PROXEDO
Network Security

Flexible defense of enterprise networks

Proxedo Network Security (PNS) is a highly flexible, multipurpose network security software which can granularly control traffic to protect enterprises from advanced internal and external threats. PNS provides deep packet inspection (DPI) of regular and encrypted network communication and has the capability to filter and modify its content. Thanks to its flexible architecture and scriptable configuration, your organization can implement ANY security policy, including the Zero Trust model.

With PNS, you are able to manage custom security problems which your firewalls or UTMs are unable to solve.

Main Features

We are a leading developer of proxy-based gateway technologies

GRANULAR PROTOCOL CONTROL

  • Full interpretation and validation of 15+ network protocols

  • Control of protocol channels (e.g. file transfer, port forward)

  • Connection handling on the application layer

COMPREHENSIVE ENCRYPTION SUPPORT

  • Control of SSL / TLS-encrypted protocols

  • TLS 1.3 cryptography support

  • IPSec and OpenVPN

TRAFFIC MANIPULATION

  • Data masking for compliance or privacy

  • Hiding security vulnerabilities of legacy systems

  • Easy solution for custom compatibility issues

Use Cases

Separation and Protection of Critical Systems

PNS can help you create a mature and segregated IT environment, allowing you to better focus your security strategy on prioritized systems. Additionally, it can provide a way to isolate compromised hosts or networks in a timely manner following a network intrusion.

Network Authentication and Authorization

Proxedo Authentication Module is a middleware that mediates the authentication between Proxedo Network Security and your existing user database. As a central authentication point, Proxedo Network Security simplifies your network authentication and authorization management. It can take the load off your network operators and developers by handling the authentication challenge in a more efficient way.

Network Monitoring and Debugging

Proxedo Network Security helps you better understand what is happening in your systems. Its biggest benefit is a picture of what ‘normal’ operation looks like in your organization, making it easy to spot anything suspicious – whether that's a spike in traffic or an unfamiliar device that's connected to your network. By drilling down in logs, you're able to take a proactive approach to network security.

Zero Trust Security – Holistic firewall grid

Proxedo Network Security supports high security requirements, including the Zero Trust model. It provides the visibility and controls needed to secure and monitor every device, user and network being used to access business data. You will also be able to monitor device traffic and ensure that every device is authorized. This further minimizes the attack surface of your network.

Multilayer Threat Detection and Prevention

Layered security strategies are reactions to today's cyber threat landscape. Rather than simply waiting for attacks to hit endpoints, layered security takes a holistic view of defense, accounting for the multitude of vectors by which modern malware is delivered and recognizing the importance of network and end user-level security.

Network Privacy and Encryption

Proxedo Network Security helps you comply with the most recent privacy and encryption requirements. It ensures consistent and proper TLS settings for your business. You can implement security measures centrally to simplify the process compared to installing the right cryptography on all servers or clients.

Network Security Compliance and Audit

Thanks to its extremely flexible, scriptable configuration, PNS can meet a range of specific security requirements. Just a few examples:

  • Data manipulation – modifying sensitive or risky elements of traffic. For example, masking credit card data or hiding vulnerable server configurations

  • Graceful degradation of services during peak times by preferring transaction-closing events

  • Implement your own protocol by using the AnyPy proxy and the power of Python

Benefits

UNPARALLELED CONFIGURATION POSSIBILITIE

Proxedo Network Security offers almost unlimited flexibility for you to adjust connection parameters. This means you can avoid bad trade-offs between effective business processes and the desired level of security. You can implement virtually any security policy without the slightest compromise. By using Python-scripts, even complex, multivariable decisions can be made.

ÁMOST COMPREHENSIVE TRAFFIC CONTROLS

In contrast with the pattern matching of UTMs, PNS handles network connections on the proxy level. This means that the transferred information is available on the device in its entirety, enabling deep protocol inspection and validation. The gateway can understand the specifications of the protocols and can reject connections that violate the standards.

HIGHLY SKILLED AND FLEXIBLE ENGINEERS

Balasys has a flexible professional services team which helps you design, deploy, customize and support your PNS solution on-site. Our highly skilled engineers can solve network security problems that other vendors can't solve (or only with costly custom development). We help you tailor your PNS: we can reconfigure your network, write scripts, integrate with third-width-party tools or even develop custom modules. Thanks to our senior support engineers, we can also provide you with highly professional, 24/7 vendor support.

BEST VALUE FOR MONEY

Proxedo Network Security is a highly customizable, reliable and resource-efficient suite available at an affordable price. Combined with flexible integration services, engineer-to-engineer access, trainings and direct vendor support, the product represents one of the most profitable offerings on the network security market today.

CLEAN CODEBASE

Proxedo Network Security is made in the EU and developed by a private Hungarian IT security company, Balasys.

Features

GRANULAR PROTOCOL CONTROL

  • Full interpretation and validation of 15+ network protocols

  • Control of protocol channels (e.g. file transfer, port forward)

  • Connection handling on the application layer

COMPREHENSIVE ENCRYPTION SUPPORT

  • Control of SSL / TLS-encrypted protocols

  • TLS 1.3 cryptography support

  • SSL and IPSec VPN

TRAFFIC MANIPULATION

  • Data masking for compliance or privacy

  • Hiding security vulnerabilities of legacy systems

  • Easy solution for custom compatibility issues

SINGLE SIGN-ON

  • Malware filtering with multiple engines (with optional spam and URL-filtering)

  • ICAP support for integration with AV-, IDS/IPS- and DLP-tools

  • Certificate validation at the perimeter

ROBUST CENTRAL MANAGEMENT

  • Enterprise-level, multi-site firewall management

  • License- and certificate-management

  • Advanced management GUI

UNPARALLELED CONTENT FILTERING

  • Strong authentication (S/Key, SecurID, X.509, etc.)

  • LDAP/AD, Kerberos- and Radius-support

  • PKI support

DETAILED AUDIT LOGGING

  • Logging of encrypted network traffic

  • High log verbosity for better network debugging and forensics

  • Seamless integration with log analyzing and SIEM tools

SUPPORTED PROTOCOLS AND STANDARDS

  • HTTP, SSH, RDP, IMAP, POP3, SMTP, TELNET, VNC, (T/S)FTP

  • NNTP, SSL/TLS, Oracle SQL/Net8, LDAP, RADIUS, VoIP SIP

  • MS RPC, MIME, RSH, LPR, SOAP, SOCKS