AEGIS

The characteristics of Aegis Security System
IPS / WAF

AEGIS

AEGIS is also supplying to NATO`S designated vendor.

We started supplying NATO`S designated vendor after the tremendous electric failure in Turkey on March 31th 2015,
provoked by a massive cyber-attack over the country.

As Aegis is a cloud based security system.
You do not need to worry about buying a new hardware, setting up a program, operate a new system or renewing it.

  • Our strongest performance The strongest performance

    Supplier for NATO`S designated vendor. Our performance proves that we are at the front edge of cyber war.

  • No buying a new hardware No need of construction No operation Unnecessary and operate waste-replacement unnecessary work

    Don't worry about any extra work or cost, cloud service saves them all.

  • A system that grows by automatic learning The machine learningby cloud mechanism

    All attacks targeted to all our clients are automatically going to be shared. The cloud system learns and evolves every day.

The range of protection

Aegis is able to protect various attack pattern with a very low cost

Various firewall and software are offered on the web security market and each system has its own characteristic. The best web security solution would be to find, choose and make the best combination to raise your security level and help to protect your properties.

From our experience, our unique signature, Aegis is able to offer you the all-in-one security package.

  AEGISAEGIS FW WAF IPS
DoS × ×
Brute force attack × ×
SQLInjection ×
Cross site scripting ×
WEBScan attack × × ×
Rootkit attack ×
Other defense range
Cross site request forgeries Session hijack ×
Parameter tampering
(signature customize required for installation)
XMLInjection
Directory traversal OSCommand injection
HTTP header injection Force browsing
(Possible to detect scan trying force browsing, but basically it has to be dealt on the hardware side)
UI Redressing × List Based Attack
(It is possible to react on list based attack)
Aegis also protect attacks difficult for signature to stop
(ex: Detection of weakness scanner)
   
  • ・We will submit a monthly report
  • ・Vulnerability check Frequency: daily update and checking of signature
  • ・Response impact after installation: CPU occupation less than1%
  • ・Strong advisers from legal firm specialized on IT and intellectual asset ( won a case against Google in 2014)

How AEGIS works

Performance comparison from different type of security system.

  • SaaS type(Cloud type)

    Ex:AEGIS

    The best solution that resolved all problems of all competitors

  • Gateway type

    Creating a firewall by setting an appliance in front of your server.
    Ex:Check Point, Palo Alto Networks etc.

    You will first need to buy a hardware. It may cost extremely high both for initial and for running.

  • Host type

    Protection by installing the software directly on your server.
    Ex:Trend Micro etc.

    As the software works on its own CPU, resource is chronically used and risk to slow down by overloading in case of attack.

  • Proxy type

    Protection by filtering the access through another server
    Ex:Symantec WAF etc.

    Risk of communication shutdown in case if the filter server is down. The budget is difficult to estimate as communication fee is at a measured rate.

Example and usage from few network architectures

    • Simple architecture
    • Merit
      We have a fair and reasonable offer for companies that were passive to web security due to cost issue that major appliance system require. We will help you to protect your servers such as Web server, mail server etc., the very core information of your company from cyber threat.
      Problem
      There are more and more variation and new ingenious pattern of attack.
      Please also consider from our report, about your end point maintenance as well as restructuring your network for a better security.
    • Combination setting with appliance server
    • Merit
      Combination in fact is a very standard pattern for enterprise network security. A Parallel usage of our cloud type firewall and Aegis with IPS appliance and WAF will highly increase your web security level.
      Problem
      The issue is of course the cost for a "multilayer security".
      We would recommend if you already have a quite secure network to add Aegis on your most important servers because we, in most the cases been able to detect and stop attacks even with a multilayer security
    • Setting on a load balancer
    • Merit
      A case that is often seen on AWS cloud server.
      This will be a very good combination for clients looking ways for saving costs on server.
      Problem
      The service might temporarily not be able to work for the terminal servers while they are ON/OFF switching. The best solution is to set up Aegis to all terminal servers below the load balancer.

Mechanism figure of AEGIS

Attack log is created when a user makes a cyber attack.
*cyber attack usually occurs several times.

Logs are send in real time in encrypted code

The main system checks if the log is an attack or not.
*the log data is deleted after 5days

If detected as a malicious access,
the main system will give order to
the agent program to ban the access.

IP address and signature pattern of malicious access will be add on the IP table (black list) and will forever be excluded.

The agent will continue to stop the same malicious IP or the same signature pattern attack.

Information of a new malicious IP or
new signature pattern are going to be add on
the IP table and block rule. It means that the
information, on the other hand the
knowledge is share to all our
clients Aegis IPS/WAF continues to
evolve every second.

  • ①Access
    When it is accessed by the user / cyber attacker, and create a log. * Information leakage usually do not occur in a single attack.
  • ②Sending logs
    Send the log information in real time (by encrypted communication).
  • ③Checking logs
    Make one of judgment and judgment is an attack.
  • ④Block order
    And then notifies the agent blocking instructions to immediately if it was malicious access.
  • ⑤A new attacker will automatically be add on the IP table
    Add the IP address that managed a cyber attack on the IP table, also it prevents future attacks.
  • ⑥Blocking the attack
    Attack from the attacker’s IP address, we will continue the defense by attack signature pattern analysis.
  • ⑦Sharing the IP of attacker
    Attack from the new IP address, the new signature pattern attack, we will share immediately to contract the user all of the blocking rules.It is a system that continues to evolve.

© AEGIS Server Security