AGAT

CONTACT US
CONTACT US

Tag: Guy Eldan

Categories
Uncategorized Microsoft Lync Skype for Business SkypeShield

New application firewall security solution for Skype for Business

SkypeShield has launched a new application firewall solution for securing guest and anonymous requests when entering corporate networks.

The need for the new solution arose because, as part of the Skype for Business (Lync) topology, requests are sent anonymously to the front server in the corporate network without being authenticated or inspected. Once allowed, these requests, which might contain malicious code, can pass through DMZ firewalls with no control.

The application firewall has the following security layers:

  • Request rewrite – session termination in the DMZ and rewrite of the request that is sent to the domain
  • Protocol level sanitization – inspecting the traffic to validate the structure of the traffic as expected by the protocol
  • Application level inspection – validating that the data content matches what is expected by the server
  • Device pre-authentication – performing device validation before allowing any request to enter the domain

“Common attacks take advantage of network protocol vulnerabilities to execute operations that are not approved by design. Some of these techniques generate or modify valid requests with data that look valid, but maliciously alter the server’s behavior. An example of a common concern handled by the firewall is blocking non-valid meeting ID in the DMZ,” said Guy Eldan, CEO of AGAT Software, which developed SkypeShield.

“SkypeShield’s new Application Firewall offers the best available solution for such security vulnerabilities by intercepting all anonymous Skype for Business traffic in the DMZ and validating them before allowing them to enter the domain network,” added Eldan.

In order to ensure that no malicious code is injected into a request, the solution passes each request through multiple security inspections and validation channels, including session termination and rewrite, protocol sanitation, data validating and device pre-authentication. By doing so, the risk of most protocol and application level attacks is eliminated, as the original request is not allowed to enter the domain.

The application firewall performs session termination of the request and creates a new request with the same parameters built as expected by the server schema. This concept blocks, by design, any extra code injected into the original request.

SkypeShield’s application firewall protects the internal servers by performing a wide set of sanitized filtering operations detecting malicious requests and blocking them from passing to the DMZ.

Categories
BYOD LyncShield Microsoft Lync Mobile Security Uncategorized

LyncShield offers safe mobile connection to Microsoft Lync servers

AGAT Software Solutions launched today LyncShield, an innovative solution that guarantees secure mobile Lync connectivity, to protect against Active Directory (AD) credentials theft, block DoS, DDoS and brute force attacks, and enforce connection to registered devices.

Connecting devices to corporate networks from non-managed external networks and public Wi-Fi networks poses critical security threats. Corporate credentials are stored on mobile devices that might be hacked or stolen. The low level of device security enables hackers using Active Directory usernames and passwords to access core business applications and view confidential data unnoticed.

LyncShield was developed specifically to mitigate this risk and to allow workers to safely use their own devices outside the corporate network.

“A growing number of enterprises and organizations encourage employees to bring their own devices and to use them to access privileged company information,” said Guy Eldan, CEO of AGAT Software Solutions. “LyncShield offers a new approach that completely eliminates the need to store Active Directory passwords on the device and does not require any additional client installation, making it an ideal security solution for BYOD.”

LyncShield interacts directly with client-server Lync traffic and effectively controls who connects to the network based on the device used and not only on credentials.

LyncShield offers the following features:

  • Active Directory protection – eliminates the need to use Active Directory credentials
  • Two-factor authentication
  • Blocks DoS, DDoS and brute force attacks
  • Reverses proxy Lync publishing on Microsoft and non-Microsoft platforms

The solution, which can be easily installed and integrated, is available either as an add-on to Microsoft Forefront (ISA/TMG) or on a dedicated reverse proxy developed by AGAT – Bastion.

By using LyncShield the organization can determine which mobile devices will be granted access to the system.

AGAT intends to launch a similar solution for Microsoft’s SharePoint and Dynamics CRM in the first quarter of 2014.

Get a free trial

Sign-up for a free trial and demo with an AGAT expert

    Select your service

    For support please login to our support portal

    Get in touch

    Har-Hotzvim Hi-Tech Park, Jerusalem, Israel

    +972-2-579-9123

    info@agatsoftware.com

    Facebook Twitter Youtube Linkedin

    Compliance

    Ethical Wall

    Real Time DLP

    Archive & eDiscovery

    Recording AI Compliance Analysis

    Productivity

    AI Meeting Assistant

    Channel Management

    AI Sentiment Analysis

    Privacy Policy

    Terms and Conditions

    Resources​

    Company overview

    Partners

    Careers

    Blog

    Contact

    © 2013-2023 AGAT ALL RIGHTS RESERVED