to below 1%, save 50 % of link costs and improve application speed by 3-10 times to achieve huge improvement for application performance & WAN speed.

HiGuard X is an all-in-one UTM that operates at gigabit speed up to 1.8 Gbps and carries several main categories across your network security deployments: firewall security protection, policy auditing (anti-virus, In-Line IPS, content filtering, VPN bandwidth, and authentication), and easy management (wireless AP control, bulletin board and Co-Defense). The web-based interface provides friendly and consistent user experience, auto firmware update, and multi-languages supported. Configuration files can be imported and exported directly to and from HiGuard X. By simply plugging in a USB modem into HiGuard X, wireless 3G, 4G/LTE are supported to offer secure and uninterrupted WAN connectivity.

Data diodes are hardware based, bound by the laws of physics and not susceptible to zero day vulnerabilities or any other hacks. These solutions are data and network agnostic, have been deployed across a range of industries and are recommended by the Department of Homeland Security. 
Being data agnostic we can move files, streaming video, TCP/IP, UDP, database records, historians, sensor data, high-res images, system backups, personnel records and many other types of data; along with industrial protocols like Modbus and OPC.  And our network independence lets us work on unclassified, secret and top secret networks for government solutions and IT and OT (Operations Technology) networks for our commercial and industrial customers.

We offer all-in-one solutions with a standard 19” 1U rackmount form factor and a DIN rail form factor for industrial environments.  We also offer server based solutions that utilize off-the-shelf servers populated with our data diode cards.

Designed to be scalable, new software licenses and modules allow end-users to increase bandwidth, add-on new interfaces, and support new protocols.

When you need to know and control everything within your organization. When you need to intervene at a moment’s notice- that’s when Fudo PAM’s proactive monitoring gives you the power to detect and terminate any suspicious activity.

Our DigiSAFE Data Diode is a unidirectional communications and data transfer gateway that enables organisations to transfer data securely across physically separated networks. It complements our suite of indigenous cybersecurity products that enhance the security and resilience of Information Technology and Operation Technology infrastructures from targeted cyber attacks.

Discover the World’s First Ultra-Slim Encrypted Data Storage with Two-Factor Authentication smartcard protection. DiskCrypt M10 is designed with the highest security standards, DiskCrypt M10 enables organisations, government agencies and critical infrastructures to protect data with absolute confidence. Coupled with its ultra-slim profile and credit card size, DiskCrypt M10 offers unrivalled mobility and style to the modern workforce. 

Black Computer Is a cutting edge technology with has a dual operating system and network that allows users to operate in both trusted secure (intranet) and untrusted unsafe (internet) environment securely without compromising productivity. It enables network separation and allow users to defeat ransomware with a simple command. The Black Computer also has a backend system, that allow organisation to Protect, Detect, Respond and Recover from cyber threats effectively. Providing security at your convenience. 

High performance UTM & Next- Generation Firewall

High port density and powerful Next-Generation Firewall

Businesses can be at risk of losing important data. Lost data leads to costly downtime, customer dissatisfaction, regulatory fines, and lost revenue. As a result, IT pros must meet extremely high expectations. You need to keep the company running 24-hours a day.

Acronis Backup delivers the data protection that meets today’s demands. It keeps your business running, protecting any workload, scaling without limits, and saving you money.

Acronis Backup keeps your business operations running by ensuring your data is always available. AI- and ML-based technologies proactively defend data against ransomware attacks, and with near-instant recoveries, you’ll meet even the shortest RTO, avoid operational outages, loss of productivity and costly downtime caused by infections and recovery efforts.

Acronis Backup reliably protects any data source on 21 platforms - virtual, physical, cloud and mobile, regardless of the size or location of the data. As your data needs grow or your infrastructure evolves, keeping company data secure is easy with flexible, scalable storage and simple backup administration.

Increase overall performance of your production systems and avoid unnecessary disruptions while moving to another system. Improve recovery point objectives (RPO) with the ability to run frequent backups. Instantly protect your systems with the simplest install process possible.
 

Scalable on-site business security for organizations of all sizes 
Designed to simplify the demanding security needs of today's organizations

F-Secure Business Suite is an on-site business security solution that offers the best continuous protection for your organization by combining the best of accumulated expertise, advanced technologies, and modern, cutting-edge features with full on-site control. It is a full protection bundle designed to cover the demanding business security needs from gateway to endpoint.

• Layered protection to protect your assets from gateway to endpoint
• Best protection levels covering both known vulnerabilities and new, emerging threats
• Advanced management features to allow you full control of your organization's IT security
• Less work through automation of daily tasks
• Less hassle with a scalable all-in-one package with flexible and transparent licensing for organizations of all sizes
   

Stop threats before they reach your people and respond quickly when things go wrong. Our innovative solutions prevent, detect, and notify you of advanced threats – through email, mobile, social, and the desktop – and help you resolve them before they cause lasting harm.

TWM’s Multi-layer Anti-DDoS Service is constructed on TWM backbone network. It can block massive DDoS attack data packets. Enterprise clients can deploy DDoS defense without changing their network infrastructures. The service can detect and defense different types of DDoS attacks from layer 3 to layer 7 24x7.

Internet attacks vary from time to time. Enterprise now has to face compound internet attacks. Thus, comprehensive information security deployment is future trend. In addition to deploy information security equipment, how to manage the equipment also matters. Once enterprise gets warnings from SOC service, TWM has rich-experienced information security consulting team, which provides consultant service, to help enterprise on finding solutions and giving suggestions. As a result, enterprise doesn’t have to spend a huge cost on training information security professionals. 

TWM cooperates with Check Point on developing All-in-one UTM solutions. It contains high speed FTTx service and All-in-one UTM. Enterprise can enjoy anti-malware service, spam detection, malicious sites defense, etc. and can pay the fee monthly.

M+ Messenger is an instant communication application for enterprise. It contains enterprise exclusive functions such as instant message, corporate directory, bulletin board, etc. Not only convenience, M+ Messenger is also the safest IM application. It passes ISO27001, ISO27011, and ISO27018 information security certificates. It certainly the best communication tool for enterprise.

TWM’s Vulnerability Assessment Service can assist enterprise to find their system and web vulnerabilities, so enterprise can fix the vulnerabilities as soon as possible to prevent attacks.

Intrusion Prevention System can detect and block internet intrusion attacks instantly. By blocking internet attacks like virus, worm, Trojans, and DDoS attacks, Intrusion Prevention System can assist lower the risk of information security.

【IP-guard Endpoint Protection】 Designed to protect and manage endpoint computers against potential data theft by recording end-user operation logs and enforcing corporate policies and regulations. IP-guard provides end-user operation analysis by collecting detailed document, application, website, peripheral and many other operation logs. Whilst collecting user logs the IP-guard can generate real-time warnings alerts to notify any unauthorized behaviors and intervene operation against corporate policies.

【IP-guard V+ Document Encryption】A robust and reliable document encryption system that automatically encrypt documents on creation to ensures documents only accessible in the authorized environment.  Apart from the traditional encryption methodology, IP-guard V+ Document encryption emphasis on the smoothness of data transfer within the organization and between supplier and vendors. IP-guard’s USB agent, offline reader facilitates the obstacle when opening encrypted document outside authorized environments.

【IP-guard Encryption Security Gateway】 designed to work in conjunction with IP-guard V+ Document Encryption system to avoid customization with existing ERP, CRM, revision control system and act as the gateway to prevent any unauthorized device interact with abovementioned systems.

【IP-guard Data Discover】designed to scan existing documents to detect predefined keyword and patterns within the documents.  IP-guard data discover work in conjunction with IP-guard V4 endpoint protection and IP-guard V+ document encryption to prevent detected documents been copied, mail or uploaded etc. to unauthorized medium. 

【IP-guard Network Access Control】Designed to increase the safety of the network by limiting the availability of network resource to endpoint computers. IP-guard NAC works in conjunction with IP-guard endpoint protection to deny network access to computers who do not meet the minimum requirement of corporate regulation.

Built on leading Nessus security technology, Tenable.sc and Tenable.io are market-leading Cyber Exposure Platform, which gives you a comprehensive picture of your network and IT assets. You get real-time, continuous assessment of your security and compliance posture so you can discover unknown assets and vulnerabilities, monitor unexpected network changes and prioritize weaknesses to minimize your cyber risk and prevent breaches. It is the only solution that brings together discovery of on premises and cloud-based assets, active and passive vulnerability assessment, configuration auditing, change detection, malware detection, threat intelligence and analysis of network and user activity.

We adopt the exclusive patented technology of DRM/Area DLP/CASB to provide a full-scale data protection solution for endpoint, file server, web application and cloud environment. This helps directly protect a variety of important files, pictures, web content and source coded. The most brilliant part of the TrustView solution is the three-tier file protection design. The company can introduce a solution on its own to meet its special requirements and create most suitable data security for the operation.

Tufin Orchestration Suite (TOS) provides end-to-end visibility and control of an enterprise’s network security, spanning the data center to the hybrid cloud. Tufin Orchestration Suite includes three products – SecureTrack, SecureChange, and SecureApp. 
Tufin reduces the enterprise’s attack surface and minimizes disruptions to critical applications. Our solution uses policy to automatically analyze risk, and design, provision, and audit network security changes. 
Using network security automation, our customers are able to implement security changes in minutes instead of days with continuous compliance and increased agility. 
Tufin Orchestration Suite provides multi-vendor device support for leading enterprise networks, including finance, telecom, energy and utilities, healthcare, retail, education, government, manufacturing, transportation and auditing. 
We partner with leading technology vendors such as Amazon Web Services, Check Point Software, Cisco, Fortinet, Microsoft Azure, Palo Alto Networks, VMware, and more.

EP-4643S2/D2-FGSC

• The 4U/64bays storage solution
• Provides higher storage density, space saving, efficient power consumption
• 16Gb FC or 12Gb SAS with redundant or single controller module configurations
• Modularization and hot plugging design

Verint’s Threat Protection System (TPS) combines multiple advanced detection engines that monitor the network, endpoints and payloads, with proactive threat hunting, deep forensics gathering, and advanced investigation tools, that operate seamlessly through automated processes.

An Endpoint Detection & Response tool designed to exploit ESET's multilayered Endpoint Protection Platform. All layers send relevant data to ESET Enterprise Inspector, which analyzes vast amounts of real time endpoint data. The result is complete prevention, detection and response solutions for quick analysis and remediation of any security issue in the network enabling organizations to take immediate action to:Detect advanced persistent threats/Stop file less attacks/Block zero-day threats/Protect against ransomware/Neutralize state-sponsored attacks

Get in-depth, up-to-date global knowledge about specific threats and attack sources, traditionally difficult to detect for security engineers, who access information only within their own networks. Enable your organization to:Block targeted attacks/Protect against phishing/Stop botnet attacks/Detect advanced persistent threats

A Network Traffic Analysis tool helps enterprise, government, and critical infrastructure users make their IT operations secure and reliable through advanced artificial intelligence, machine learning, and big data analysis.
#Provides round-the-clock security monitoring
#Gives you powerful rapid detection & response capabilities
#Take advantage of the solution’s powerful detection capabilities
#Let’s you gain a deep visibility into the internal network
#Powerful and easy to use

provides another layer of security for ESET products like Mail Security and Endpoint products by utilizing a cloud-based sandboxing technology to detect new, never before seen type of threats. Future proof your company IT security with:Behavior-based Detection/Machine Learning/Zero-day Threats Detection/Cloud Sandbox

Leverages a multilayered approach that utilizes multiple technologies in dynamic equilibrium to constantly balance performance, detection and false positives enabling organizations to:Protect against ransomware/Block targeted attacks/Prevent data breaches/Stop file-less attacks/Detect advanced persistent threats

Provides advanced protection for your company’s data passing through all general servers, network file storage including OneDrive, and multi-purpose servers to ensure business continuity via:Ransomware prevention/Zero-day threats detection/Data breaches prevention/Botnet protection

Provides an additional layer of security to organizations who are interested in stopping threats from ever reaching their users – multilayered security of the host itself with:Anti-malware/Anti-spam/Anti-phishing/Optional Cloud Sandbox analysis

Provides real-time visibility for on-premise and off-premise endpoints as well as full reporting for ESET enterprise-grade solutions from a single pane of glass securely deployed on premise or in cloud.(Complete network visibility/Full security management/Flexible reporting/Security management automation)

#Low System Demands. Leaves more system resources free while still delivering complete protection
#Remote Management. Fully manageable via ESET Remote Administrator 6
#Employs ESET's award-winning LiveGrid® scanning engine

A simple to use encryption application providing full remote control of endpoint encryption keys and security policy for files on hard drives, portable devices and emails. Ensures:Zero data breaches/Compliance with requirements/Seamless encryption

A simple, effective way for businesses of all sizes to implement multi-factor authentication across commonly utilized systems. Enables your organization to:Prevent data breaches/Meet compliance requirement/Easily manage authenticati/Secure mobile devices

#Covers all data leak channels
#Saves the cost of repairing a data breach.
#Identifies suspicious activities before they result in lost time and money.
#Reduces personnel costs by identifying productivity issues and improving work performance.

With ESET Shared Local Cache and the protection of an ESET security product, one of which must be present on each virtual machine, you get the same full set of tools and security features that you would have in a physical environment, plus significantly boosted scanning speed.

By leveraging VMware agentless technology, protecting compatible hypervisors is as simple as using ESET Virtualization Security Appliance. The solution is natively compatible with ESET Remote Administrator 6, ESET’s web-based console for rapid task execution and complete endpoint security management.

Leverages a multilayered approach to provide complete protection and secure device management of your Android mobile devices. Enables:Protection against ransomware/Data loss prevention/Application control/Remote management

Set-up, configure and monitor all company iOS devices from a single pane of glass. Enables:Anti-theft/Web content filtering/Applications white/black listing/Device security

24-Hour real-time protection. No need to wait for a problem to be realized to take action.

Allows user to access websites through a powerful filter which eliminates any malicious threats from URL links.

Disarms any malicious file threats, including macro, script, VB… etc.

Detects, scans, removes both known and unknown threats in the plugged-in device and neutralizes any zero-day exploits.

Through API integration, automatically removes all known and unknown threats from all files before reaching company’s internal system via all channels.

WatchGuard's UTM is the industry's highest performance, full-featured and cost-effective product. Includes security services suite: application control, intrusion prevention, website filtering, gateway anti-virus, reputation protection, spam blocking, web exploration, advanced persistent penetration attack interception (APT), data leakage prevention, (DLP) , Threat Detection and Response (TDR), DNSWatch, Dimension Command. The Firebox's full range of firewalls have built-in wireless network controller functionality, eliminating the need to purchase additional wireless user licenses.

WatchGuard Wi-Fi Cloud is where you take your access points to unlock their full potential. With a Secure Wi-Fi license, you get unprecedented WIPS security, compliance reporting including PCI, Wi-Fi vulnerability assessment reporting, and every enterprise-grade WLAN feature you’ll need to take your APs into the toughest environments – with features like live floorplan views, hotspot 2.0, application firewall, and role-based access with 802.1x. Unlock the rest of the power of the Wi-Fi Cloud with a Total Wi-Fi license and gain easy-to-customize, engaging captive portals with authentication options including Facebook, Twitter, SMS, email, and a powerful location-based analytics engine equipped with customizable reports for automated delivery to your inbox.

Hackers are designing malware to be more sophisticated than ever. Through packing, encryption, and polymorphism, cyber criminals are able to disguise their attacks to avoid detection. Zero day threats and advanced malware easily slip by antivirus solutions that are simply too slow to respond to the constant stream of emerging threats. Organizations of all sizes need a solution that leverages a holistic approach to security from the network to the endpoint. WatchGuard Threat Detection and Response (TDR) is a powerful collection of advanced malware defense tools that correlate threat indicators from Firebox appliances and Host Sensors to stop known, unknown and evasive malware threats.

Our unique multi-factor authentication (MFA) solution not only helps to reduce the likelihood of network disruptions and data breaches arising from lost or stolen credentials, but we deliver this important capability entirely from the Cloud for easy set-up and management. AuthPoint goes beyond traditional 2-Factor Authentication (2FA) by considering innovative ways to positively identify users, and our large ecosystem of 3rd party integrations means that you can use MFA to protect access to the network, VPNs, and Cloud applications. Even non-technical users find the AuthPoint mobile app easy and convenient to use!

Governance for all your identities, data and privileged access with visibility, reduced risk and increased control on-prem, hybrid or cloud. Gain simplicity and affordability with a unified governance foundation that addresses the management, auditing and compliance needs that are prerequisites to strong governance.

One Identity Privileged Access Management solutions mitigate security risks and help you achieve compliance by securing, controlling, monitoring, analyzing and governing privileged access to critical organizational data and applications. Our privileged access management solutions enable you to provide the full credential when necessary or limit access with granular delegation for least privileged access. All privileged activity is recorded and all keystrokes are logged with real-time analyzation of activity and data. This eliminates shared credentials and assigns individual accountability to administrator activity with the ability to detect and halt unknown threats immediately. The result is enhanced security and easier compliance with more efficient administration and governance of privileged access.

Administrators struggle to keep up with requests to create, change or remove access with today’s hybrid AD environments and the limited capabilities of native tools of Microsoft Active Directory (AD) and Azure Active Directory (AAD). Thankfully, help has arrived. With One Identity Active Roles, you can solve your security issues and meet those never-ending compliance requirements by securing and protecting on-prem and cloud AD resources simply and efficiently.

Take the stress out of protecting your privileged accounts by securely storing, managing, recording and analyzing privileged access with One Identity Safeguard. Available as a hardened appliance with an intuitive interface, Safeguard can detect and halt unknown threats while satisfying your auditors and admin. It is an integrated solution that combines a secure hardened password safe and a session management and monitoring solution with threat detection and analytics.

Our DigiSAFE Data Diode is a unidirectional communications and data transfer gateway that enables organisations to transfer data securely across physically separated networks. It complements our suite of indigenous cybersecurity products that enhance the security and resilience of Information Technology and Operation Technology infrastructures from targeted cyber attacks.

When you need to know and control everything within your organization. When you need to intervene at a moment’s notice- that’s when Fudo PAM’s proactive monitoring gives you the power to detect and terminate any suspicious activity.

Enterprise Threat Protector (ETP) enables security teams to proactively identify, block, and defend against targeted threats using Domain Name System (DNS) such as malware, ransomware, phishing, and data breaches. Enterprise Threat Protector leverages the real-time intelligence provided by Akamai Cloud Security Intelligence and Akamai's proven, recursive DNS platform around the world to deliver security, control and visibility to your business while easily integrating with your existing network defenses.

Enterprise Threat Protector (ETP) enables security teams to proactively identify, block, and defend against targeted threats using Domain Name System (DNS) such as malware, ransomware, phishing, and data breaches. Enterprise Threat Protector leverages the real-time intelligence provided by Akamai Cloud Security Intelligence and Akamai's proven, recursive DNS platform around the world to deliver security, control and visibility to your business while easily integrating with your existing network defenses.

SafeNet KeySecure from Gemalto is the industry’s leading centralized key management platform, and is available as a hardware appliance or hardened virtual security appliance. By utilizing SafeNet KeySecure, organizations benefit from its flexible options for secure and centralized key management – deployed in physical, virtualized infrastructure, and public cloud environments.

Only Gemalto can deliver key management appliances across FIPS-validated hardware or a virtual appliance with a hardware root of trust using SafeNet Hardware Security Modules or Amazon Cloud HSM service.

SafeNet Tokenization from Gemalto protects sensitive information by replacing it with a surrogate value that preserves the length and format of the data. The solution tokenizes numeric and alphanumeric data and returns tokens in an unlimited number of formats.

SafeNet Tokenization is used to address a wide range of use cases, including:

• Securing primary account numbers to achieve PCI DSS compliance
• Protecting personally identifiable information (PII) and other sensitive data
• Big data protection
• Scenarios that require static data masking or the exposure of production databases to non-production environments, such as testing, development, staging, research, and more.

SafeNet ProtectFile provides transparent and automated file-system level encryption of sensitive data in the distributed enterprise, including Direct Attached Storage (DAS), Storage Area Network (SAN), and Network Attached Storage (NAS) servers using CIFS/NFS file sharing protocols.

Our enterprise file encryption solution secures unstructured data on servers, such as credit card numbers, personal information, logs, passwords, configurations, and more in a broad range of files. Examples include word processing documents, spreadsheets, images, database files, exports, archives, and backups, and big data implementations. SafeNet ProtectFile can be deployed across on-premises, virtual, public cloud, and hybrid environments.

Cloud Data Protection at Its Best
The industry's first comprehensive cloud data protection solution, SafeNet ProtectV enables organizations to securely migrate to the cloud, encrypt entire virtual machine instances and attached storage, control access to data in the cloud, and address industry security standards and regulations.

Allied Telesis Secure Enterprise Software Defined Networking™ (SES) is a state-of-the-art network management and security solution. It provides what enterprises consistently tell us they need: reduced network management costs, increased security and an improved end-user experience.
1.    AUTOMATIC SECURITY THREAT ISOLATION AND REMEDIATION
Most organizations utilize an Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) to defend their network from attacks. However, an IPS can introduce latency and bottlenecks, and most IDS can only warn if a threat has been found; they cannot act to block the offending traffic. By the time the operator reacts to the warning, it may be too late. It is then capable of automatically quarantining the suspect device and applying remediation so that it can re-join the network with a minimum of network disruption and without manual intervention. Responses are configurable and comprehensive logging provides a clear audit trail of the actions taken. This is a truly innovative feature that helps organizations avoid lost time and unnecessary disruption to services.
2.    BLOCK THREATS AT SOURCE
Most IPS solutions are only capable of blocking suspicious traffic as it passes through the IPS device. Since this tends to be near the gateway to the Internet, only external threats can be detected and blocked (this is the traditional “secure border” model). However, SES can isolate traffic anywhere in the network, so it can prevent threats not only on the border, but threats inside the network too through USB drives, BYOD, etc. This makes SES an innovative security solution that can monitor traffic entering and traversing the local network without introducing latency or bottlenecks.
3.    WIRED AND WIRELESS SDN
SES is the first commercial SDN solution for wireless networks that offers programmability and control inside the network where it is most vulnerable. Allied Telesis wireless access points are OpenFlow capable and can be controlled by the SES controller to provide a dynamic wireless network that offers end-users a better experience. New policies and security updates can be easily implemented from the centralized controller to all access points in seconds, to dramatically cut the time required for network and security management, with a corresponding reduction in operating costs.
4.    OPEN AND FLEXIBLE SDN SOLUTION
SES interoperates with networks containing compatible OpenFlow switches, and a range of physical and virtual firewall products. There is no need for a forklift upgrade of the network to take advantage of the benefits of SES – it can interoperate with a wide range of existing equipment.
SES also integrates with Allied Telesis Autonomous Management Framework™ (AMF), which is a powerful network management and automation tool that also delivers cost and time savings. When used with AMF, SES no longer relies on the OpenFlow protocol to communicate with the network devices. Instead it can use AMF to deliver instructions to conventional network devices. Therefore, this provides all the benefits of an SDN solution without the need for OpenFlow. This lowers the risk and cost for enterprises to adopt SDN solutions since their existing network can remain unchanged.

Released originally in September 2005, ALog ConVerter is an agentless (non-resident program) access log management tool. ALog ConVerter takes a server event log and looks for file access, domain logins, and other activity, providing all-in-one proprietary analysis and file compression for long-term storage. 

ALog EVA is the latest product in the ALog ConVerter series, the No.1 seller in the server access market for 11 consecutive years. ALog EVA takes ALog Convertor to a new level by making it possible to detect irregular or illegal activities through a wider range of big data by various network devices and application logs via advanced correlations techniques.
 

•    Server Access Log Management
•    Acquires server access from layers of Operation System (OS)
•    Integrated log management system of multiple servers 

•    Database Log Management
•    Acquires log from the database application layers
•    Stores scattered database logs as a unified data

•    Simplified SIEM 
•    Expands the domain of ALog protection
•    Unifying log product 
 

•    Server Management 
•    Multifunctional server management tool
•    EX) Identifying access permission information of particular folders, eliminating  unnecessary files, etc.  

Cellopoint Secure Email Gateway (SEG) is an integrated email security gateway solution deployed in front of the Mail Server. It uses the original CelloOS technology and the industry-leading CelloCloud, a Cloud online security system, with a multi-layer scanning mechanism to effectively block the threats of Advanced Malware、Ransomware、Businese Email Compromise、Spam、Virus、Phishing Emails、Spyware、Mail Bombs, and Springboard attacks from entering your network and protecting the email security infrastructure, while improving the performance of the mail server.

Cellopoint provide Sender IP reputation lists、the latest malicious email with malware MD5 or fingerprint、new url malicious database and phishing emails patterns through customize service.

Cellopoint mail policy engine can pre-establish DLP detection conditions and execution actions of enterprise organization's outbound mail, in order to detect and protect personal information、business secrets and company intellectual property. Outbound mail encryption provides PDF which is easy to use,  HTTPs encryption, and S/MIME encryption that emphasizes strict protection, both practical, convenient and also for highly sensitive information protection. Email encryption is no longer a high-tech technology, which providing organizations with flexible planning of email security.

A platform to integrate network data residing in different sources and provide real-time network status, access control and end-point security.

SYNESIS Portable provides mobility for big data packet capture needs without sacrificing high fidelity lossless packet capture performance at any Ethernet speed: 1G/10G/100G. The rugged SYNESIS Portables are ideal for lab, offsite locations, and data centers as temporary big data packet collectors. SYNESIS Portables are self-contained units with their own monitor, keyboard, and mouse trackpad and all of the necessary software.
The rackmount SYNESIS, with its higher performance and larger storage capacity, is designed to monitor critical links for long-term forensic needs.

Enterprise Data center architecture has evolved dramatically in recent years, enabling it to e¬ectively run large-scale, distributed, multi-tier applications across public, private and hybrid cloud environments. To support and ultimately ensure delivery of business-critical applications and services, an elastic data center architecture and agile development model has emerged to share workloads, data and resources across the multi-cloud environment. However, IT monitoring solutions have not kept pace with this new wave of multi-cloud dynamics and the agile DevOps model. Current tools have reinforced the established silos that separate applications, virtual infrastructure, physical infrastructure and blind to public cloud resources. As a result, IT Ops teams have no inter-silo correlation across clouds and are unable to e ciently plan, migrate, optimize, right-size and solve problem on hand. There is also a lack of a single console across the multiple cloud providers and on-premise deployments for ubiquitous visibility for the workload and its dependencies. 
Uila solution aligns business applications and IT Operations in a single product with application visibility and correlated network, compute and storage insights across clouds boundaries.

Released originally in September 2005, ALog ConVerter is an agentless (non-resident program) access log management tool. ALog ConVerter takes a server event log and looks for file access, domain logins, and other activity, providing all-in-one proprietary analysis and file compression for long-term storage. 

ALog EVA is the latest product in the ALog ConVerter series, the No.1 seller in the server access market for 11 consecutive years. ALog EVA takes ALog Convertor to a new level by making it possible to detect irregular or illegal activities through a wider range of big data by various network devices and application logs via advanced correlations techniques.

•    Server Access Log Management
•    Acquires server access from layers of Operation System (OS)
•    Integrated log management system of multiple servers 

•    Database Log Management
•    Acquires log from the database application layers
•    Stores scattered database logs as a unified data

•    Simplified SIEM 
•    Expands the domain of ALog protection
•    Unifying log product 

•    Server Management 
•    Multifunctional server management tool
•    EX) Identifying access permission information of particular folders, eliminating  unnecessary files, etc.  

SecureCube Access Check is a gateway-based privileged access management solution. It is all-in-one product, equipped with strong authenticaion feature, authorization flow by using policy and request-approval based, and privileged session monitoring feature that can monitor the operation of system administrator during access to servers or network devices. It has been deployed world-wide and has study case in a very large environment with minimum deployment time.

Uni-ID Libra is a customer identity and access management (CIAM) solution. It has all features that is needed to control the identity and access for customers by strengthening the security and maintain the usability. It also has the feature to identify possible fraud used by the identity in the service.

Vulnerability Explorer (VEX) is a web application assessment solution. Very high detection rate is one of the strong point of this solution. Developed based on long experience in web application penetration test, we can even use this solution to check a production server that is located behind a web application firewall with a non-destructive method.

SafeNet KeySecure from Gemalto is the industry’s leading centralized key management platform, and is available as a hardware appliance or hardened virtual security appliance. By utilizing SafeNet KeySecure, organizations benefit from its flexible options for secure and centralized key management – deployed in physical, virtualized infrastructure, and public cloud environments.

Only Gemalto can deliver key management appliances across FIPS-validated hardware or a virtual appliance with a hardware root of trust using SafeNet Hardware Security Modules or Amazon Cloud HSM service.

SafeNet Tokenization from Gemalto protects sensitive information by replacing it with a surrogate value that preserves the length and format of the data. The solution tokenizes numeric and alphanumeric data and returns tokens in an unlimited number of formats.

SafeNet Tokenization is used to address a wide range of use cases, including:

• Securing primary account numbers to achieve PCI DSS compliance
• Protecting personally identifiable information (PII) and other sensitive data
• Big data protection
• Scenarios that require static data masking or the exposure of production databases to non-production environments, such as testing, development, staging, research, and more.

SafeNet ProtectFile provides transparent and automated file-system level encryption of sensitive data in the distributed enterprise, including Direct Attached Storage (DAS), Storage Area Network (SAN), and Network Attached Storage (NAS) servers using CIFS/NFS file sharing protocols.

Our enterprise file encryption solution secures unstructured data on servers, such as credit card numbers, personal information, logs, passwords, configurations, and more in a broad range of files. Examples include word processing documents, spreadsheets, images, database files, exports, archives, and backups, and big data implementations. SafeNet ProtectFile can be deployed across on-premises, virtual, public cloud, and hybrid environments.

Cloud Data Protection at Its Best
The industry's first comprehensive cloud data protection solution, SafeNet ProtectV enables organizations to securely migrate to the cloud, encrypt entire virtual machine instances and attached storage, control access to data in the cloud, and address industry security standards and regulations.

Secure your sensitive data and critical applications by storing, protecting and managing your cryptographic keys in SafeNet Luna Network Hardware Security Modules (HSMs)- high-assurance, tamper-resistant, network-attached appliances offering market-leading performance.
Contact us to learn how you can integrate SafeNet Luna Network HSMs into a wide range of applications to accelerate cryptographic operations, secure the crypto key lifecycle, and provide a root of trust for your entire encryption infrastructure.
 

The SafeNet Luna Payment HSM from Gemalto is a network-attached Hardware Security Module (HSM)designed for retail payment system processing environments for credit, debit, e-wallet and chip cards, as well as Internet payment applications. It offers secure PIN and card processing, message authentication, comprehensive key management, and general-purpose cryptographic processing.

Allied Telesis Secure Enterprise Software Defined Networking™ (SES) is a state-of-the-art network management and security solution. It provides what enterprises consistently tell us they need: reduced network management costs, increased security and an improved end-user experience.
1.    AUTOMATIC SECURITY THREAT ISOLATION AND REMEDIATION
Most organizations utilize an Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) to defend their network from attacks. However, an IPS can introduce latency and bottlenecks, and most IDS can only warn if a threat has been found; they cannot act to block the offending traffic. By the time the operator reacts to the warning, it may be too late. It is then capable of automatically quarantining the suspect device and applying remediation so that it can re-join the network with a minimum of network disruption and without manual intervention. Responses are configurable and comprehensive logging provides a clear audit trail of the actions taken. This is a truly innovative feature that helps organizations avoid lost time and unnecessary disruption to services.
2.    BLOCK THREATS AT SOURCE
Most IPS solutions are only capable of blocking suspicious traffic as it passes through the IPS device. Since this tends to be near the gateway to the Internet, only external threats can be detected and blocked (this is the traditional “secure border” model). However, SES can isolate traffic anywhere in the network, so it can prevent threats not only on the border, but threats inside the network too through USB drives, BYOD, etc. This makes SES an innovative security solution that can monitor traffic entering and traversing the local network without introducing latency or bottlenecks.
3.    WIRED AND WIRELESS SDN
SES is the first commercial SDN solution for wireless networks that offers programmability and control inside the network where it is most vulnerable. Allied Telesis wireless access points are OpenFlow capable and can be controlled by the SES controller to provide a dynamic wireless network that offers end-users a better experience. New policies and security updates can be easily implemented from the centralized controller to all access points in seconds, to dramatically cut the time required for network and security management, with a corresponding reduction in operating costs.
4.    OPEN AND FLEXIBLE SDN SOLUTION
SES interoperates with networks containing compatible OpenFlow switches, and a range of physical and virtual firewall products. There is no need for a forklift upgrade of the network to take advantage of the benefits of SES – it can interoperate with a wide range of existing equipment.
SES also integrates with Allied Telesis Autonomous Management Framework™ (AMF), which is a powerful network management and automation tool that also delivers cost and time savings. When used with AMF, SES no longer relies on the OpenFlow protocol to communicate with the network devices. Instead it can use AMF to deliver instructions to conventional network devices. Therefore, this provides all the benefits of an SDN solution without the need for OpenFlow. This lowers the risk and cost for enterprises to adopt SDN solutions since their existing network can remain unchanged.

The next-generation AWS cloud managed service provider (MSP) integrates the cyber security services provided by AWS, through automated monitoring, instantly discovers and fixes various security issues, and configures, runs, and provides a secure cloud environment by automating common activities. Let customers configure their infrastructure best meets their needs. Besides, next-generation AWS MSP offer customer-centric solutions that are fully automated, continuous, and extremely flexible, helping to protect the customer's environment.

Nextlink operational team integrates AWS DevOps services with a variety of DevOps open source tools to help customers build automated monitoring and deployment processes, integrate tools into DevOps processes, enabling organizations to implement, deploy, complete software development cycles and get user feedback instantly.

Nextlink operational team integrates AWS WAF services to build a Web Application Firewall that protect your web applications from unavailable issue, cyber-attack, or compromised by excessive internet traffic.

Nextlink integrates with several AWS services to help customers design backup and disaster recovery architectures, including AWS basic backup and restore, AWS basic disaster recovery, Warm Standby solutions, multi-site solutions etc.

SecureCube Access Check is a gateway-based privileged access management solution. It is all-in-one product, equipped with strong authenticaion feature, authorization flow by using policy and request-approval based, and privileged session monitoring feature that can monitor the operation of system administrator during access to servers or network devices. It has been deployed world-wide and has study case in a very large environment with minimum deployment time.

Uni-ID Libra is a customer identity and access management (CIAM) solution. It has all features that is needed to control the identity and access for customers by strengthening the security and maintain the usability. It also has the feature to identify possible fraud used by the identity in the service.

Vulnerability Explorer (VEX) is a web application assessment solution. Very high detection rate is one of the strong point of this solution. Developed based on long experience in web application penetration test, we can even use this solution to check a production server that is located behind a web application firewall with a non-destructive method.

Secure your sensitive data and critical applications by storing, protecting and managing your cryptographic keys in SafeNet Luna Network Hardware Security Modules (HSMs)- high-assurance, tamper-resistant, network-attached appliances offering market-leading performance.Network HSMs into a wide range of applications to accelerate cryptographic operations, secure the crypto key lifecycle, and provide a root of trust for your entire encryption infrastructure.

The SafeNet Luna Payment HSM from Gemalto is a network-attached Hardware Security Module (HSM) designed for retail payment system processing environments for credit, debit, e-wallet and chip cards, as well as Internet payment applications. It offers secure PIN and card processing, message authentication,comprehensive key management, and general-purpose cryptographic processing.
The SafeNet Luna Payment HSM specifically meets the needs of payment processors, card issuers, acquirers, merchants, and e-payment solution providers who need to adhere to EMV security standards. The SafeNet Luna Payment HSM offers comprehensive EMV support from transaction processing to card issuance capabilities.
 

Because of terrorism, we want to challenge the world with the new value of transmitted network data.

Our strengths are monitoring and security. You should be able to fight anywhere in these two areas.

Momentum it is worth the network data that can be conveyed.

The current mechanism of collecting and analyzing network data , whether for security purposes, for fault analysis purposes, or for marketing purposes, is too complicated and expensive.

We realize a mechanism to extract and analyze the necessary information more simply and in real time as needed when necessary . 

Functions required for analysis provide an environment that can be freely used as open source applications (momentum Apps).

We are worthy of network data that can be conveyed because we are network & security territory. 

Continue to provide new values of our network data all over the world.

As your company grows, so do the number of endpoints you have to protect. Did you know over 61% of small businesses experienced a cyber attack in 2016? Hackers see small businesses as easy targets. LanScope Cat changes that.

LanScope Cat protects every single endpoint on your network by allowing you to define and enforce your own company policy. Our easy-to-use console allows you to monitor web activity, external device usage, USB usage, printing activity and more!

We search the Darknet to identify specific, targeted threats against our client.

These can be leaked IT systems and topology, employee information, user credentials, and product vulnerabilities. 
In the process, KELA will essentially map the most relevant attack vectors and leak sources. 
This targeted cyber intelligence enables our clients to get a completely external viewpoint of their situation and vulnerabilities in order to prevent data breaches at the earliest possible stage.

iSecMaster, the IoT field (such as Finance ATM, cashless payment stores and especially on hospitals and manufacturing factory) security guard that is for auto assets whitelist, behaviors, and machine learning by detecting the wireless signals and supporting API, MiniSOC, and call center integration output. The features of iSecMaster is as below, 

• Detecting wireless attacks against IoT devices such as Wi-Fi Rogue AP, WPA2 KRACK, BLE blueborne… etc.
• Supported wireless protocols: Wi-Fi, Bluetooth, Z-wave, Zigbee, V2X(WAVE)/DSRC…etc.
• Range of detection frequency (RF): 1M to 6GHz
• Tracking the attackers by IP camera (optional)
• Whitelist-based mechanism for abnormal wireless detection
• Providing detail record of wireless signals and network traffic in an area for incident investigation and security audit
• Wireless and wired (optional) signals solution
   

Taiwan’s strongest APT l BEC information center
Instant traceback tracking of malicious threat communication behavior analysis

Technological Adavantage Instant traceback tracking of malicious threat communication behavior analysis.
15 million + (Taiwan attacks) static signatures Next-gen AI unknown malicious threat program behavior analysis.
30 million+ (Taiwan attacks) hacker IPs and short-term domains Sandbox malicious hyperlink download analysis.
APT attack connection counter Sandbox malware behavior analysis
Double authentication whitelist.

Instant traceback tracking of malicious threat communication behavior analysis
APT (Advanced Persistent Threat) is a common attack method that, after locking on its target, collects intelligence, designs bait, and performs various tasks. Some common baits include impersonating customers, government agencies, and other well-known service providers, such as Apple, Google, the State Administration of Taxation, the Health Insurance Bureau, and international express delivery agencies.
Such socially engineered mail are not suspected as advertisements due to the content of the email, and the exploitation of traditional email gateway weaknesses to set the email address of the current unit as a system or personal whitelist, thereby removing any barriers against such fraudulent commercial email.
Our system has the world's most cutting-edge fraudulent email identification technology, providing an exclusive dual-verification whitelisting mechanism, meaning that the sender's mailbox plus the sender's host must both be approved before the mail can be released; and our exclusive SMTP delay counter, prohibit the hacker from utilizing system resources for replies, forcing the hacker to respond.

Nex-gen AI unknown malicious threat program behavior analysis
A malicious program is a program that,from the perspective of a programmer, customizes the simulation program,recognizes and automatically classifies the language library, and defines the ratings of each type of project, including

• Attachment type：attachment encryption, forged subfile name, bomb compression (ZIP Bomb), decompression times.
• Characteristic database：complete (Md5), multi-segment (Ssdeep), loading (Imphash) sampling, original database.
• Program behavior：Antidebug Antivm, CVE Vulnerability, encryption calculus, Exploit Kits, Packers Hidden, Webshells , email identification, malicious files, malware, mobile malware, malicious URLs.
• Sandbox analysis (optional - independent dynamic sandbox simulation system)：behavior analysis, network analysis.

Next-gen AI unknown malicious threat program behavior analysis 
APT attack connection counter - Double verification whitelist

Proactive analysis of spammer communication behaviors
Using the global exclusive patented technology "SMTP Instant Traceback" and "SMTP Hacker Behavior Analysis," you can effectively identify spam, illegal, anonymous, fraudulent, and other malicious mailing behaviors during the SMTP handshake phase.
Determined, decisive, and efficient blocking of more than 90% of spam; cloud reputation blacklist, international blacklist, DNSRBL, content weight calculation, etc., all come together to bring the best and most complete protection for enterprises.

Complete and multi-function organizational reporting
SpamTrap provides self-learning, policy comparison, blacklist reporting, whitelist feedback, personal and group policy development and black and white lists, overdue unread management, agents, quarantine reports, resend reports, aliases, group merges, and other pinpoint functions.
SpamTrap provides a variety of statistical charts and leaderboards, and can send statistics reports to department heads in a timely manner, according to the organizational structure.

Forensic Report
The schedule can be immediately sent, or sent on a specified month, week, day, and time;the content includes periods (starting with today, yesterday, this week, last week, this month, last month, this year, last year) and risk level;regular input comparison of sender, recipient, subject, source routing, message code;recipients can add their own, custom report format (supports webpage, text, PDF).

DLP Trade secrets and personal information 
Drip leakage prevention and data encryption protection

Email remains a vital tool for communications
between modern business transactions
Based on corporate secrecy protection and compliance, such as national personal data protection laws (EU GDPR, ISO27001, BS10012, etc.), companies must fulfill and comply with their email filing and auditing Duties.

Enterprise audits are divided into pre-audits and post-audits
The main purpose of pre-audits is DLP data leakage prevention, which is divided into single excess and cumulative excess (meaning drip leakage prevention), that focuses on risk index and behavior analysis.
The primary purpose of the post-audits are the normal post-management and case-review applications.
BestFiler supports online release applications, online access applications, and various audit reports to implement paperless and strict audit management for enterprise efficiency.

Pre-Audit
excellent risk management tool

•  Legal compliance：pre-configure PII I standard and PII II behavior
•  Accurate：supports regular expression and program verification, custom exclusion
•  Completeness：32/64-bit applications, large and multi-blank attachments
•  Defensive power：supports single-capped over-range and interval cumulative excess (meaning drip leak prevention)
•  Data protection：supports email/attachment encryption, prohibit attachment encryption (avoid checks)
•  Customized mail：group-send but single-recipient display (better than BCC), subject/content replacement (time-saving individualization)
•  Flexible execution：online routine/individual whitelist, immediate supervisor notification and review release
•  Management Report：produce various statistical and analytical reports based on audit and management needs

Post-Audit
UBA Big Data Behavior Analysis

• Normal post-audit management：set query conditions, query permissions, and valid period
•  Individual case access application：the reviewer applies to the auditor (can require multiple signatures)
• Drip Report：when exceeds the upper limit, immediately report the maximum and total amount while display the details
• Manage reports：schedule when to send a variety of user and group reports to supervisors and auditors
• Mail log：display authentication account and source country code/city, supports forwarding and re-sends
• System log：contains core log, authentication log, antivirus log, load log
• Security log：record administrator actions, including searches, forwards, and setting changes, etc.
• Queue management：configure queue re-transmission and delay, queue notification, periodic queue reports

ELM Lightweight storage of massive data with efficient full-text search 
OEA Organizational cloud archiving and quick historic mail query

ELM Massive Data Management
Supports local and network cluster management.
Supports Journal SMTP/POP de-duplication archives.
Supports .eml format (encrypted) storage and multiple restoration methods.
Supports a wide range of archiving mechanisms, including local, web, CD, and tape.
More than 50 attachment formats and 10 million emails searched in 5 seconds.
Supports non-repudiation, efficient full-text search, Simplified and Traditional Chinese translation, and advanced search.
OEA supports hierarchical organization development, mail preview, and attachment text quick search.
OEA replaces mail storage, which helps to remove management receipts and improve work efficiency.

VigiCrypt  Email Encryption Protection
The strongest email encryption gateway ever.
DLP protection and social fraud prevention are the best tools for eliminating fraud.
PDF/ZIP/HTTPS mail and attachment conditional gateway encryption. 
Flexible subject marking, compatible with existing systems, attain internal and external control. 
Custom and random passwords, password database, extensive editing, personal settings.

Patented SMTP Stream Processing and MTA Transmission Control 
OTP double certification - Natural persons certificate signature encryption – Zero leakage of national security-grade data

National-Grade Security (download subject/content/attachment/attachment can be read but not downloaded)

Impenetrable Security

•  Core Operation

    Intermediary program list-checking
    shut off useless instructions
    real-time vulnerability protection

•   Identity Security

    Root PKI/ACL control
    (natural persons) certificate digital signature
    OTP security authentication

• Static Encryption

    National security grade
    data leak prevention with maximum specification DLE dynamic length encryption

•  Dynamic Encryption

    Third-party or spontaneous certificate encryption
SSH encrypted connection with zero successful cracks thus far

Flexible Expansion

•  Cluster Architecture

    HA Heartbeat automatic backup and reply
    AA SAN cluster anagement
    Rsync parameter synchronization
    DRBD local and Cyrus remote mailbox synchronization

• High Efficiency Clustering LDAP

    Multi-domain management and advanced routing
    Password policy and online application
    Individual permissions for shared contacts
    AD/LDAP multiple integration
    SQL vacation agent integration

• Various SOAP (XML) API Interface

Forceful Innovation

• Mailbox Service

POP(S)/IMAP(S)/HTTP(S) ActiveSync read service, mailbox capacity, mailbox capacity expiration control, mailbox overview, mailbox cleanup, mailbox parameters, internal mail recycling, internal read tracking, consolidated post backup, news group, read letter control (account, internal/external/country, download subject/content/attachment), certification control (POP/IMAP password-guess defense).

• Mail Transmission

Advanced SMTP TLS, SMTP authentication forgery defense, SMTP success and failure authentication control, SMTP forwarding, SMTP proxy, advanced SMTP forwarding, domain authentication key, signature encryption proxy, fast backup, mail routing, email NIC IP binding (with IP name corresponding to multiple external IP facilitating large number of mail), mail replacement, error message replacement (avoiding closed network), code replacement (avoid garbled code), variable replacement (LDAP column position change to subject/content), outgoing address book, fake Postmaster bounce attack protection, restore winmail.dat mail format, special title (record all recipient mailbox and envelope sender mailbox), queue management (retransmission times/delayed transmission/inquiry/resend/notification/report).

• Safety Controls

Conditional forwarding backup, multi-domain disclaimer, outbound speed control (avoiding graylisting), advanced SMTP control (single/accumulated number of senders/number of recipients/size/total), sender domain restrictions, attachment backup, attachment removal, recipient exclusion, security level (configure account and email security level), (PDF/ZIP/HTTPS) email encryption, virus scanning.

Web Mail Adopts the latest interactive web technology 
ActiveSync Compatible standards for synchronizing address book and calendar
Next Generation Cloud Data Center

• Excessive capacity!

Virtual mailbox, one mail one file, zero mailbox damage

• Efficient space conservation!

Mail deduplication, latest mail ID storage and index management technology

• Extreme speeds!

Latest Ajax/HML5 interactive web technology, near 100% bandwidth usage

• Mobile business!

Supports ActiveSync compatible standard sync email, contacts, and calendars
 

EP newsletter – attain your mission
Excellency oriented delivery, open, and click rate

Effective email marketing
not only ensures that customers receive messages, but also knows what kind of messages customers like.

This way marketing professionals can continue to sell their products and improve marketing performance.

Using the system's unique letter editing mechanism, the general letter content can be converted in to a variety of collection conditions, and various responses can be set in to different points to facilitate analysis and improve email marketing performance.

• Types of Newsletters

Can configure the: name; the option to make it as the subscription page; display names on the subscription page (Traditional Chinese, Simplified Chinese, English);
permission (user, group); notes; whether you need to review, assign a reviewer (supervisor, types of supervisors, other custom classification);
notification mailbox, notification mail language;
whether the user can select more, select the upper limit, or cancel the subscription list’s application mode (in accordance with any, in line with all).

• Mail Delivery

Supports inline map transfer link, group-send single-recipient display, content variable replacement, online preview, unsubscribe, scheduled delivery, review. Web version of e-newsletter can display community website sharing links, etc. Supports queued mode delivery, number of re-sends, queue re-send time, DKIM/DomainKeys/SPF domain authentication key, outgoing speed, IP name, network card IP binding, etc.

• Marketing Template

Source contains the file and the URL. The file format supports
    automatic judgment
    RFC/822 format (.eml)
    MHTML format (.mht, .mhtml)
    HTML format (.htm, .html)
    ZIP format (.zip, including HTML and image files)
The URL is limited to static web pages;
JavaScript or complex CSS web content may be distorted.

• Marketing List

Includes: marketing list, rejection list, test list; users can delete the marketing list from the system; new list fields contain name contact, permissions, and notes; contacts can add new, edit, delete, import, and download template; import formats supported are the .csv format and .txt format; data column symbol supports commas, semicolons, and tabs; fields include mailboxes, display names, company names, titles, and etc.

• Scheduling Management

Query field includes: period (last N day/week/month, from year/month/day to year/month/day), user, subject, audit account, audit result (all, pending reviews, permissions, prohibited); supports comparison methods (partial comparison, full comparison, left-to-left comparison, right-to-right comparison), whether to display “has been deleted.”
The list field contains: the time the letter was sent, the sender, subject, user, auditing supervisor, final decision-maker, audit result, audit opinion, audit time, and delivery status. Delivery status includes: re-editing, test sending, delivery initiation, submit for review, review (whether to agree, review opinion), and deleted.

• Statistic Reports

Query field contains: period (last N day/week/month, period), user (user, group), and newsletter type. List field contains: the user, number of transmissions, number of mailboxes, number of successes, number of failures, number of opened messages, number of clicks, success rate, and failure rate.

• System Features

Supports custom text and graphical RWD for unsubscribtion Can perform secondary marketing for query results Define recipient behavior scores for profit analysis Integrate APIs with third-party systems Synchronize with CRM Synchronize logs with CRM

• Marketing Log

Query field contains: the period (last N day/week/month, period), sender, subject; support comparison method (partial comparison, full comparison, left-to-left comparison, right-right comparison). List field includes: marketing activities, subject, number of mailboxes, unsubscribe rate, failure rate, success rate, open rate, click rate, subscription rate. Marketing activity information includes: marketing activities, newsletter type, account number, event time, subject matter, sender, system list, rejection list, other recipients, unsubscribe, total number of recipients, scheduled delivery, and message code. Delivery log display fields include: recipient, sent date, DSN code, delivery result. Query conditions include: support list screening, recipient, filter by delivery results (all, success, failure, queue), opened letters (all, open, unopened), clicked (all, clicked, unclicked).
 

DG-Secure is a digital evidence preservation system applying "immutability" and "decentralization", the features of blockchain, to digital evidence storage. Due to the current preservation method, the authenticity of the digital evidence has always been questioned, reducing the possibility of the evidence being admitted by a judge when the lawsuit is filed. Therefore, the holder of the evidence often needs to spend money and time for notarization. 
With the screenshot and storage function, DG-Secure calculates the hash value and uploads the hash value and timestamp to the blockchain. By doing this, we could eliminate the concern that the evidence might be modified and guarantee the admissibility of the digital evidence. DG-Secure can be widely used in law firms and any forms of digital evidence files (contract / certificate / photo / video file ..., etc.).

eDectector is a practical and powerful remote malware-scanning and detecting tool. It detects the behavior of processes and assists users to find out and mark the malwares, even the unknown ones. With this function, you would never be helpless against APT attacks. Besides, eDetector can assist to build an Intranet Security Alarm System, which makes it possible to find the hiding zombie computers earlier. We could hence take the necessary actions against attacks in the shortest time, avoiding the enlarged tragedy of the information security issues.

MOTP, Mobile One-Time Password System is a sign-in protection solution for your business via one-time password or dynamic password. It can automatically generate numeric strings that authenticate the user for a single session or transaction. The solution includes OTP verification servers, various agents, and multiple tokens that provide a complete plan to meet your needs.

CYBAVO VAULT is a cryptocurrency storage and wallet management system designed to fulfill business accounts requirements, providing at the same time a top notch protection level to secure your digital assets. Our digital wallet manager and vault provides business owners and digital asset managers the ideal tool to manage multi-currency wallets, and to perform streamlined blockchain transactions in a secure way.

 CYBAVO Wallet App SDK allows your company to easily develop your own mobile cryptocurrency wallet to offer to your customers, secured with CYBAVO private key protection technology.

CYBAVO Full Node Ledger Service offers secure Full Node service for enterprise cryptocurrency applications, providing a highly available and resilient solution. Our solution allows to quickly on-board new currencies and to reduce drastically the operating costs of having a Full Node.

CyCarrier's SOAR (Security Orchestration Automation and Response) platform which combines advanced machine-learning algorithms and forensics technology has three design concepts: First, sensors and big data enables AI to get the complete situation of digital battlefield; next, the powerful AI analytics platform that simplifies and automates complex computation and simulation in a smart single in a smart single pane of glass; finally, the fusion of global threat intelligence.
 

Red team assessment is a process of using advanced tactics, techniques, and procedures to emulate a real-world threat to train and measure the effectiveness of process and technology used to defend an environment in a limited time period. Typically conducted by a third-party organization. We own the hacker's mindset and use world-class attack techniques to accurately identify the blind spots of corporates security defense. More often, corporates can also take stock of the accuracy and coverage of the security monitoring mechanism to prioritize the budgets and experience a real-world attack, without real-world incidents to enforce internal consensus and awareness.

Firmware Encryption & Protection Service (FEPS) significantly reduces the security risks caused by the vulnerabilities of the compromised system due to the firmware being cracked by the hacker, and avoids the threat of the knockoffs. With PiLock®, even inexperienced engineers are able to protect their firmware within 10 minutes without coding. It significantly saves IoT developer’s time and reduces manufacturer’s cost of building a team of security experts and senior engineers to do the exact same things for months. We help developers accelerate the process of implementing firmware security into embedded systems in some simple steps. On top of secure development, FEPS also adds secure firmware delivery, secure manufacturing, secure firmware update and secure disposal to the scope of protection.

Device Identity & Management Service (DIMS) based on PKI, providing ready-to-use secure elements with the most trusted root of trust for IoT devices. With ISO/IEC 27001 certified information security management system (ISMS), ECOLUX ThingsPKI operates root certificate authorities to issue and provision the best quality of certificates to the secure elements for our customers. As we following the IETF PKIX and ITU-T X.509v3 standards, and with reference to NIST cryptographic algorithms, key length and validity, DIMS provides the best quality of certificates for IoT devices including Certificate Revocation List (CRL), Online Certificate Status Protocol (OCSP) etc., empowering our customers to connect IoT devices to services and applications with confidence. The process to own the secure elements is very simple, all you have to do is to place an order specifying the information you wish put in the certificates and get ready to receive the secure elements at your doorstep. DIMS empowers our customers to connect IoT devices to services and applications with confidence.

According to The Identity Theft Resource Center, enterprise information leakage has become a serious problem in recent years. X-FORT provides a comprehensive endpoint security solution includes DLP, DRM, and ITAM. It prevents confidential information from breaching or losing, and provides the management tools of applications, computer assets, and remote control. Over 400,000 users and 800 organizations are protected by FineArt Technology, and we help worldwide Government and Enterprises, such as NTT Data, China Motor, and Seiko, to protect what matters most to them. Features

• Prevent Data Leak via Computer Peripherals: Control storage devices such as USB flash drive, mobile drive, and memory cards; external devices such as CD burner, printer, IrDA transceiver, Bluetooth, etc. Protect contents of local hard drive through CD/USB drive boot or hard drive cascade. Also provide various controls such as prohibition, read-only, on-the-fly encryption, and write to device with supervisor approval.
• Prevent Data Leak via Network: Strictly monitor cloud service, e-mail, net share, IM software, P2P software, FTP, and Web posts. Also completely monitor Internet 3G/4G card, wireless card, and dial-up Internet service.
• Comprehensive Management tools: Includes PC management functions such as IT asset management, software control, remote deployment & help desk, integrated Windows Update / Hotfix, and provide comprehensive analysis reports.
• Digital Rights Management: SVS (Secure Virtual Storage) and SVT (Secure Virtual Tunnel) provide file encryption and file access rights to protect important data such as intellectual property and source code.
• Self-Protection Mechanism: Prevent destruction and removal by malicious users or process.

Various Optional Modules: Required on demand, easy to expand and upgrade your security system.

• The user uses the Smartphone + I.X wireless key card as a 2FA login. No need to worry about password stolen, no need for complex passwords that even users can't remember and no need to change password regularly because authentication is protected by I.X privacy card.
• I.X can integrate with enterprise services (e.g. PC / MAC login, enterprise ERP, CRM, HR system, etc.) to achieve the single-sign-on. I.X can also upgrade normal VPNs with high-level 2FA login, it can also applied to online banking and mobile app login to strengthen login protection.

• Group IM uses the keys of each group members to encrypt the communication content and files. Only authorized group members can use their own I.X wireless key to decrypt messages and read the communication content to protect the company's confidential information from leakage.
• I.X can automatically update active employee list to improve management efficiency and security, that significantly reduce potential security loopholes caused by employee turnover.

• I.X's secure browser can connect to intranet services (e.g Email, ERP, CRM, SRM, etc.), disable user to download important file.
• I.X Cloud Gateway can filter unauthorized browser access to sensitive enterprise services.

As an external and independent auditor, HACFO provides comprehensive risk assessment on Penetration Testing (PT) and Red Team Assessment. It enables organizations to supervise PT performance and to minimize sensitive data and security vulnerability leakage risk. HACFO casts a shield to the everyday intensifying cyber threats, which empowers our client to focus more on the quality, reliability and quantitative indicators in every PT and red team assessment.

■ Filtering Threats Inside https
Nowadays cloud services and hacker C&C are all encrypted in https connections, causing traditional security solutions fail to filter the contents. Such services include Hacker Cloud (Botnet C&C / APT), WebMail Cloud (Gmail / Outlook / Yahoo Mail), Social Cloud (Facebook / Twitter / Google Plus), WebHD Cloud (Dropbox / Google Drive / One Drive), Messenger Cloud (Line / Skype / Google Hangout / Facebook Chat). Research reports indicate that at least 60% of the total traffic hides in https tunnels. Auditing, filtering, and forensics the content of traffic is not easy anymore. It’s time to face the truth.

■ Ransonware & Confidential Data Leakage
Recently many computers are locked by ransomware, meaning anti-virus is not fast enough to defend vulnerabilities. Stopping botnet’s command and control return path with malware sandbox are the last defend line for enterprises. InstantCheck® has integrated Google Safe Browsing® malicious website database, Malware Patrol® ransonware C&C prediction, NICST blacklists. Moreover, decrypted malicious files can be sent to InstantTrace® sandbox cloud for further analysis. 

■ Regulatory Compliance
Corporate scandals and breakdowns such as the Enron case have increased calls for stronger compliance and regulations in different kinds of industries, such as Sarbanes–Oxley, ISO27000, PCI-DSS, HIPAA, SEC, FINRA, FSA, IIROC, FERC, NERC, CFTC, NFA. They all require electronic communications to be logged for years for auditing. Of course, it is a must to audit https traffic since most crime activities hide themselves in encrypted https tunnels. 

■ User-Unaware Installation and Digital Forensics
User-unaware installation is extremely important for such auditing tools. InstantCheck® employs transparent mode or proxy mode to install without changing your network architecture. Currently InstantCheck® can filter detailed behaviors and reconstruct mainstream webmail contents (Gmail / Outlook / YahooMail ) webhd contents (Dropbox / One Drive / Google Drive), messenger contents (Line / WeChat / Facebook Chat / Gmail Chat), social contents (Facebook / Twitter) for network data forensics.

■ Professional Apps For Further Analysis
After SSL decryption, InstantCheck® can call the following apps:
(1) Built-in AegisLab® virus signatures who has been listed in VirusTotal® since 2013
(2) Built-in Google Safe Browsing® service for blocking malicious malware URL/IP
(3) Built-in Malware Patrol® ransomware C&C domain prediction engine
(4) Built-in IP/URL blacklists from FireHOL®, Cisco Talos®, NICST®, AegisLab®, ...
(5) Optional InstantAudit® End-Point for audting messages / files of Line/Skype/WeChat
(6) Optional InstantLock® DLP engine for recognizing privacy / confidential data / intellectual properties
(7) Optional InstantTrace® malware analysis for sandboxing unknown threats

AXIOM is the only platform that captures and analyzes smartphone, computer, cloud, IoT, and third-party image data, in a single case file — ensuring that no evidence is missed. AXIOM simplifies investigations by surfacing the most relevant evidence into user-friendly artifacts.

TP800-SAS Evidence based eraser overwrites the hard disk to destroy the data contained therein.  It does not require a computer or software to carry out the task. It can swiftly and securely destroy the data.  With high efficiency, it allows the user to wipe and recycle the hard disk. It contains various erasure methods and the user can select the one that suits his requirement for data safety the most. It is ideal for enterprises, govt institutes, military and defense dept, hospitals, bank, school, etc. 

• Supports various erasure methods  

Quick Erase, Full Erase, DoD Erase, DoD Erase and Compare, Secure Erase, in all seven erasure methods. 。

• Full erase stores record of erasure 

Automatically saves record of erasure time, results and complete hard disk details. 

• High erasure speed 

Maximum speed of 18 GB/min. Wipes 4 disks at the same time and raises the efficiency.  

• Proprietary patented technology

Using Invisible Proof Mark to verify whether the Hdd had been wiped and the last method used.  

• Highly efficient GO key

Each port works independently and supports asynchronous sanitization

• Supports various interface 

Supports 2.5”/3.5”SATA/SAS、SSD.  It also supports IDE HDD、mSATA、M.2(NGFF) through the use of an adaptor. 
 

Built with robust metal, HT02-I needs little effort to operate. Simply press the handle downward to punch and destroy 
the hard disk. This ensures the data cannot be recovered. There is no dust, particles or noise during operation which 
ensures safety of the worker. 
With specific drill, HT02-I can be used to destroy the Nand Flash in the SSD in a swift and efficient manner. 

The MailCloud messaging system is based on a proprietary big data mail receiving/sending core that provides a variety of access interfaces and a mail archival solution tailored to the customer’s needs. The system can be used and managed over a browser at any time, greatly reducing the cost of e-mail system deployment. Multiple security mechanisms provide effective protection against infected e-mails and spam, phishing e-mails, DoS attacks, and social engineering attacks to create a secure organizational messaging and communication environment.
MailCloud offers full IPv6 support and can run reliably on various types of virtualization platforms to cope with massive increases in mail traffic. It offers a next-generation online service designed to meet the high network traffic generated by cloud technology.
MailCloud has been selected by more than 10,000 local and overseas customers. It is a proven product with more than 10 million licensed users in the public sector as well as telecommunications, construction, financial and service industries.

MailBase Replication Mode makes the archiving of e-mails easy and requires absolutely no changes to the existing network structure and mail process. Its high level of compatibility with cloud mail and mail servers makes deployment fast and easy. Mail life cycle management can store archived e-mails on the local server, cloud service or other external storage media based on access frequency. If there are hundreds of millions of e-mails, a distributed architecture can be used to process all e-mails, speed up searches and carry out mail browsing and auditing tasks.

E-mails containing all kinds of information can be thoroughly vetted using MailAudit to effectively intercept those that contain personal information such as name, birth date, contact details (e-mail, address, telephone etc.), financial information (credit card number, ID number), etc. Whenever abnormal information traffic or e-mails that may compromise sensitive information are detected, monitoring personnel are immediately notified and a full report is made available to the auditor. Normal e-mails are allowed to pass through while confidential business documents can be sent securely using corporate signatures, PKI encryption and ZIP encryption to the correct recipient.

The ArkEase Pro cloud storage platform can create a secure sharing space that allows users within the organization to share files easily with colleagues or external partners. Recipients, passwords and expiry times can be set for each shared file. A file access history and AES level file encryption function are also available to support ransomware protection which can immediately detect malware and recover the infected files from the platform while keep on sharing file in ease method. The ArkEase Pro cloud storage platform can also synchronize files with designated devices so that users can access the latest files at any time and in any place. Keeping files up to date greatly boosts productivity.

Cybersecurity spending in the public and private sectors continues to grow, but it is still unresolved in the face of a huge amount of data, highly sophisticated networks and diversified attacks. 
GRISM, the next-generation network visibility platform, can tackle the challenges mentioned above by forming the analysis-assisted monitoring fabric for accurately directing the production network traffic to varied security devices achieving more efficient inspection. GRISM also can extract network metadata that assist behavior tracking, such as DDoS or lateral movement detection, and block massive malicious list of IPs/Domains/URLs according to threat intelligence. That is, GRISM provides not only pervasive and adaptive network visibility but also front-line security.

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

PIXIS is a solution in attempt to tackle the issues of ineffective control and inefficient management of local networks. An agentless approach, PIXIS helps organizations to shield, visualize, and administer the networks. Blending NAC and IPAM in one package, PIXIS delivers capabilities beyond current industry standards. BYOD and Visitor Management are simplified yet enhanced with NAC. Endpoint, switches, and network structure information is consolidated to comprehensive yet intuitive fashion. Thorough and patented IPv6 has turned the solution to be future-proof and pioneering in the industry. With all the functions under one license, PIXIS is a friendly tool for channel partners and end users, who can all enjoy the multiple benefits brought by PIXIS when facing different managerial issues.

HiGuard X is an all-in-one UTM that operates at gigabit speed up to 1.8 Gbps and carries several main categories across your network security deployments: firewall security protection, policy auditing (anti-virus, In-Line IPS, content filtering, VPN bandwidth, and authentication), and easy management (wireless AP control, bulletin board and Co-Defense). The web-based interface provides friendly and consistent user experience, auto firmware update, and multi-languages supported. Configuration files can be imported and exported directly to and from HiGuard X. By simply plugging in a USB modem into HiGuard X, wireless 3G, 4G/LTE are supported to offer secure and uninterrupted WAN connectivity.

• Personal Privacy Info
• Trade Secret、Intellectual Property
• BTC / ETC
• Online Game Points / Items

• Steal your member info
• Source Code

Elegant and Efficient

• Light-weight with high detection rate
• Low cost, less efforts
• Low risk, non-intrusive

On premise Threat Hunting

• Behavior Modeling
• Threat Intelligence
• Outlier

Auto Investigation

• Infection Timeline
• Lateral movement analysis

Orchestration

• SIEM Integration
• HTTP Restful API

Features of ThreatSonar

• Powerful threat hunting platform with advanced threat visibility.
• Automate cyber threat intelligence adoption.
• Simple and flexible to be integrated with partner’s solutions.
   

Powered by our custom DPI engine and I.D. centric design,the Unified Access Controller"UAC# provides a comprehensive Layer 7 tra!c management mechanism that allows IT administrators to e$ectively manage, monitor and secure their network resources. Whether it is for individual, department or company wide access to internet services, UAC can precisely enforce network policies compliance and control while provides  extensive monitoring reports for daily operations.
No matter by using wireless or wired network got access of internet connection, and what type of device "Laptop, PAD, Smart Phone#, UAC would guiding people through its diversely authentication rules to making proper control and keep such access log for further auditing purpose, even though one person has couple devices keeping online with tra!cs, UAC can bonding to one single account, thus , to fully control impossible becomes possible and achievable.

KeyVault Hardware Security Module 

KVHSMs (KeyVault Hardware Security Module) serve as invincible shields protecting digital assets via physical unclonable and tamper-evident key management, high-speed AES encryption, ECC digital signature and PKI-based certification, elaborated to fulfill profitable and cost-efficient applications, such as IoT authentication, servers’database encryption, time-stamping, firmware and software protection, hierarchical deterministic wallets, blockchain, etc.
These cryptographic operations concur with countermeasures against differential power analysis (DPA), ensuring seamless integration among cryptographic and application layers. Besides, the secure element meets requirements of Common Criteria EAL 5+, guaranteeing military-standard protection.
 
Trustworthy Computing and Signing Platform for Blockchain 
Blockchain use cases involve digital signature, hashing, Hierarchical Deterministic (HD) keys, among which private keys are used to transfer money from one account to another account. That is to say, if someone gets a user’s private key, he can transfer all the user’s money to his own account. Common targets are no other than financial institutions like banks, digital currency exchanges, etc. In view of threats, KVHSMs not only provide a military-standard storage for private keys but also streamline key management, accelerate crypto-graphic computation and customizable extensive applications.

Fulfillment of IoT Authentication & Secure Communication
In light of vulnerabilities dwelling among mutual authentication, cryptographic schemes should be adopted to ward off unauthenticated access. At this point, KVHSMs can protect the server from unauthorized access via PKI (Public Key Infrastructure), encrypt transmitted data, secure firmware update, invalidate any attempt to appropriate devices. 

Great Strides Made to Secure Mobile Payment and Transaction
During mobile payment, TSM (Trusted Security Management) plays a vital role in serving users in a leak-proof manner.  Users’ personal information, transaction records, confidential data should steer clear of any possibility of exposure to malicious users. Therefore, security mechanism becomes a determining factor in to what extent we can fulfill security goals, generally comprising integrity preserving, confidentiality protecting and availability promoting for authorized users.
KVHSM can fulfill a series of cloud-based security functions, including encrypting database, deriving keys in different scenarios, ensuring the integrity of transaction records, launching secure connections between devices and clouds, etc. Secret parameters are stored in a military-standard secure element, and if there’s any external intrusion, a self-destructive mode will be triggered, making sure they won’t be appropriated.

• Dimensions

Low Profile PCIe Card
69.6mmx145mmx17.5m

• Temperature

Operation 0°C to 60°C

• Host Interface

PCI-Express Gen 2 x 4 Lane

• OS Support

Linux

• Performance

AES 256 CTR: 8Gbps
AES 256 XTS: 8Gbps
Disk Encryption: 1GB/s
File Encryption: 1GB/s

• Asymmetric

RSA (1024-2048)
Elliptic Curve Cryptography (ECDSA,ECDH, ECIES) with named and user-defined curves
Symmetric
AES 256 (XTS, CTR, CBC, ECB)

• Hash/Message Digest

SHA-2, SHA-3, HMAC

• Random Number Generation

TRNG (AIS-31 Certified)
DRBG (SP800-90)

• Security

DPA countermeasures
Reset Button
Physical Security Design
CC EAL 5 + Security Chip

The microSD security card can provide high-speed encryption, supporting PKCS #11 and FIDO.

XCome EMM solution will resolve the mobility management difficulty after deploying the policy to mobile devices by one-time with a centralized web console for preventing misuse of mobile devices by locking it down to only the allowed applications. All devices can be tracked and monitored in real time of their behavior and movement. Moreover, we offer customized EMM services for the enterprise to meet their business needs and applications.
Tailor-made your EMM/MDM solution to reduce
the difficulty of IT strategy on managing
the enterprise mobility security risk.
Integration
XCome cEMM (customized Enterprise mobility management) is the perfect solution to realize remote management with the whole combination of hardware and software, the direct control to hardware physical layer and the complete support of different mobile operation systems.
Communication
Through the EMM/MDM solution, we can easily set the mobile devices as public information stations for travel, business, medical and education services. Through the remote control, effectively limit the functions and uses of the devices.
Security
To strong a business needs both the development technology and patent protection, XCome is your best partner. Whether it's remote shutdown, the removal of leaked data, or user control and tracking, we can help you deal with it immediately in times of crisis.

CyCarrier’s SOAR (Security Orchestration Automation and Response) platform which combines advanced machine-learning algorithms and forensics technology has three design concepts: First, sensors and big data enables AI to get the complete situation of digital battlefield; next, the powerful AI analytics platform that simplifies and automates complex computation and simulation in a smart single in a smart single pane of glass; finally, the fusion of global threat intelligence.