Reducing The

“NETWORK SECURITY FOG”

PRACTICAL GEO-IP FILTERING

Francesco Trama, CEO and Co-Founder

MY FIREWALL CAN DO THIS!

True: Todays Firewalls have some form of Geo-IP blocking. Some can turn off a country.

False: They are not capable of reaching PacketViper per-port bi-directional country or multi-national company filtering, IP Detail, actionable logging, net-check, triggering, and alerting.

A PROXY CONNECTION CAN DEFEAT GEO-IP

True: No network security device can effectively manage a proxy connection.

Also True: With PacketViper inline, proxy connections can be combatted more effectively, because the attacker has less options to proxy through. Geo-IP filter limits their movements and funnels into well lighted security areas.

WE ARE A GLOBAL COMPANY, AND CAN’T BLOCK A COUNTRY

FIREWALL

WEB

SMTP

SSH

FTP

VPN

TELNET

POP

Country 1

Country 2

Country 3

Country 4

TRUE: TURNING A COUNTRY OFF CAN CAUSE MORE PROBLEMS WITH REGULAR FIREWALLS

FIREWALL

WEB

SMTP

SSH

FTP

VPN

TELNET

POP

Country 1

Country 2

Country 3

Country 4

TRUE: MAY PREVENT LEGITIMATE COMPANIES

NOW PACKETVIPER

FIREWALL

WEB

SMTP

SSH

FTP

VPN

Out

POP

Per-Port Geo IP Filter

Country 1

ALSO TRUE: PACKETVIPER CAN FILTER THE COUNTRY, PORT, AND COMPANY

Country Blocked

Companies Allowed

DIFFERENCE IN GEO-IP BLOCKING vs. FILTERING

Filtering: An ability to restrict countries and their businesses to specific areas on your network, while disallowing them to other areas.

Block: To Turn the country on and off (What Everyone Else Does)

BEFORE PACKETVIPER

FIREWALL

WEB

SMTP

SSH

Listeners/Services

FTP

VPN

TELNET

POP

World

AFTER PACKETVIPER

FIREWALL

WEB

SMTP

SSH

FTP

VPN

TELNET

POP

Country 1

Country 2

Country 3

Country 4

Per-Port Geo IP Filter

PACKETVIPER FILTERED

PACKETVIPER FILTERED

FIREWALL

WEB

SMTP

SSH

FTP

VPN

TELNET

POP

Per-Port Geo IP Filter

WHAT ELSE DOES PACKETVIPER DO?

8.8.8.8

Enter any IP into our NetCheckTo get instantaneous and actionable IP details.

Actionable real timeLogs. Click any log entry and see the complete IP details, filter countries, subnets, and IP instantly.

Actionable graphs, which can be clicked through to our actionable reports filter. From the reports filter any log entry can be selected to filter and gain more insight.

Actionable connection manager to quickly view and filter IP’s, networks, and countries.

Quick country filtering, by selecting any country on a map, then choosing which ports to allow or deny..

Alert and Triggering which can be based on country, protocol, ports, company, or a group of countries. Triggers set to email, auto block, slow, or log violating events.

Global Network Lists is a collection of multi national companies and high risk areas around the world.

WHAT’S THE FOG OF NETWORK SECURITY?

Excessive event logging which hampers, and jades effective security analysis on a daily, weekly, monthly basis

HOW WE IMPROVE

Reduce Gateway Chaos By Only Allowing What Is Necessary

PLACE BORDERS ON YOUR EXPOSURES

We reduce the traffic entering each network exposure

LIMIT ATTACKER MOVEMENT

Forcing attackers through kill holes/choke points. These areas are Scrutinized with higher IDS.

HOW IS PACKETVIPER IMPLENTED?

Internet FWGateway

INLINE

LESSEN THE CHAOS, RESULTS INLess InspectionLess False Positive'sLess LoggingLess Log JadingBetter Threat DetectionBetter Security

Happier Security Teams

Thank You

PACKETVIPER: NETWORK SECURITY STARTS WITH US!

Visit Our Demo At http://pvdemo.packetviper.com:47880

Login: pvguest Password: packetviper