BLOG   |   CONTACT US   |   KOREAN       JAPANESE 
HOME
HOME
>
SOLUTIONS
>
Anti-APT Solution

Anti-APT Solution

외부유입파일 관리를 통한 지능형 타깃 지속 공격 대응

SoftCamp provides incoming file management solution optimized for network partitioned environment and information protection products to defend against APTs

Necessity

  • Do you want to defend against APT attack and malware from network partitioned environment?
  • Do you want to keep track of the usage history for external files (document & exe) after entering the internal system?
  • Do you want to defend against dangerous files that are not yet identifiable by traditional vaccine solutions?
  • Do you want to run a test on the risk of patch files or manage records of the files?
  • Do you want to manage log history and examine the degree of danger associated with patch files?

Issues

  • Management over external files carried in from the outside
    • Vulnerability in security arising from entered files in network partitioned environment.
    • The inability of conventional products (based on signature/reputation/behavior) to defend against new attacks
    • Inability to trace usage history log for exe/document files after point of entry
  • Inspection and management over patch file
    • Lack of plans for administrator to carry out integrity verification, malicious code infection status check and record management for patch files

Relevant Laws

  • Security Guidelines for Safe Data Transmission between National or Public Organization Internal Network and the Internet, National Intelligence Service, Feb. 2012

    4.1.5 A test for malicious codes shall be conducted prior to data transmission from a non-secure area to a secure area. Transmission function shall be provided only when malicious codes are not detected by the test. 4.1.6 For the transmitted files, inspection data including the time and date of transmission, name of the transmitted file and file carrying-in/ out users shall be created.

Solutions

  • Prevents malicious codes from entering internal network from network partitioned environment
  • Provides isolated virtual environment to prevent external files from affecting the actual system
  • Provides monitoring and tracing function for external data (access path, user, utilization status)
  • Provides integrity verification and record management for product/patch file
솔루션 정보
상품 방안
SHIELDEX Client
(WatchMon, V-Room)
  • Installed in user PC to trace usage status of files imported from outside and to protect key areas in PC
SHIELDEX
SaniTrans Appliance
  • Sanitizes files imported from outside through internetwork data transmission system
SHIELDEX
V-Room for Mail Server
  • Virtualizes email attachment files which are accessible with client
SHIELDEX
Trace Server
  • Provides a visual representation of external file tracks and statistically processes file usage status and warning signs
Ex-Scanner
  • Administrator performs integrity verification and record management on product/patch files

Expected Benefits

  • Safe security management system established for diverse files imported from outside (through network link, USB, e-mail and web download)
  • Facilitates uninterrupted flow of security, after external file entry, through full-time monitoring, tracing and log management
  • Improvement on the limitations of prior Anti-APT solutions
  • Security level inspection method provided for applications and patches