In a recent interview, Ariana Lynn, Principal Analyst at The Fast Mode spoke to Kurt Xavier Schumacher, Product Manager for AIONCLOUD at MONITORAPP on the impact of traffic visibility on modern IP networks and cybersecurity. Kurt joins us in a series of discussions with leading networking, analytics and cybersecurity companies, exploring how advanced analytics power various network functions amidst the rapid growth in traffic and applications, especially cloud-based network security and secure remote access.
Ariana: How does MONITORAPP meet the cybersecurity needs of today's enterprises?
Kurt: MONITORAPP has been at the forefront of Web Application Firewall (WAF) and Secure Web Gateway (SWG) technologies for almost twenty years, and it is one of the most trusted names for enterprise and government cybersecurity in Asia. We offer a wide variety of highly capable WAF and SWG appliances that work in cooperation with our world-class Threat Intelligence Platform, AILabs, to protect against known vulnerabilities and zero-day exploits.
However, enterprise networks are transitioning off-premise and utilizing cloud technologies more than ever, and this trend is only set to continue. Therefore, MONITORAPP took its decades of WAF and SWG expertise and made its security solutions available as a cloud-based security service, AIONCLOUD. By creating a global edge network that can connect users and resources to the closest and most responsive edge locations, AIONCLOUD delivers a Website Protection suite and a Secure Internet & Remote Access suite with almost zero latency, high availability, and the worldwide reach required by modern enterprises.
WAAP, WMS – Website Protection Suite
To meet the changing demands of production environments, a next-generation WAAP was created for AIONCLOUD. Modern applications rely heavily on API access, and many companies consider their APIs to be products in themselves. AIONCLOUD, armored with powerful API security in conjunction with MONITORAPP’s already comprehensive and robust Web Application Firewall, along with Content Delivery Network (CDN), and DDoS Protection features, gives enterprises the confidence to have their services publicly exposed to the internet. MONITORAPP then packaged these features with a Website Malware Scanner (WMS) to offer a full suite of website protection.
SSE, ZTNA – Secure Internet & Remote Access Suite
AIONCLOUD can also be used to protect employees and internal resources anywhere in the world with the SSE it built. To remove the complexity of companies maintaining an on-premise security stack, MONITORAPP built a cloud security platform containing SWG, CASB, FWaaS, DPI, ATP, and RBI solutions that are utilized regardless of a user or resource’s location. Agents installed on devices leverage ZTNA and encrypted tunnels to access the SSE before users are routed to the web or public/private resources. Granular control over user capabilities and visibility into SaaS, web traffic, and private resource usage is possible from a single console.
Ariana: How effective is deep packet inspection (DPI) technology in identifying and mitigating cyber threats?
Kurt: While traditional packet inspection only scans the header of packets for the source IP, destination IP, and port, Deep Packet Inspection (DPI) goes deeper into the data of the packet for further security functionality. This allows for advanced monitoring, such as Data Loss Prevention (DLP), scanning for malware, and attack pattern matching.
MONITORAPP provides all of these capabilities of deep packet inspection with its SWG and CASB, but it has also added another level of control with its Next Generation Deep Packet Inspection (NG DPI) technology. Deep packet inspection additionally gives AIONCLOUD the ability to identify what application a packet comes from. Therefore, a core function of the NG DPI is managing the applications employees have access to. Many applications related to file sharing, social media, and messaging can be potential vectors for malware, data breaches, and unauthorized access to company resources. Controlling app usage is a way to quickly and effectively improve security posture within an organization. DPI also makes it impossible for employees to get around network restrictions by masking their traffic with VPNs.
The NG DPI can do more than just limit access to applications, though. It also has the capability to control what actions users can take when using specified applications. For example, admin can determine if users can upload or download files when using approved applications, or even what file types they can use for these functions.
Also, by knowing what applications network traffic is for, the NG DPI can provide efficient bandwidth management. Besides just being blocked, traffic can also be prioritized or throttled according to an organizations needs or preference. By optimizing network performance with application filtering, AIONCLOUD can ensure critical applications receive quality of service requirements.
Kurt Xavier Schumacher is Product Manager for AIONCLOUD at MONITORAPP.
This interview is a part of The Fast Mode's Traffic Visibility segment, featuring leading networking, analytics and cybersecurity companies and their views on the importance of network intelligence and DPI for today's IP networks. A research report on this topic will be published in June 2024 - for more information, visit here.
