FREQUENTLY ASKED QUESTIONS
I already have a firewall, why do I need this?
Most firewalls only support very simple policies for securing network traffic and do nothing to prevent computers inside your network from connecting to malicious servers on the internet. When someone is tricked into clicking on a link, your firewall will not stop that computer from connecting to servers controlled by hackers and downloading viruses or other malware disguised as a PDF file or other content.
When you forward ports in your firewall, in most cases those rules apply to everyone on the internet: the same policy that allows your IT administrator remote access through the firewall also gives hackers access to the same ports.
The security sensor includes a mature and robust Intrusion Prevention engine that scans all inbound and outbound traffic for threats. Detailed rules can be created to define what traffic is allowed in and out of your network including restrictions by geographic location. The cloud security scanner regularly scans your network to look for open ports that could provide hackers with unauthorized access.
I already have anti-virus, why do I need this?
Anti-virus is a critical component of a robust cyber security strategy. Unfortunately, while anti-virus solutions prevent many attacks, hackers are constantly adapting their approach in what has become a never ending cat-and-mouse game between anti-virus vendors and cyber-criminals.
Once a hacker is able to trick a user or bypass anti-virus software and install a Trojan or backdoor, they own your network. They remotely control infected systems to explore your network, infect more systems, encrypt your hard drives, steal your business and client information and copy your files to their servers, allowing them full access to your infrastructure. Your antivirus isn’t looking for such activity and does nothing to prevent it.
The security appliance includes advanced Intrusion Prevention capability with rules that are updated regularly by a large community of cyber security professionals. These rules monitor your network traffic for patterns that are known to be associated with specific attacks, blocking the network activity and alerting the cybersecurity team to take the appropriate defensive countermeasures.
Do I need to replace my existing firewall?
If you already have a firewall protecting your network you’ve taken an important step in protecting your infrastructure. You can continue to use your existing firewall that provides basic network security policies along with the enhanced security capabilities that are part of the Akouto solution.
The security appliance can be installed in your network in “transparent mode” either in front of your existing firewall or behind it, significantly enhancing security capabilities with features such as Intrusion Prevention, Geo-IP security policy enforcement, external vulnerability scanning and automated cloud monitoring and alerting.
Do I need both a firewall and the security appliance?
If you don’t already have a firewall, there is no need to buy one. The security appliance provides firewall capabilities that rival standard commercial firewalls and includes many features that are only available in high end (and high price) security appliances.
You can deploy the security appliance in NAT or transparent mode, and leverage all of the capabilities including Firewall, NAT, DHCP, Traffic Shaping, VPN, Intrusion Prevention, High Availability, Load Balancing, SNMP support, DNS Forwarding, Captive Portal and much more.
Do I still need anti-virus?
Yes, you should still use anti-virus on all of your endpoints including desktops, laptops, tablets and mobile phones.
A proper security strategy consists of multiple layers of protection. That includes network layer security as well as endpoint security which is provided by your anti-virus.
The two technologies are complimentary and together provide the best possible protection against different types of vulnerabilities.
I have anti-virus and still got infected, would this have helped?
Akouto's managed security solution provides an additional layer of security that may have been able to detect and stop the attack. It contains thousands of rules that are constantly being updated by an army of cyber-security specialists allowing it to protect your network and systems against a huge number of attacks and vulnerabilities. At the same time, hackers are always finding new ways to bypass security systems. The best strategy is to use a layered approach to security that includes the right mix of technology and human expertise to protect your business.
Who monitors my network security?
Security analytics servers and network scanners continuously collect and analyze data from your security appliances. Critical events that require immediate attention generate SMS and Email alerts sent to the IT security staff managing your infrastructure.
Members of the Akouto cyber security team and your IT service partner monitor your systems through the available security portal to quickly identify and address any issues that may be detected.
How do I know if there is a security incident?
Critical security issues detected by the security analytics servers automatically generate SMS and Email alerts that are sent to the IT security staff managing your infrastructure.
Your IT service partner will notify you of security threats and any countermeasures that should be put in place or actions that should be taken.
What should I do if there is a security incident?
If you suspect there has been a breach or other security incident, you should contact your IT service partner. They are trained to investigate the issue and work with the Akouto cyber security team to identify the threat and take the appropriate action.