WHAT IS ARCHANGEL 2.0 NGFW AND HOW IT IS WORKING
Our approach of the security is totally different from what does exist on the market. We put ourselves in the shoes of the hacker to know how he is proceeding to deploy a malware or virus in a system or to Exfiltrate its data.
THE PRINCIPLES
The fundamental principles on which our defence system is based are ZERO TRUST and MICRO-SEGMENTATION, as well as the rule that nothing can enter the private network without system authorisation.
- ZERO TRUST because we do not trust users at any level. Isn't the human factor the weakest part of a security system?
The system is therefore designed to give the best security even if the network is potentially subject to human error.
- MICRO SEGMENTATION in order to limit the devastating effects that an attack could have by circumscribing it to a single sector which is possible because each device is connected separately to the ARCHANGEL VPN server: Each sector of the network is isolated from each other.
- THE INTERDICTION RULE is exercised by the existence of a succession of filters whose aim is to stop what is likely to harm the different components of the private network.
ITS FEATURES:
- 3 Firewalls among which one has a different function,
- 1 Honey pot with 10.000 sockets,
- 1 Router,
- IDS (Intrusion Detection System) and IPS (Infection Prevention System) in the router,
- 2 Switches,
- 1 DPI (Deep Inspection Packet) in each firewall,
- DPI outside the firewalls
- 5 Intelligent agents,
- 1 VPN Server which is totally secure and protected by 3 firewalls,
- VPN Tunnels connecting each device of the network,
- 2 Circuits, IN and OUT,
- All Passwords are protected by SST©, Post quantum system of encryption that is the best protection against brute force attack,
- A comprehensive dashboard that gives the security guard an overview of the network, its various components and allows him to check the functioning of the defense system and take immediate action if necessary.
WHAT DOES IT DO?
1. DDoS is stopped by the IDS
2. Blocking Malware: It is impossible to block all the malwares before it enters the network because most of them are new and unknown or hidden.
However in ARCHANGEL, because the rule is to stop what is suspicious, our system blocks:
- What is still encrypted after going through SSL Protocol,
- What is hidden by obfuscation,
- What contains an executable function (that allows a malware or virus to deploy in the network),
- Packets that are not signed or with encrypted signature.
3. Stopping Data Leaks: There is a way to try avoiding leakage of data using AI based on the behavior of the users.
But we have preferred to give the function to stop any attempt of leaking data to one of our Intelligent Agent whose only function is to scan the packet and block what is not allowed to go out. We know how hackers are doing to Exfiltrate data so when the Intelligent Agent finds that such way is used he will block the packet and the security officer will be able to act knowing the device that is used to send the packet and its destination.
4. Content Policy Enforcement: Because we make the system, we can adapt the function of our Intelligent Agents to the needs of the establishment.
5. Intrusion prevention: The rules of the Intrusion Prevention of ARCHANGEL are permanently updated to fight against new threats.
6. Advanced malware detection: In the system of ARCHANGEL, we do not need to analyze the types of intrusion because the system blocks everything that is suspicious coming from the outside world and anything that is suspicious that could be coming from a device in the private network.
As we could already point it out, we don’t trust the users so all users are suspicious and all the traffic going inside or outside the network is analyzed by the system.
All devices in the private network are connected by VPN tunnels to the VPN server located in ARCHANGEL. To reach the VPN server, data must pass through one of the firewalls and be examined by an intelligent agent before reaching another device inside or outside the network.
7. Application control: With its comprehensive dashboard, the security manager or anyone with authority to access the system can have an accurate view of how the system is reacting to any attempted attack or leak on the network and can react in real time: He has full visibility of the entire system and the network in general and all its parts.
o He can decide what to do with data or packages blocked by the system,
o He can immediately block the device that is contaminated,
o He can implement the policies of the establishment.
8. No lateral contamination: As each device in the private network is connected to the VPN server, there is no way for one device to be connected to another without going through the firewall and the intelligent agent controlling what enters the VPN server.
9. VPN server is totally secure:
o It is protected by 3 firewalls,
o It has an IP Leak Protection,
o It has Internet Kill Switch and,
o It stores zero log.
10. Automatic update of the firewalls:
When a new virus or malware is detected it is the mission of an Intelligent Agent to send its characteristics to Brain One who will analyze them and send to a second Intelligent Agent inside ARCHANGEL the instruction to update the 3 firewalls so they can stop such viruses in the future.
11. Missions of the Intelligent Agents:
o 2 Intelligent Agents are assigned to the task of keeping the 3 firewalls and IDS/IPS always updated,
o 1 Intelligent agent is detecting what is suspicious in the packets and scan inside the packets to stop any encrypted data,
o 1 Intelligent Agent is detecting the hiding malwares or their executable function and all executable function that could be in a packet,
o 1 Intelligent Agent is detecting the packets to stop the leakage of data.
12. ONLINE FILE SHARING
In addition to ARCHANGEL© Firewall of Next Generation, ARCHANGEL Integrate Protection System 2.0 includes SydeCloud©.
SydeCloud© is the Online File sharing and backup system of PT SYDECO.
SydeCloud© server is protected by ARCHANGEL Firewall and SST, the system of encryption of PT SYDECO that is no using any key.
Thanks to SydeCloud©, work can be remotely. You can access your data where you are and give access to who you want. A space of 2GB is allocated to each user. There is no third party that intervenes. All your data are secure and stay in your office or in the company.
Also, there is no charge when using SydeCloud©.
Patrick HOUYOUX
President-Director
PT SYDECO
Comments
Post a Comment