VEKA Rus implemented the solution Cisco Advanced Malware Protection for Endpoints

On April 16, 2018 the Cisco Systems company announced project completion on installation of local information security tools from the malware for terminal units of VEKA Rus company. Using the solution Cisco Advanced Malware Protection (AMP) for Endpoints it was succeeded to raise the security level of the equipment of the staff of the enterprise who are in Moscow, Novosibirsk, Khabarovsk, Almaty (Kazakhstan) and Baku (Azerbaijan).

In the fall of 2017 before IT department of VEKA Rus company there was a task of gain of security of terminal units for all lifecycle of potential threats. It was required to accelerate detection of cyber attacks and to increase efficiency of a cybersecurity system.

The plant of VEKA Rus company in Novosibirsk

After the analysis of the developments presented at the market, a choice was made for benefit of the equipment Cisco AMP for Endpoints, thanks to ease of implementation, to cloud the management implemented by the principle "software as service" (SaaS), and possibilities of use along with the existing anti-virus software. Local means of protecting from the malware – the last and often only line of defense for completely encrypted links of communication, including maintaining archives with password protection, connections HTTPS/SFTP, file transfers of a chat, etc. The solution Cisco AMP analyzes all files getting to the system of the user and blocks malware on point of entry, thereby eliminating need for expensive technologies for security of terminal units.

The solution Cisco AMP continuously analyzes and writes data on activity of files in a system, irrespective of their status. If the file begins to show suspicious activity, Cisco AMP detects it and sends the corresponding notification to the administrator. At the same time the solution constantly fixes the detailed history of "behaviour" of the malware, including the place and a method of penetration into network, the passable way and perfect actions. Then, on the basis of an established policy, Cisco AMP helps to isolate or eliminate threat (automatically or manually).

The equipment is integrated with the solution on control of network access taking into account a context of Cisco Identity Services Engine (ISE). Within a single platform of Cisco ISE includes services of authentication, authorization, and accounting (AAA), assessment of a status, profiling and management of a guest access. The coordinated work of products allows to enrich a decision making context in the course of authorization in network.

"According to the results of the project, isolation of threats on terminal units of our employees is more effective, than ever. Cyber crime promptly develops, and, anticipating attempts of malefactors, we strengthened borders using the solution Cisco AMP for Endpoints. In plans – purchase of Cisco AMP for firewalls. Architectural approach to information security support allowed us to strengthen positions at the expense of a combination of sensors, monitoring and the analysis". Sergey Tokarev, deputy manager of department of information technologies of VEKA Rus company