Enhanced Application Control
At the core of a CyberHound Appliance is a powerful Next Generation Firewall with an all new Deep Packet Inspection (DPI) and Application control engine for high throughput networks. These support thousands of users with the fastest Internet links and networks and are suitable for even the largest school networks. Ensuring uptime and accessibility to Cloud hosted and SaaS based applications is a business critical requirement for the modern network administrator. Utilising legacy techniques such as simple protocol identification and port usage is no longer sufficient in identifying applications.
With CyberHound’s new Application control engine, network administrators gain extensive visibility into their network with the ability to identify and manage over 1600 applications based on the network, users, groups, time of day and more.
Our latest enhancements to its Next Generation Firewall offer new features and benefits. These continue to provide CyberHound customers with the best K12 security, filtering and Internet management services in the industry.
- Multi-instance engine with live application update support and hardware acceleration technologies
- Application flow replication for high availability deployments
- 1600+ applications with bi-weekly application signature updates
- Highly scalable application classification fast flow at speeds up to 10Gbps
- Classification of network protocols and applications based on flow pattern matching, bi-directional flow correlation, heuristics and statistical analysis
- Identifies applications at Layers 2 through 7
- Early packet discard mechanism
- Service ID for visibility of audio, video, file transfers and more
For more information contact us today or download our Application Control Data Sheet below:
Industry Leading Web Security
Superloop’s CyberHound Web Security delivers unmatched coverage and accuracy for the billions of URLs and IPs that comprise the Active Web.
CyberHound’s Web Security delivers real-time protection from malicious websites and provides the highest level of categorisation accuracy.
Download our Advanced Web Security Brochure below:
Advanced
Web & Security
Superloop’s CyberHound Web Security is designed to provide the industry’s most advanced and effective malicious web security service for schools..
Advanced Threat Protection
CyberHound has developed one of the most advanced sets of multi-layered ‘defence in depth’ security platforms to deliver reliable cybersecurity for schools. Our platform assists to secure your network as well as protect it from ransomware, malware, zero-day threats, phishing and more.
This platform now sets the benchmark for K12 security coupled with the extensive set of additional features that are part of our Advanced Threat Protection Suite – ensuring peace of mind for school communities.
Download our Advanced Threat Protection Data Sheet below:
Is Your Password Secure?
Passwords serve a necessary purpose and the inconvenience of having to remember multiple passwords far outweighs the cost of our data getting compromised. Imagine having your money siphoned from your bank accounts, and nefarious entities reading your private conversations…
The problem is that passwords that are easy for humans to remember are typically also easy for a machine to crack. The most widespread methods of making passwords stronger, such as requiring the inclusion of numbers or punctuation characters, or a mix of upper and lower case letters, typically make passwords much harder for users to remember.
For more information on what makes a secure password, get your free copy of CyberHound’s Password Security Research Paper. This paper, compiled by computer security professionals Christopher Gersch and Dr James Birkett PhD, explores topics including hashing, password entropy and methods for good password hygiene.
Download your copy of the research paper below:
Extended Network Security with IPD/IDS
Most network Intrusion Detection and Intrusion Prevention System (IDS/IPS) services form part of a Unified Threat Management system (UTM) that also incorporates firewall functionality, and usually web scanning and reporting. The reporting on such systems tie the various roles of a UTM together, which helps deliver a holistic overview of the threat landscape to an organisation, better arming the IT team to manage and mitigate threats as they appear.
Read our Data Sheet on our Intrusion Prevention Systems and the security functionality they provide:
Authentication
Authentication can occur using one of four methodologies, or a combination of them all:
- 802.1 authentication. Useful for BYOD devices and wi-fi access. This occurs for any IP traffic such as for apps and is not limited to web traffic.
- Active Directory Authentication. For windows based computers at Windows 7 (or greater).
- SSH authentication for OSX on domain Macs.
- Captured portal authentication – A local catch all mechanism if none of the above apply.
HTTPS Inspection
HTTPS Inspection (also known as SSL filtering and HTTPS interception) allows an internet management firewall or system to inspect secure internet traffic.
HTTPS was originally developed to ensure that sensitive web data could be exchanged between two computers without a third party being able to intercept the traffic and use it illegally or inappropriately. Many Internet Service Providers (ISPs) are reporting that a majority of their web traffic is now HTTPS traffic.
Without HTTPS inspection, a web filter cannot see the destination URL which makes categorisation unreliable and the filter cannot review content from the website. This can result in students either accidentally or purposefully accessing harmful or inappropriate content. Additionally, it also means that malware (malicious software) like viruses and trojans cannot be detected and blocked from entering the network and enables schools to enhance learning opportunities for students by safely allowing full internet browsing access whilst also ensuring their duty of care obligations are met.
Anonymiser
As standard, many security appliances will block access to inappropriate web sites – however students can use anonymisers to circumvent these restrictions.
An anonymiser acts as an invisible method for students to access inappropriate content and on some solutions get round the restrictions. While it is possible to also block these anonymisers it’s a bit of a cat and mouse game with new anonymisers being created regularly.
The CyberHound Appliance is immune to these limitations as it is able to dynamically detect the behaviour of anonymisers and readily block them.
Next Generation Firewall
The CyberHound Next Generation Firewall is very simple and intuitive to use. It can be used to permit or deny access to web pages, applications, IP addresses, ports and protocols, based on the time of day, the IP address of the user, the user’s group (if groups are enabled) and other criteria. Fundamentally, it allows for very granular access policies as required.
CyberHound’s Next Generation Firewall allows network administrators to control access to actual applications rather than control the data communication ports that it may use and may be shared by other applications.
As the CyberHound Appliance can detect Skype at the application level meaning it is very useful for boarding schools where pupils can communicate with their parents at appropriate times, yet be denied access during teaching and study hours.
Reducing Administration
With students and teachers having access to multiple wireless devices like laptops, iPads and mobile phones, the demands on school infrastructures and IT staff can be overwhelming (and can often dictate school policies regarding BYOD usage).
This is not the case with the CyberHound Appliance. Users can now authenticate their own devices against their credentials with no involvement of IT staff.
Security Control Features:
- Next Generation (level 7) Firewall.
- Full SSL filtering / HTTPS Inspection.
- Dynamic anonymiser detection and blocking.
- Bit Torrent control.
- Malware detection on web, email, downloads and social media.
- Secure Wi-Fi connections using BYOD zero-touch on-boarding for wireless devices.
- Advanced authentication ensuring flexible and reliable control of who access your network.