1. Main Page |
  2. Highlights |
  3. ICS CUBE: Unified threat management

UTM

The main goal of ICS CUBE as unified threat management is keeping your corporate network safe against all sorts of cyber threats. We have closely integrated network firewall, intrusion protection system, web content filter, flow antivirus, mail antivirus and antispam, web application firewall and data loss protection in ICS CUBE. All these components work in accord and are administered in graphical user interface as a single entity.

Free trial Buy Documentation

Network firewall

A firewall creates a barrier between your corporate network and Internet, which you typically do not trust. A firewall controls access to the resources of a network through a vast number of interrelated sets of rules. Creation of the rules, which guide firewall operation is responsibility of a number of other ICS CUBE security modules, such as user control, intrusion prevention system, traffic policing and shaping, data leak prevention, virtual private networking. They all contribute.

The firewall is the centerpiece of ICS CUBE security tools. It controls everything that goes in and out of your network. Using multiple techniques firewall is informed of what traffic may potentially harm your productivity, compromise security and corporate policy and blocks this traffic. The firewall in ICS CUBE is highly intelligent in filtering at the edge of your corporate network. ICS CUBE firewall provides you with reliable protection, forbidding dangerous, suspicious or simply unwanted traffic from entering your network, works in accord with Intrusion prevention and data leak prevention subsystems, monitors status and health of end nodes.

With ICS CUBE firewall, you can be sure, that you computers are safe from viruses, worms and other threats, users are not wasting time and traffic for useless or dangerous Internet browsing and downloading, confidential information is not leaking out of your company into the Internet. Additionally, it improves network visibility by gathering usage statistics for you, monitoring application traffic flows, rate policing and providing quality of service to business vital traffic and applications.

network firewall

Intrusion Prevention System

An intrusion prevention system monitors all network activity, detects intrusion attempts, or security breach attempts and promptly reacts to them by blocking unwanted activities and alerting the administrator. IPS can also defragment IP packets, reorder TCP segment to guard against packets with tempered sequence and acknowledgement numbers.

The intrusion prevention system of ICS CUBE operates in accord with firewall. IPS keeps alert to network attacks targeting various services, attacks meant to elevate a users access rights beyond necessary limits. IPS is also fighting off unauthorized file access attempts and other types of dangerous software accidentally of persistently targeting your corporate network, computers and servers.

The intrusion prevention system in ICS CUBE communicates with the firewall to promptly block suspicious or known to be dangerous traffic. The IPS also produces detailed reports on possible attacks and breach attempts, providing you with traces for further incident response actions.

intrusion prevention system

Virtual Private Network

VPN overlays the real physical infrastructure with encrypted tunnels, providing secure communications. No matter how many real networks your encrypted link traverses, the other end of it, which may be your remote office is just one hop away from network point of view. VPN is the preferred mean of safe and easy connection between remote corporate locations.

The VPN server in ICS CUBE creates tunnels between your networks and protects communication with strong encryption algorithms. By using a standard set of protocols (IPSEC, IPIP, GRE) ICS CUBE can communicate with most other VPN software or appliances, including another ICS CUBE at your remote location.

The VPN solution in ICS CUBE can also be used for safe access to office network, servers and software from mobile users.

virtual private network

Web content filter

The web content filter in ICS CUBE can be used for multiple purposes in the organization:

  • to safeguard your users against Internet threats, including social engineering, phishing sites, etc;
  • to boost up productivity by keeping your users away from useless time wasting content;
  • to fulfill your corporate code of conduct by disallowing abusive content in a variety of categories: adult, criminal, psychotropic substances, drugs, terrorism, etc;
  • to protect kids and teenagers against harmful information in educational organizations and enforce parental control at home;
  • to free capacity of your Internet access link for useful and productive types of traffic.

  • ICS CUBE is equipped with advanced web content filtering tools which safeguard your network against cyber threats and human errors and social engineering attempts. It also allows you to create and enforce flexible and sound corporate Internet usage policy, differentiated by content type, user or user group, time of day, etc. By coupling ICS CUBE with our software from our technology partner Kaspersky Lab with KWF web filter you can build multiple lines of defense with little effort.

    web content filter

    Firewall antivirus

    Fighting off malware, ransomware and other types of cyber security threats before they hit the end nodes are primary tasks of ICS CUBE as a Unified Threat Management solution. To achieve most efficient protection, we cooperate with two well established players in the field of antivirus software Kaspersky and Dr.Web.

    The modules developed with our partners integrate with the ICS CUBE firewall, which intercepts all network traffic flows and handles them to the firewall antivirus modules for inspection. The traffic is only allowed to enter your network, if firewall antivirus marks it as clean. ICS CUBE performs flow analysis without much rate loss of the network access.

    ICS CUBE with the flow antivirus has several advantages: it is always on, it cannot be tempered with, unlike an end node, it protects the whole corporate network, and it lowers risks of end node infection.

    The antivirus in ICS CUBE performs:

  • Classical signature analysis of all objects traversing the network;
  • Heuristic analysis to find polymorphic and metamorphic malware;
  • Complex and parallel object inspection;
  • Processing of all known file formats;
  • Linguistic heuristics, message attribute analysis;
  • Urgent detection system (UDS) technology;

  • Antivirus and antispam solutions are backed up by partner's powerful teams of cyber security analytics, working 24x7 behind the scene to keep you safe. The modules can automatically update viral and spam definitions every 5 minutes.

    Firewall antivirus

    Mail antivirus

    ICS CUBE has its own corporate mail server, which sends and receives mail for all your corporate users. Both antiviral modules of ICS CUBE also integrate with the mail server to inspect all incoming mail, checking it for potentially dangerous content inside mail messages and attachments. Upon finding infected objects they are placed in quarantine and reports are generated so that you can select the appropriate action upon them.

    mail antivirus

    Antispam

    Mail SPAM amount on the Internet is overwhelming. Most often an office day begins from mining useful messages from piles of unwanted mail error prone and time-consuming process.

    Integrated in ICS CUBE is Kaspersky Labs anti-Spam engine, which efficiently cleans up your corporate e-mail from SPAM, saving the time of your employees, offloading the primary mail filtering task from them, so that they can concentrate on meaningful mail.

    antispam

    Data Loss Prevention

    Data leak prevention is a technology guarding your vital corporate information from spreading out of your network as a result of an accidental error or deliberate malicious activity of users. ICS CUBE DLP is based on traffic flow analysis. When sensitive information is detected the system blocks its transmission. ICS CUBE monitors web and mail traffic for possible data leaks. It has various settings to define information sensitivity level and set detection thresholds. You can use keywords and file signatures to configure DLP subsystem. Technologically DLP uses the same mechanisms as content filtering does.

    data loss prevention

    Web application firewall

    Web applications comprise the core of the information system of most companies. Because of that, web applications are often targets of various attacks. The web application firewall works particularly with web application traffic (HTTP). Located between corporate web applications and users ICS CUBE UTM controls the bidirectional HTTP traffic, protecting web applications, heavily used by business. The web application firewall in ICS CUBE prevents vulnerabilities in web applications from being exploited by outside threats and its list of capabilities includes:

  • Virtual patching
  • Full HTTP traffic logging
  • Security assessment
  • Web application hardening
  • Passive security assessment
  • Simple request or Regular expression based Filtering
  • URL Encoding Validation
  • Auditing
  • IP Reputation
  • Null byte attack prevention
  • Server identity masking
  • Uploads memory limits
  • DMZ

    In case your company has its own public servers, open for the untrusted Internet, you may choose the option of partitioning your network to keep these resources in a separate network segment, so that these servers, even if compromised, could not become a hacker base to invade the rest of your network. DMZ adds one more layer of security to protect your business information assets. ICS CUBE fits well in various network topologies and can form the DMZ, using virtual and physical LAN interfaces, possibly cooperating with third party routers.

    demilitarized zone

    Prices are in US Dollars

    Product

    Licence type
    Modules
    Antiviruses:
    Traffic categories:

    Number of users

    Advantages

    • Lifetime license
    • Free technical support
    • USB flash installation
    • 35 days for evaluation
    • Video tutorials
    • The development is client-oriented
    • No additional software needed