Threat Deception and Honey Trap Solution
It has become almost certain that attackers posing a threat to institutions or organizations will enter the network structure. An advanced method used to prevent an attacker who has infiltrated the structure from accessing or damaging valuable data is deception of the threat.

The main purpose is to direct the attacker to systems that they think are real and to inform the real defense systems while dealing with these systems. Deceiving the attacker with data, services and systems that appear to be real can also provide valuable intelligence data by revealing the attacker’s attack target and the tactics they use.

URL/Content Filtering
URL/Content filtering systems act as proxy servers to ensure secure internet access for users. Thanks to their superior inspection and detection engines, reporting interfaces and notifications, user access can be monitored instantly. Many controls and integrations can be provided against threats that may come over the internet. Here are a few of them;

Antivirus control
URL/domain filtering according to category and/or specific criteria
Reputation control
Application control
SSL termination
Bandwidth control
APT integration
SIEM integration
DLP integration

Asset Management
Since protection methodologies must be determined in line with the characteristics of the asset to be protected, it is an important requirement for institutions and organizations to know the inventory of the assets they want to protect and to keep it up to date in a way that can keep up with the dynamic digital world. Being able to track the hardware and software inventory that follows the network structure and is included in this network is one of the first steps of security. As Annanowa, our solution product that we represent in this field is ASMA.

Data Leak Prevention
Institutions and organizations must protect their data against data leakage that may occur as a result of any threat from inside or outside. Data leakage/loss can be done through many methods such as USB sticks, taking screenshots, transferring data over the network, transferring it to other sites with encrypted means, and sending it via e-mail. It is important to use a data loss/leak prevention (DLP) solution on end-user systems and network entry/exit points to prevent unwanted data from going out.

Database and File Server Firewall
In many IT infrastructures, information is generally located on database servers and file servers. Institutions and organizations must protect their data against data leakage that may occur as a result of any threat from inside or outside.

Database servers are among the most critical assets that need to be protected. Including database administrators, it is necessary to use a database firewall to protect data against possible leaks. Database traffic can be examined at the agent or network level (inline or sniff) and control, warning and blocking can be performed on the protocol. In addition to these features, it is possible to monitor and protect database activities with data masking, vulnerability and compliance control, advanced reporting and many other functions.

File servers such as CIFS and NFS can also host very critical data. Although file servers are protected by file system and sharing permissions by system administrators, data leaks and losses due to configuration errors can sometimes occur. Especially with the recent increase in ransomware, institutions and organizations have suffered serious losses. Using file server firewall systems, CIFS and NFS protocols are examined in depth at the agent or network level (inline or sniff). Through predefined signatures and policies, auditing, warning and blocking of vulnerable attempts can be performed.

Web Application Firewall
Web-based applications have been exposed to many attacks for years. The most common of these attacks are injection (such as SQL, OS, XEE and LDAP), XSS, CSRF and DoS/DDos. Security parameters are often overlooked when coding an application, and software hackers who know this use these attack types to infiltrate. Serious data leakage and reputation losses usually occur as a result of the leak.

At this point, the Web Application Firewall (WAF) solution provides protection against possible attack scenarios that a software hacker can use, with the help of thousands of signatures, specially written policies and reputation services it contains. With specially made definitions, it provides antibot against DoS/DDoS attacks and measures against the leakage of data that meets the specified criteria.

New Generation Firewall
New generation firewalls can operate in virtual, cloud and physical infrastructures with centralized management, flexible expansion capabilities, high and different network interface support.

New generation firewall has some basic functions as follows;

Application Control
Attack Prevention System
Antivirus Protection
On-premise or Cloud Zero Day (APT) Protection
URL/Web Filtering System
Active Directory/LDAP Based Rule
Anti-Bot Protection
Anti-Spam Protection
Bandwidth Control

Authorized Access and Password Management
Authorized users are individuals who have direct access to the most valuable data and systems of an institution or organization. These access rights also attract the direct attention of an attacker and these users are the target of many attacks such as phishing etc. The solution to this problem has emerged as moving the management of authorized accounts to an intermediary system and allowing users to conduct their operations by obtaining authorization through this system using their unauthorized, standard users. Thanks to this structure, both the management of authorized user passwords can be ensured and the connections made can be recorded.

Load Balancing and Application Acceleration Technologies
Load Balancing and Application Acceleration Technologies, which are used due to increasing business needs and better service requirements, can enable many different services and tools to operate with high performance.

Vulnerability and Compliance Management
It is a globally accepted fact that there are various vulnerabilities in every software used. Studies show that known vulnerabilities are used quite frequently in attacks. Vulnerability and Compliance Management technologies are used to regularly analyze the status of network structures and identify their vulnerabilities, and to monitor the laws, compliance and regulations that institutions and organizations operating in various sectors must comply with. This information, which is obtained by actively and passively scanning the structure and compiling data collected from various data sources, plays an important role in increasing the security levels of institutions.