Firewall and security configurations

4 min read

Data Security

We offer special settings if you want to protect your network and also how your team can access the internet. You need to opt in for the ones you want.

These settings activated per your private VLAN

When activated, each setup is applied to all devices in your VLAN network. You cannot separate any devices.

Who can use these services?

Please read important definitions in this article and determine if any option is for you or not, then use the link at the bottom of this article to submit the request form.

Intrusion setup is already activated on our hotspot (visitor and Member network that you connect with your email/PIN) and meeting room LAN wired connections.

Intrusion Prevention and Detections (IPS/IDS)

  • Default is OFF for custom VLANs (ex. private offices).
  • It is ON for our hotspot general WiFi access and meeting room LAN connections.

Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS) are critical components in enhancing network security. These systems serve as a frontline defence, identifying and mitigating threats before they can cause harm.

What Are IPS and IDS?

  • Intrusion Detection System (IDS): Monitors network traffic for suspicious activity.
  • Intrusion Prevention System (IPS): Similar to IDS but also takes proactive steps to block detected threats. We directly block these threats in West Quay Offices once setup is made for your network.

Why Are IPS and IDS Important?

Compliance: Helps meet security standards and regulatory requirements (PCI-DSS, HIPAA, etc.).

Threat Detection & Prevention: Identifies malicious traffic, preventing potential damage. Real-time signature updates ensure you are protected against new and evolving threats.

Real-time signature updates

Threats evolve and patterns change; we stay ahead by regularly updating our threat signature databases. This ensures your network is protected from even the latest threats.

Is my information private?

Yes, we ensure that your information is kept private and secure at our offices and completely deleted after a month. The only data retained is that of the attacker’s IP address to ensure our threat database remains up-to-date.

Note: Only when security detections are triggered, certain metadata, including timestamps, IP addresses, ports, protocols, and signatures, temporarily pass through an encrypted communication channel with our cloud security database provider before it is ultimately deleted. These data won’t have any personal identifying meta of yours.

Does enabling Intrusion Prevention affect the speed of the internet?

Since traffic is being actively inspected, maximum routing performance may be reduced. This may effect your internet and connection speed outside of your VLAN network. But most won’t notice the difference.

Included checks

Virus and Malware

  • Botce: Treats from known, active botnets.
  • Malware: infiltrative software that steals internet activity data from your network and computers.
  • Mobile Malware: Infiltrative software that steals internet activity data from your network and mobile device.
  • Trojan: Malicious software that exhibits clear criminal intent.
  • Worm: Network traffic that indicates potential warm activity.

P2P

  • TOR: Network trafic sent to and from Tor exit nodes using an IP-based rule set.

Hacking

  • Attack Response: Indications that a network device in your VLAN is compromised.
  • RPC: UNIX RPC service-related exploits and outdated functionality.
  • Scan: Unknown reconnaissance and probing your network.
  • Shellcode: Targeting of vulnerable processes being run on a separate machine, local network, or intranet.

IPs with Bad Reputation

  • CI Army: Cross-references to the CI Army list, a daily directory of IP addresses deemed as having a bad reputation.
  • Compromised: Cross-references a list of IP addresses known to be compromised hosts, which is updated daily by private and public sources.
  • DShield: Cross-references a list of IP addresses that have been identified as sources of past attacks.

Network Protocol

  • NetBIOS: Known NetBIOS attacks.
  • TELNET: Malicious activity using Telnet protocol.

Dark Web Blocker

Automatically blocks traffic encrypted by Tor.

Block Known Malicious IPs

Blocks known malicious IP addresses using an automatic real-time updated database.

Intrusion Prevention offered as one package

All above checks are offered in one setup and you cannot unselect some, like the rest of the below options.

Content Filtering

Default is OFF for all networks.

Blocks access to explicit, pornographic, and malicious domains from your network. Search engines and Youtube switched to safe mode.

Firewall Rules

Block application groups

Default is OFF for all networks.

Any devices on your network won’t be able to access the internet with these applications in the groups of your choice.

Application groups to block can be chosen separately.

Application GroupDescription
Social networksThis will block internet access by social network applications like Facebook, Instagram, TikTok, etc…
Online GamesThis will block all known online games.
Instant MessengersThis will block all known instant messengers. Keep in mind that if you use instant messengers for your business, those will be blocked too.
File TransfersThis will block file transfer applications. If you use Google Drive or OneDrive for your business, they will be blocked too.
Media Streaming ServicesThis will block all media streaming applications like Youtube, Spotify, etc…
Tunnelling and Proxy ServicesThis will block any VPN usage from your network and if anyone wants to bypass the above rules by using VPN or proxy services,.
This may also be some requirement for some certain businesses that need to track and limit computer access for compliance.
Blocks can be time frame limited

You can block or allow these application groups between certain times. (ex. allow social networks during 12 AM and 12 PM). Or you can also block these at certain days (ex., like Fridays)

Block applications separately

Default is OFF for all networks.

You can list applications you want to block separately and this will block any access using these from your VLAN for any computer or mobile device connected.

Blocks can be time frame limited

You can block or allow these applications between certain times. (ex. allow them during 12 AM and 12 PM). Or you can also block these at certain days (ex., like Fridays)

Blocking access to certain websites

Default is OFF for all networks.

You can block access to certain websites by domain name from your VLAN network.

Block access to certain IPs from your network

Default is OFF for all networks.

List any IPs or Subnets you want to block access from your network.

Block access to Countries from your network

Default is OFF for all networks.

Listed countries won’t be accessible from your network.

Opt-in for these services

Please submit this form to activate these functions.

Was this article helpful?
Share on:

Search Knowledge Base

Knowledge Base Categories