Botnet interception: Botnet interception is an early warning mechanism that detects attacks. Blacklists identifying command-and-control (C&C) servers are generated in real time. This allows to detect botnets existing within the customer's infrastructure and thus counter advanced persistent threats.
noris network backbone: By supporting up to 4 Tbps of bandwidth, the backbone eliminates the risk of overloading the network. Not even in the event of massive DDoS attacks.
Security check: The security check evaluates the components of the customer systems internally and externally for the presence of weak points. Detailed reports provide recommendations on how such vulnerabilities can be removed proactively.
DDoS protection: The comprehensive DDoS protection mechanisms deployed by noris network allow to mitigate DDoS attacks to customer systems and thus ensure that these systems remain available even while subjected to a massive attack.
WAF: Web applications can be provided with double protection by setting up a web application firewall (in addition to a traditional firewall) to successfully ward off attacks such as cross-site scripting or SQL injection.
Next-generation firewalls: Next-generation firewalls are firewall mechanisms which not only serve as packet filters and open or close ports, but also filter the traffic on the application layer and support an effective DLP (Data Leakage Prevention).
SSL VPN: SSL VPNs allow to provide secure access to the systems operating in noris network's data centers and can optionally be combined with multi-factor authentication.
Shell Control Box: The Balabit Shell Control Box acts like a flight recorder and is used to guarantee the exact logging and tracking of all access to the systems. This ensures that no anonymous users can make changes to a system. Access to the data stored in the Shell Control Box is exclusively granted in accordance with the four eyes principle. This makes it easily possible to also audit administrators and thereby protect them against internal attacks.
ELK (Splunk): The Elastic Stack (ELK Stack) is an open-source product consisting of Elastic Search, Logstash, and Kibana. It supports comprehensive and powerful search functions, correlation of log data, graphical evaluations, and real-time monitoring. This allows to identify attacks across system boundaries. Splunk is the all-in-one enterprise alternative to Elastic Stack.
SIEM: Security Information and Event Management (SIEM) is the central approach to collect, evaluate and report security-related information and provides compliance reports about all security events. Warnings enable prompt reactions to security incidents. SIEM also offers the management of security-relevant data and analyses. This makes it possible to search for events in the past to support IT forensic investigations.
Service management according to ITIL®: noris network's service managers serve our customers and their systems in a holistic manner and always keep an eye on all service processes. This creates full cost and performance transparency.
noris network's high-security data centers: The high-security data centers operated by noris network offer protection against all elementary threats that might jeopardize the availability, confidentiality, or integrity of the systems located therein.
Endpoint Security: SentinelOne detects threats by analyzing user behavior using Dynamic Behavior Tracking (DBT). DBT uses sophisticated algorithms to detect suspicious processes and malicious patterns. These patterns are then compared with normal user behaviour. This enables rapid detection of dangerous behaviors and real-time protection of clients against threats.
FIREMON: The FireMon platform enables continuous analysis, visualization and improvement of an existing network security infrastructure and firewall management. At the same time, it offers complete control and a comprehensive overview of firewall infrastructure, security policies and possible IT risks.