CyberSecurity

Plexeon designs and implements a cyber-architecture solution for your company. We then continually monitor your organization’s infrastructure to identify and remediate security vulnerabilities and ensure that unwanted intruders cannot gain access to sensitive information. Briefly, our multi-layered approach includes:

• Domain, Group Policy, and Active Directory Lockdown
• Antivirus, Anti-Malware, and Anti-Ransomware Protection
• Firewall Protection
• Network Filtering
• Encryption
• Email Filtering
• Logging and Audits
• Awareness Training for User Community

Firewalls and Antivirus

We make sure your firewall and antivirus software are properly installed and correctly configured to give you the maximum protection. Up-to-date signature files give the best protection against many viruses that are constantly evolving. And in the event of infection, we take immediate steps to clean your system and get it back up to maximum efficiency.

Cloud-based, enterprise-grade protection for your business devices and email

A growing number of businesses are being victimized by cybercriminals’ data theft schemes that use spam, malware, phishing, and advanced targeted attacks — custom-built to bypass a traditional antivirus.

Plexeon has partnered with a number of Cyber Partners including Cisco, StealthBits, Trend Micro and others, and has implemented cloud-based security specifically designed to protect all of your devices with device and email protection. To save you time and resources, it is hosted and maintained by Trend Micro and combines Trend Micro Worry-Free Services to protect your devices; Trend Micro Hosted Email Security to protect your on-premises email; and Trend Micro Cloud App Security to protect your email, OneDrive, Sharepoint, and collaboration tools such as Google Drive, Dropbox, and Box.

Firewalls

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. A firewall can be hardware, software, or both.

Next-generation firewall (NGFW)

Firewalls have evolved beyond simple packet filtering and stateful inspection. Most companies are deploying next-generation firewalls to block modern threats such as advanced malware and application-layer attacks.

Next-Generation (NG) firewalls must include:

• Standard firewall capabilities like stateful inspection
• Integrated intrusion prevention
• Application awareness and control to see and block risky apps
• Upgrade paths to include future information feeds
• Techniques to address evolving security threats

While these capabilities are increasingly becoming the standard for most companies, NGFWs can do more. These firewalls include all the capabilities of a traditional NGFW and also provide advanced threat detection and remediation. With a threat-focused NGFW, you can:

• Know which assets are most at risk with complete context awareness
• Quickly react to attacks with intelligent security automation that sets policies and hardens your defenses dynamically
• Better detect evasive or suspicious activity with network and endpoint event correlation
• Greatly decrease the time from detection to clean up with retrospective security that continuously monitors for suspicious activity and behavior even after initial inspection
• Ease administration and reduce complexity with unified policies that protect across the entire attack continuum

Why Firewalls and Antivirus Alone Are Not Enough

Plexeon has partnered with Cisco to implement Cisco’s Umbrella Network Security service.  Network (firewall) and endpoint (antivirus) defenses react to malicious communications and code after attacks have launched. Cisco Umbrella observes internet infrastructure before attacks are launched and can prevent malicious internet connections. Learning all the steps of an attack is key to understanding how Umbrella can bolster your existing defenses.

Umbrella is a cloud-security platform that provides the first line of defense against threats on the internet wherever users go and enables us to efficiently protect and manage your organization.

First line of defense

As a secure internet gateway, Umbrella provides the first line of defense against threats on the internet. Umbrella blocks threats before they ever reach your network or endpoints. As a cloud-delivered platform, Umbrella delivers live threat intelligence about current and emerging threats.

By analyzing and learning from internet activity patterns, Umbrella automatically uncovers attacker infrastructure staged for attacks and proactively blocks requests to malicious destinations before a connection is even established — without adding any latency for users.

With Umbrella, you can stop phishing and malware infections earlier, identify already infected devices faster, and prevent data exfiltration.

First line of defense

As a secure internet gateway, Umbrella provides the first line of defense against threats on the internet. Umbrella blocks threats before they ever reach your network or endpoints. As a cloud-delivered platform, Umbrella delivers live threat intelligence about current and emerging threats.

By analyzing and learning from internet activity patterns, Umbrella automatically uncovers attacker infrastructure staged for attacks and proactively blocks requests to malicious destinations before a connection is even established — without adding any latency for users.

With Umbrella, you can stop phishing and malware infections earlier, identify already infected devices faster, and prevent data exfiltration.

Your challenge: Existing defenses cannot block all attacks

Firewalls and antivirus stop many attacks during several steps of the “kill chain,” but the velocity and volume of new attack tools and techniques enable some to go undetected for minutes or even months.

• Firewalls know whether the IP of a network connection matches a blacklist or reputation feed. Yet providers must wait until an attack is launched before collecting and analyzing a copy of the traffic. Then, the provider will gain intelligence of the infrastructure used.
• Antivirus solutions know whether the hash of the payload matches a signature database or heuristic. Yet providers must wait until a system is exploited before collecting and analyzing a sample of the code. Then, the provider will gain intelligence about the payload used.

Our solution: Stop 50 to 98 percent more attacks than firewalls and antivirus alone by pointing your internet traffic to Umbrella.

Cisco’s Umbrella does not wait until after attacks launch, malware installs, or infected systems callback to learn how to defend against attacks. By analyzing a cross-section of the world’s internet activity, we continuously observe new relationships forming between domain names, IP addresses, and autonomous system numbers (ASNs). This visibility enables us to discover, and often predict, where attacks are staged and will emerge before they even launch.

Domain Lockdown

Microsoft Domain Group Policy (GPO) Lockdown

With Microsoft Domain groups, you can lockdown computers in order to better secure your IT infrastructure. This lockdown helps ward off malware that breaches systems and open you up to undesirable vulnerabilities. With this method, a delivery mechanism is installed on software, and hotfixes are applied to computers with existing issues.

Active Directory and Group Policy Lockdown

Active Directory groups are the primary way in which user access is managed in most organizations. Users requiring similar access to information are grouped together and provisioned with the access they need via permissions set at the group level. Generally, these groups are defined by the line of business to which the users of the group belong.

The Problem with governing AF Group membership

Despite groups being defined by the line of business, it is left up to IT to manage group membership across entire organizations. Often times, IT receives no insight from the business to determine whether group membership is up to date and correctly configured. Over time, this disconnect exacerbates the problem of users acquiring and retaining inappropriate access and presents security risks as users continue to have access to information that they should no longer be entitled to.

StealthBits’ AD Group Governance Solution

The solution to the problem of erroneous group membership is rooted in bridging the gap between IT and the line of business. With the Access Information Center (AIC), organizations are empowered to let the line of business manage their own groups with IT’s oversight. Three main workflows exist to help organizations govern group membership:

• Group Ownership Assignment
• Self-Service Requests
• Group Membership Reviews
• Ad-Hoc Changes

StealthBits (for Active Directory and Windows File systems)

• Auditing and Reporting
• Remediation and Governance
• Threat and Vulnerability Detection
• Data Classification
• File Activity Monitoring
• Directory Security Compliance and Vulnerability Assessment
• Clean Up
• Change and Access Auditing
• Privileged Account Monitoring
• Attack Detection
• Compliance Fulfillment
• Threat Detection
• Rollback and Recovery
• Real-Time Alerting

Email Filtering

Make your business a much harder target

Advanced Email Security blocks 99 percent of unwanted mail and malware, keeping your inbox clean and your network safe. Our next generation threat detection technology relies on a big data security platform and expert human analysis to identify threats and evolve our defenses in real time, keeping our customers safe from phishing attacks, Business Email Compromise (BEC) attempts, conversation hijacking, brand forgery attacks, and other potentially harmful forms of social engineering.

After a simple change of email MX records, SecureTide (SaaS) acts as a filter between the Internet and our customer’s email servers (on-site or in the Cloud). Email messages are routed through the SecureTide servers to ensure that customers receive only the legitimate email that they want rather than the spam and malware that cyber criminals attempt to disseminate.