NEWSLETTER - SEPTEMBER 2018

New AXS GUARD 8.3.4 RELEASE

Data Breach Detection and Prevention

Network and data protection measures, such as a firewall, an anti-virus engine or an Intrusion Prevention System, are no longer sufficient in a GDPR world; organizations need to know what data they are collecting and how it's being used.

With AXS GUARD version 8.3.3, we introduced a new threat reporting feature, allowing organizations to get actionable insights from raw data in various system log files.

With version 8.3.4, we further upgraded this reporting feature to automatically deliver selected reports to administrators and authorized personnel. Following is an overview of the various threat reports types which are available on AXS GUARD:

Report Types
  • Authentication and Authorization: The various authentication and authorization reports are an easy way to detect suspicious login activity and allow system administrators to intervene almost immediately by blocking the IP address or username associated with an attack.

  • Change Management: Unauthorized changes to information systems can lead to costly crashes, loss of data and security incidents. Furthermore, attackers will often try to modify or compromise your systems to guarantee future access. The careful tracking of configuration changes improves your overall IT operation and security.

  •  System Resource Access: Tracking resource access can be used to reveal potential insider abuse or even fraud. It is a valuable tool for determining which resources the attacker has been trying to access, possibly corrupted or modified. In addition, resource access reports can be used for other purposes, e.g. capacity planning.

  • Malware Detection: By providing a real-time status, the various malware detection reports help you to detect known threats and – more importantly - prevent attacks and potential data breaches.

  • Mail Traffic Reports: Various MTA reports were already available in previous versions, but have been reworked, allowing administrators to better monitor potentially suspicious e-mail activity.

  • Web Access Reports: These reports were already available in previous versions, but have been reworked to improve usability, allowing administrators to better monitor potentially suspicious Internet traffic generated by users.

  • Firewall Connection Tracking: The network flow viewer provides real-time information about your network and allows you to track active connections.

  • Application Control: These reports provide in-depth information and statistics about commonly used protocols and online applications.

  • Bandwidth Management: The bandwidth management graph allows system administrators to detect unusual traffic peaks and adjust the bandwidth management configuration where needed.

Automated Threat Reports

A new export feature has been implemented allowing system administrators to automatically receive e-mails containing the aforementioned threat reports.

The aim is to bring relevant and useful system information to administrators and GDPR compliance managers via e-mail, so they don't have to seek out the information for themselves. This allows them to better identify potential threats in a GDPR context and share information with authorized parties.

E-mails will be sent based on a set of preferences which can be easily configured via the appliance's web-based administrator tool. A factory default weekly report has been added to create awareness amongst system administrators.

Report Export Features
    • Profiles can be configured to automatically send a selection of security reports to system administrators and/or other authorized personnel at specified intervals.

    • Sensitive data in reports can be masked to protect personally identifiable information in compliance with the GDPR.

    • A preview button allows administrators to verify the layout of the automated e-mail, so they can make adjustments if necessary. Reports are sent as a PDF attachment for easy archiving.

    • Destination addresses can be tested via a dedicated test button.

Reverse Proxy Support for Citrix NetScaler

The reverse proxy services Internet client requests by forwarding these requests to the correct server in the LAN and provides strong authentication, brute-force attack protection, request filtering, protection against DoS attacks and SSL offloading.

The reverse proxy offers a wide selection of predefined applications and now also supports Citrix NetScaler out of the box.

Citrix NetScaler is an all-in-one web application delivery controller (ADC). See https://www.citrix.com/products/citrix-adc/ for additional information.

End-of-life Announcement

AXS GUARD version 8.2.1 and older versions will no longer be supported as of September 3, 2018.
We therefore encourage you to upgrade your systems to the latest version (8.3.4) ASAP.

AXS GUARD Press Releases

A recent survey, in which AXS GUARD screened nearly 33 million e-mails during a three-month period, showed that e-mail is still a popular threat vector. During the survey, up to 84,000 unwanted or harmful e-mails were successfully detected and blocked. See this blog post to learn more.

Training Schedule

Training sessions are free of charge for customers and partners.
Slots are still available for the upcoming sessions.
Go to www.axsguard.com for additional information and registration.