Data and network security solutions

Data and network security solutions

Integrated IT Security solutions

One of the biggest problems in the protection and security of computer networks and data is insufficient investment by companies and institutions into serious safeguards and their firm belief that the hacker attacks will not happen to them. Statistics show that the majority of intrusions in information systems causing significant financial losses to the company and to restore system operation requires additional investments and limited time. On the other hand, labor mobility and centralization of applications and resources, then cloud computing and M2M technology expansion caused the creation most major security challenges. TeleGroup Security solutions provide users with the last generation that can respond to these challenges.

TeleGroup has extensive security experience obtained by implementing and maintaining Security solutions for most important companies and institutions in the region such as Telekom Srpska, Directorate for indirect Taxation, Ministry of Internal Affairs of Republic of Srpska, Clinical Centre, University Apeiron, Slobomir University, Statistical Office of Republic of Srpska, HET, Government of Brčko district, Volks Bank, Komercijalna Bank, Nova Bank, Balkan Investment Bank, Pavlović Bank, Bobar Bank and others.

In this area TeleGroup work with the most important international vendors such as CiscoCheckPointIBM, Mils electronicJuniperIron PortBlueCoatTrendMicroGemalto and others.

 

PORTFOLIO OF SOLUTIONS

  • Firewall
  • IPS/IDS systems
  • Content Monitoring/Filtering
  • Antivirus on hosts, mail box on the GW level
  • Antispam protection
  • Endpoint Security
  • WAF
  • SSL VPN
  • Top secure encryption solutions
  • Data Leakage Prevention
  • Encryption/PKI/Digital Certificates
  • Identity & Access Management (NAC)
  • Patch Management
  • Penetration Testing/Risk & Vulnerability Assessment
  • Log and Event Management Platform
  • Database Security
  • IT Forensics

 

Following is an overview of selected solutions for all categories of business users.

CheckPoint Firewall Solutions

This solution is used to implement high availability infrastructure of the Internet Gateway at the output of corporate and service networks. Implementing CheckPoint hardware firewall devices, provides a high level of protection for network resources. Other advantages of this system are reflected in the high availability cluster system realization and application of advanced brand-name firewall technology. The system enables the creation of clear and transparent policies related to firewall rules, VPN policies, and the creation of a large number of predefined groups of elements, such as networks, individual hosts and services, etc.

The system is controlled from a single console, which is either part of the hardware of the system or a third party hardware with dedicated operating system management, policy creation and collection of logs from the system that is managed by this unit.

Intrusion Prevention Sistem IBM ISS

Intrusion Prevention is a security system that can continuously monitor and block unauthorized traffic types and thus protect resources of interest. In addition tthe system has to provide the ability to generate reports on all activities which are defined as activities of interest from the point of blocking or generating reports. In other words, it is a system that provides preventive care, identification of potential threats and takes all actions to ensure the protection of resources prior to or at the time of the attack.

Implementation of the IPS system begins with a detailed analysis of the network environment and user data streams to detect segments of greatest interest to protect. The figure below shows the conceptual architecture of the corporate environment.

By implementing Intrusion Prevention Sistema you stop:

  • Unauthorized access to resources within a computer network
  • The attacks generated outside the network in order to access resources on the network
  • Attempts to undermine the integrity, confidentiality and availability of data of interest
  • Attacks that aim to make the system unbootable
  • Attacks aimed at disabling system
  • ....

Top secure encryption solutions

TeleGroup is a technological partner of the Austrian Company Mils electronic, which is one of the world's leaders in developing professional solutions for protection and encryption of communication systems, with over 60 years  of experience. The company is specialized in the development of hardware and software tailored precisely to the needs of Governmental institutions and state security authorities, which require the highest level of security in everyday business. Mils electronic’s security approach is unique, as it allows the end-users to create and implement their own encryption algorithms, as well as to the generated ciphers at any moment in time, which for customers means absolute independence from the manufacturer.

TECHNOLOGY

Customized Algorithms – After Delivery Modification

Kreiranje i implementacija vlastitih algoritamaMils offers an encryption method at hand for your everyday communication: Mils proprietary Block Cipher Algorithm. The Mils Block Cipher (MBC) is a state-of-the-art algorithm developed by Mils mathematicians. It reflects the latest developments in the crypto field. In its development, Mils combined the best security features from all five finalists of the Advanced Encryption Standard (AES) competition with the experience of their own crypto-experts. What are the core features of an algorithm of governmental protection level? A complex structure for increased security, the possibility to analyse the algorithm before trusting it, and the ability to personalize the algorithm to get unique national – authorial algorithms. Mils is specialized in providing tailored solutions to every customer individually. Thus, if you want to run your personal "Secure Communication System" you will go for Mils. Customization programs allow you to develop and implement your own algorithms into our Mils solutions.


One Time Pad encryption


One Time Pad

Top secret information needs reliable long-term protection, provided by an encryption method that can withstand not only the technological capacities of today, but also the possibilities of tomorrow’s developments. There is only one encryption method that is truly unbreakable without any time limit and it’s based on randomness:
One Time Pad encryption is a very simple, yet completely unbreakable cipher method. When this encryption method is used, the random key stream does not originate from an algorithm or mathematical formula. Instead, it is obtained from a true random noise source and cannot be reproduced. During the generation of the key stream, its randomness is constantly monitored using stringent statistical methods.
This random key stream is then used for encryption, whereby each character of the plain text is mixed with one character of the random key stream. This results in a truly random cipher text that cannot be decrypted by any power in the world. The ciphered text is then sent to the recipient of the message who reverses the process by using the same random (pre-shared) key stream.
Once the One Time Key stream has been used for encryption or decryption, it is immediately destroyed. This guarantees that the same key cannot be reapplied by mistake.

Security Tokens


Tokeni

A product of highest security level must guarantee that its sensitive elements are 100% tamper proof. As a result, these components must be isolated from the vulnerable environment of the personal computer and moved into a protected area. We have achieved this, by designing a specific hardware security device. It comprises all the sensitive system components.
Thus, you’ll have a personal device that perfectly protects your keys, all encryption processes and at the same time guarantees strong user authentication. The security tokens make sure that only dedicated users with their personal hardware module can decrypt information that is addressed to them. A USB 2.0 interface makes it flexible in its use. Plus, we focus on a handy, compact and rugged design so the security token is easy to take with you everywhere, even into harsh environments that may require military performance standards.

Products

  • OneQube for MilsOne
  • MilsCard for MilsMessage, MilsCourier, MilsVPN NG

End-to-End Security SolutionS

Mils specializes in developing and secure communication solutions and network security products. Based on personal computer platforms, all products support the latest telecommunication services and provide the highest possible security level.


Unified Communication with MilsOne

MilsOne rešenjeMilsOne is the most secure unified communication and collaboration solution for governmental organizations worldwide. It is unprecedented in governmental communication thanks to its flexibility of communication coupled with complete protection. You can use any communication mode you like, in one application, swiftly shift from voice to chat, email or file transfer, and all at a top-secret security level. Components of the platform are: MilsOne Client, MilsOne Server, OneQube (hardware security module). 

Security features

• Security Token
• Encryption
• Authentication
• After Delivery Modification
• Cipher Check
• Assigned Roles and Responsibilities for each user
• Security Classifications
• Information Access Control
• Information Handling Instructions
• Audit Trail
• Time Stamp

Secure Messaging

Mils secure messaging products guarantee the end-to-end confidentiality and authenticity of your sensitive information. This security is applied for the entire lifespan of each message, no matter whether it is transmitted, stored on the PC, or archived to an external medium. Components are: MilsMessage Client, MilsAdministrator (Windows application) and on demand MilsMachine – (rugged mobile communication terminal).

Security features

  • Security Token
  • Encryption
  • Authentication
  • After Delivery Modification
  • Cipher Check

Secure File Exchange

Bezbedno slanje podatakaUtmost connectivity and straightforward use are the main characteristics of Mils’ secure file exchange solution. It focuses on the encryption of files and folders and on the forwarding of the same via various transmission possibilities.

Security features

• Security Token
• Encryption
• Authentication
• After Delivery Modification
• Cipher Check

Components

• MilsCourier – adds data security to the Windows Explorer. It allows the encryption of files and folders on local or remote storage media.
• MilsAdministrator – Windows app.

Site-to-Site Security

VPN (Virtual Private Networks)

VPNMils VPN technology delivers uncompromising protection for your network communication. VPN products ensure that all aspects relevant to security are addressed consistently at all times – from perimeter defence, through secure and highly available links with subsidiaries, to protection against hazardous content.

Security features
• Security token
• Encryption
• Authentication
• After Delivery Modification
• Cipher Check

Components

  • MilsGate NG appliances 
  • MilsAgent apps
  • MilsManagementCenter platform
  • MilsAdministrator - Windows app

Juniper SSL VPN solution

Implementation of the hardware system for SSL VPN includes the implementation of infrastructure for "Clientless" access to corporate resources by employees who are on the move, partners and administrators. This system provides easy access to corporate resources without compromising security breaches and data contained in the corporate network.  Vulnerability Assessment

  • Log and Event Management Platform
  • Database Security
  • IT Forensics

Cisco Network Admission Control

Cisco Network Admission 

Cisco Network Admission Control (NAC) is a solution for the security of computer networks which defines and implements policy access to network resources. NAC status is defined in terms of the workstation operating system (OS), OS updates, anti-X software, required updates of definitions for anti-x protection, and unwanted processes.. Possible integration of automatic repair / upgrade the workstation to meet the defined access policies.

In this way access to network resources is provided only for devices that meet all the settings set by the administrator. 

Cisco NAC solution is comprised of: 

  • NAC Manager – NAC server management, controlling switches
  • NAC Server – point of control and the application of rules of conduct
  • Switch – point application of the rules of conduct, port handling
  • NAC Agent (opcional)  – client to check the status of workstation
  • NAC Guest Server (opcional) – the ability to define access rules for guest devices
  • NAC Profiler (opcional) – the ability to detect, locate and determine the type of device in the network

Cisco (Iron Port) E-Mail i Web Security solutions 

Using technologies such as reputation systems and unique proxy design, IronPort has developed specific e-mail and Web security solutions, which when combined with a system for Correlation and reputation provide high performance and protection mechanisms suited for use in businesses and organizations of all sizes.

E-MAIL SECURITY SOLUTIONS

By implementing Cisco IronPort solutions a multi-layered security system for e-mail traffic is achieved.

 

 

 

 

 

We would like to point out to the following security mechanisms:

  • Reputation filtering 
    Technique developed by IronPort® capable of stopping up to 80% of e-mail traffic on the network level
  • Antispam
    Latest threat detection mechanism that allows the analysis of complete contents of the message, and in combination with Reputation Filtering option protects users from spam messages directly
  • Automatic, timely and Secure Rule Updates
    Eliminates the need for constant manual adjustment and maintenance of rules for detecting the occurrence of constant threats
  • E-mail Security Monitor
    Provides real-time insight into all of the active recipients and senders through automated alerts to the presence of suspicious traffic
  • Mail Flow Central
    Provides insight into the current status of any message passing through the network infrastructure

 

 

WEB SECURITY SOLUTIONS

Cisco IronPort Web Reputation technology is used to control access to employee Internet content according to defined rules. DVS (Dynamic Vectoring & Streaming) technology controls the applications that the user activates, controls and blocks external applications, analyzes and blocks web objects that take over if they are on the undesirable or prohibited list within the corporate standards. 

In addition, a status check is performed on the fourth port TCP / IP layer for detection and prevention of environmental spyware activity. IronPort Web Reputation Filters analyze URL based on multiple parameters and asses reliability. Traffic is managed and controlled on the basis of defined values and specific functionalities such as SSL, HTTPS inspection, etc. are activated.

TrendMicro Security Solutions

TrendMicro is one of the leading manufacturers of security solutions with new and patented technologies in the field of corporate anti-virus solutions. TeleGroup as a regional exclusive partner of the manufacturer delivers the solution that provides centralized management, upgrades, antivirus definitions delivery and centralized reporting. 

  • Cambium Networks
  • Arris
  • polycom
  • motorola
  • cisco
  • Mitel
  • microsoft
  • ibm
  • check point
  • Blue Coat
  • nice
  • Noja Power
  • r and m