- TURCom Home >
- Solutions >
- General Solutions >
- Information Security
INFORMATION SECURITY SOLUTIONS
Given the threats directed to the information and access security such as hackers, cyber attacks and viruses, the protection of the corporate information and providing the confidentiality is very important for corporations.
Storing/archiving the information at correct mediums and administration of these are as important as the access security. Therefore, we find more suitable to also list e-mail/ file archiving solutions and the administration of archives and documents under the title "Security."
A security threat can cause loss of confidence in customers, business partners and shareholders, loss of strategic information, damage to the corporation. In order to be protected from such possible problem, it is very important to form an infrastructure with the information and access security.
TURCom also offers "TRCroot" security solutions with "Lower Possession Cost"
"TRCroot" is prepared for corporations who would like to establish their corporate network and communication systems on Linux’s enhanced application platform. It consists of package solutions that include installation and after sale support. These packages provide freedom, cost advantage and performance improvement to corporations by combining their software-and hardware-system needs under one umbrella. From Small and Medium-sized Enterprises to multinational companies, many corporations can take advantage of TRCroot solutions. TRCroot solution packages are based on Linux, which is also supported by worldwide Information Technology. TRCroot’s solution packages are ideal for corporations who would like to form their information technology systems with high performance and low cost.
TRCroot: Linux based integrated security solutions
TRCsip "log": Internet logging System
TRCtrust: Secure Access Managament
Security Solutions
- Network Security
FIREWALL - VPN
Unified Threat Management (UTM) is a comprehensive solution, has gained widespread currency as a primary network gateway defense solution for organizations. Firewall products are positioned not only to offer threat protection for network traffic but also for local work flow of network.
A virtual private network (VPN) is a network that uses primarily public telecommunication infrastructure, such as the Internet, to provide remote offices or traveling users access to a central organizational network. VPNs typically require remote users of the network to be authenticated, and often secure data with encryption technologies to prevent disclosure of private information to unauthorized parties. TURCom is is providing a wide product range using VPN technology and Unified network & security solutions.
SSL VPN
An SSL VPN (Secure Sockets Layer virtual private network) is a form of VPN that can be used with a standard Web browser. In contrast to the traditional Internet Protocol Security (IPsec) VPN, an SSL VPN does not require the installation of specialized client software on the end user's computer. For this reason it is also called as Clientless VPN.
An SSL VPN offers versatility, ease of use and granular control for a range of users on a variety of computers, accessing resources from many locations.
WEB / CONTENT FILTERING
Using "URL Filtering" companies control Web Security by blocking and allowing everything from an entire category type to a single URL. Companies control Web Security by blocking and allowing everything from an entire category type to a single URL. Filtering enables companies to set up custom policies for particular users and groups across customizable time ranges.
They are the open source solutions that meet the corporate needs and provide them with cost advantage. TURCom's TRCroot includes packaged solutions with installation and after sales support for corporations that want to establish their corporate network, communication and security systems on Linux's open sources platform. TRCroot "web filter" functions as a web content filter by monitoring the users' web access. This way, you can control the websites that users have access to. The corporate web traffic goes through the anti-virus scanning thanks to this filter system.
E-MAIL SECURITY
E-mail communication involves significant risks. Email carries essential messages for the everyday workings of your business. TRCroot "asg" that functions as the "Anti-Virus Anti-Spam Gateway" system amongst the TRCroot solutions, provides mail security against all virus, spam and attacks from the Internet by being positioned in front of the existing mail servers of the corporations.
Even if the corporate mail servers are disabled, the system continues to receive incoming mails, and once the mail server is "up" it scans all accumulated mails, and then sends them to the actual mail server for distribution. The Anti-virus and anti-spam protection mechanisms on the system automatically updates itself.
INTRUSION PREVENTION SYSTEM/ INTRUSION DETECTION SYSTEM
Today, firewall solutions alone may be insufficent as security needs of corporate information and access systems are continously changing each day. In this sense, intrusion prevention systems which are considered as extensions of intrusion detection systems need to get engaged as they both monitor network traffic and/or system activities for malicious activity.
In general, the IPS systems identify and prevent attacks in real time basis. To create a proactive system of the present structure of data and communications security, IPS technology needs to be used. IPS has two main categories as NIPS (Network based Intrusion Prevention System) and HIPS (Host based Intrusion Prevention Systems) which may also be positioned at two points.
In this sense, companies should position NIPS solutions on neceserry segments after reviewing HIPS and network topology on critical servers.
Our Solutions;
- Network-Based Intrusion Prevention Systems (mostly hardware solutions)
- Real Time Intrusion Prevention without loss of performance.
- Denial of Service Attack
- Protocol Anomaly Detection
- Scan SSL-encrypted traffic for attack
- Prevent spyware from installing or communicating over SSL.
- Host-Based Intrusion Prevention Systems (mostly hardware solutions)
- Data Loss Prevention on real time basis
- Preventing Buffer Overrun Attacks
- Preventing Local Attacks
- Preventing Hacker Attacks
- Protecting critical resources such as Registry keys or web pages
NETWORK ACCESS CONTROL (NAC)
LOAD BALANCER
Internet sites with high traffic requirements such as online ticket sales, e-commerce, financial transactions, reservation, are expected to deliver consistently excellent service levels despite increasing traffic loads.
Therefore undesirable situations such as breakdowns on running servers should be eliminated. To avoid such unwanted surprises, load balancer should be positions in front of the applications.
TURCom Technology has vast experience in providing solutions for accelerating implementation and balancing the load on the servers for this type of web structures that cannot tolerate breakdown. Load balancer is a computer networking methodology to distribute workload across other servers to achieve optimal resource utilization, maximize throughput, minimize response time, and avoid overload. In the event of server failure, the Load Balancer facilitates automatic failover to ensure continuous availability.
PKI (PUBLIC KEY INFRASTRUCTURE ) AND SMART TOKEN
In parallel to development of e-commerce and increasing high value financial transactions over the Internet, the business networks needed to be safer.
Consequently, for networks that e-commerce has continued on, digital identities become important for security purposes such as the verification and approval. As in any trade /commercial transactions, there will always be access to information and for this access, it is essential to gain official status after the control of the identity.
For example, to log-in systems, to access from an outside network to another system, mobile users access to a centralized system with SSL or IPSec VPNs or secure access to intranet are essential for the continuation of business processes. Authentication is required during those accesses.
At this point, it is possible to ensure the safest integrity and confidentiality of information by electronic certificate created to users through PKI / Public Key Engine.
To create a unique identity, customized electronic identification tools called "Smart Token" is used. Tokens can produce a one-time password, store or may offer a special response to a message sent by the server.
The best examples to "Smart Token"s are password generating keys; watches etc. that banks give to their depositors.
Yet, today many banks are using the mobile phones as "smart token" and make identification with the instant passwords that they sent to their phones. Naturally, to establish such a security infrastructure, a study should be executed for "identity management"
SYSTEM SECURITY
- Endpoint Protection
DATA SECURITY
- Data Loss Prevention (DLP)
- Encryption
- E-mail Archiving
- Identity Management
- Database Security
- Log Management / correlation
- Bandwith Management
- WAN Optimization
- Penetration tests
- Authentication