Skip to main content

WHAT IS ARCHANGEL 2.0 NGFW AND HOW IT IS WORKING

ARCHANGEL GFW from PT SYDECO

WHAT IS ARCHANGEL 2.0 NGFW AND HOW IT IS WORKING

Our approach of the security is totally different from what does exist on the market. We put ourselves in the shoes of the hacker to know how he is proceeding to deploy a malware or virus in a system or to Exfiltrate its data.

 

THE PRINCIPLES

The fundamental principles on which our defence system is based are ZERO TRUST and MICRO-SEGMENTATION, as well as the rule that nothing can enter the private network without system authorisation.

-        ZERO TRUST because we do not trust users at any level. Isn't the human factor the weakest part of a security system?

The system is therefore designed to give the best security even if the network is potentially subject to human error.

-        MICRO SEGMENTATION in order to limit the devastating effects that an attack could have by circumscribing it to a single sector which is possible because each device is connected separately to the ARCHANGEL VPN server: Each sector of the network is isolated from each other.

-        THE INTERDICTION RULE is exercised by the existence of a succession of filters whose aim is to stop what is likely to harm the different components of the private network.

ITS FEATURES:

-        3 Firewalls among which one has a different function,

-        1 Honey pot with 10.000 sockets,

-        1 Router,

-        IDS (Intrusion Detection System) and IPS (Infection Prevention System) in the router,

-        2 Switches,

-        1 DPI (Deep Inspection Packet) in each firewall,

-        DPI outside the firewalls

-        5 Intelligent agents,

-        1 VPN Server which is totally secure and protected by 3 firewalls,

-        VPN Tunnels connecting each device of the network,

-        2 Circuits, IN and OUT,

-        All Passwords are protected by SST©, Post quantum system of encryption that is the best protection against brute force attack,

-        A comprehensive dashboard that gives the security guard an overview of the network, its various components and allows him to check the functioning of the defense system and take immediate action if necessary.

WHAT DOES IT DO?

1.    DDoS is stopped by the IDS

2.    Blocking Malware: It is impossible to block all the malwares before it enters the network because most of them are new and unknown or hidden.

However in ARCHANGEL, because the rule is to stop what is suspicious, our system blocks:

 - What is still encrypted after going through SSL Protocol,

 - What is hidden by obfuscation,

 - What contains an executable function (that allows a malware or virus to deploy in the network),

 - Packets that are not signed or with encrypted signature.

3.    Stopping Data Leaks: There is a way to try avoiding leakage of data using AI based on the behavior of the users.

But we have preferred to give the function to stop any attempt of leaking data to one of our Intelligent Agent whose only function is to scan the packet and block what is not allowed to go out. We know how hackers are doing to Exfiltrate data so when the Intelligent Agent finds that such way is used he will block the packet and the security officer will be able to act knowing the device that is used to send the packet and its destination.

4.    Content Policy Enforcement: Because we make the system, we can adapt the function of our Intelligent Agents to the needs of the establishment.

5.    Intrusion prevention: The rules of the Intrusion Prevention of ARCHANGEL are permanently updated to fight against new threats.

6.    Advanced malware detection: In the system of ARCHANGEL, we do not need to analyze the types of intrusion because the system blocks everything that is suspicious coming from the outside world and anything that is suspicious that could be coming from a device in the private network.

As we could already point it out, we don’t trust the users so all users are suspicious and all the traffic going inside or outside the network is analyzed by the system.

All devices in the private network are connected by VPN tunnels to the VPN server located in ARCHANGEL. To reach the VPN server, data must pass through one of the firewalls and be examined by an intelligent agent before reaching another device inside or outside the network.

7.    Application control: With its comprehensive dashboard, the security manager or anyone with authority to access the system can have an accurate view of how the system is reacting to any attempted attack or leak on the network and can react in real time: He has full visibility of the entire system and the network in general and all its parts.

o  He can decide what to do with data or packages blocked by the system,

o  He can immediately block the device that is contaminated,

o  He can implement the policies of the establishment.

8.    No lateral contamination: As each device in the private network is connected to the VPN server, there is no way for one device to be connected to another without going through the firewall and the intelligent agent controlling what enters the VPN server.

9.    VPN server is totally secure:

o  It is protected by 3 firewalls,

o  It has an IP Leak Protection,

o  It has Internet Kill Switch and,

o  It stores zero log.

10.  Automatic update of the firewalls:

When a new virus or malware is detected it is the mission of an Intelligent Agent to send its characteristics to Brain One who will analyze them and send to a second Intelligent Agent inside ARCHANGEL the instruction to update the 3 firewalls so they can stop such viruses in the future.

11.  Missions of the Intelligent Agents:

o  2 Intelligent Agents are assigned to the task of keeping the 3 firewalls and IDS/IPS always updated,

o  1 Intelligent agent is detecting what is suspicious in the packets and scan inside the packets to stop any encrypted data,

o  1 Intelligent Agent is detecting the hiding malwares or their executable function and all executable function that could be in a packet,

o  1 Intelligent Agent is detecting the packets to stop the leakage of data.

 

12.   ONLINE FILE SHARING

In addition to ARCHANGEL© Firewall of Next Generation, ARCHANGEL Integrate Protection System 2.0 includes SydeCloud©.

SydeCloud© is the Online File sharing and backup system of PT SYDECO.

SydeCloud© server is protected by ARCHANGEL Firewall and SST, the system of encryption of PT SYDECO that is no using any key.

Thanks to SydeCloud©, work can be remotely. You can access your data where you are and give access to who you want. A space of 2GB is allocated to each user. There is no third party that intervenes. All your data are secure and stay in your office or in the company.

Also, there is no charge when using SydeCloud©.


Patrick HOUYOUX

President-Director

PT SYDECO

Comments

Post a Comment

Popular posts from this blog

QUIZZ

The 3 first ones who will give the right answers to the 10 following questions will win a Personal Firewall ARCHANGEL© PICCOLO   1.       What is the relation between the 3 background photos that are on the profile page of Mr. Patrick HOUYOUX President-Director of PT SYDECO? 2.        How many devices does the Firewall of Next Generation ARCHANGEL© 2.0 series SA1470 protect and how many secure tunnels does it create? 3.       What is the price of a one-year licence that a user of ARCHANGEL© PICCOLO will have to pay to continue protecting his or her IT installations from the second year onwards? 4.       What are the three programs which are housed in a single server that enable PT SYDECO's Integrated Protection System, to protect data at all times? 5.       Can PICCOLO protect a Smartphone? 6.       When (D/M/Y) did PT SYDECO signed a MOU with the Faculty of Engineering of University Gadjah Mada Yogyakarta? 7.    What are the three main features that make SydeCloud©, PT SYDECO'
Post a Comment
Read more

A lesson in cyber safety

In an article published on 19 June 2023 in globalsecuritymag.fr/, Benoit Grunemwald, cybersecurity expert at ESET France, recounts the cyberattack suffered by REDDIT, an American social news aggregation, content rating, and discussion website, in February of the same year, and draws some lessons from it. This article follows the hackers' attempts, last repeated on 16 June, to obtain a ransom of 4.5 million dollars in order to delete the 80 GB of data stolen from the company, to which the company did not respond. The data was not encrypted, so the company did not lose it. However, the same cannot be said for its reputation.  Benoit Grunemwald explains that " It all started with a phishing email to harvest employee account data. All it takes is for a single employee to be trapped for cyber criminals to gain access to internal documents, software code, employee data , etc." He goes on to stress the " need to integrate in-depth security methods and resources, such as zer
Post a Comment
Read more

BOT attacks: a growing threat on the Internet

Bot attacks , the malicious and damaging use of automated computer programs known as bots (or BOTS), have become a growing concern and a pervasive reality in the modern digital landscape. BOTS, or software robots, are automated programs originally designed to perform tasks on the Internet without human intervention. Unfortunately, hackers have also managed to turn them into a hacking technique, created with malicious intent, to manipulate, defraud or disrupt a site, application, API or users, potentially causing enormous damage to businesses and users, compromising the security of systems and data. To carry out their BOTS attacks, the majority of hackers use software called botkits, which are freely available online and sold on the Dark Web. Vendors of this type of software also offer paid services to carry out BOT attacks, including software to power DDoS attacks. BOT attacks include, but are not limited to,  Email Spam , which is used to send spam emails containing malicious software
Post a Comment
Read more