Cloud technologies have long been an integral part of cybersecurity solutions. They ensure a quick response and help create a proactive defense system. However, for some companies, the key advantage of such technologies — the constant connection to the cloud — is also a flaw. Such companies have specific characteristics and regulatory requirements that prohibit them from transmitting even a single byte of data outside their network. That’s no reason to leave systems unprotected, however. If data cannot be uploaded to the external cloud, a cloud can be built within an infrastructure.
How it works
We have been using classic cloud technologies in our products for more than eight years now. Our cloud system, which is called Kaspersky Security Network, receives depersonalized information about threats as well as file and URL reputation from our millions of users. Thanks to this data, it can protect all of our users from the newest threats within minutes or prevent them from visiting a page, should the page have caused problems for other users.
When we realized that some companies would gladly protect their infrastructure using the technology but could not permit data exchange with an external cloud, we developed a local version of the solution called Kaspersky Private Security Network. We have been tweaking it ever since — three versions have already been launched.
The current version of Kaspersky Private Security Network brings users all of the advantages of the cloud without violating governmental regulations or internal security policies. The solution works in data-diode mode: A server inside the company’s information infrastructure receives updates from the global Kaspersky Security Network without sending any data in return.
Thanks to Kaspersky Private Security Network, computers protected by Kaspersky Lab endpoint solutions can receive information on file and URL reputation, as well as on the behavior of known malware. When machines encounter a new object, they can quickly check whether to trust it.
Private clouds have some advantages over global ones. To better meet the demands of enterprise clients, the latest version of our solution allows proprietary data — for example, information on unique files encountered only in your infrastructure — to be added to blacklists or whitelists. This helps prevent false positives, such as when legitimate software looks potentially suspicious and the security system has no reputation data for it. Moreover, Kaspersky Private Security Network has interfaces to external reputation data sources.
How to implement
To implement Kaspersky Security Network 3.0 in your infrastructure, you need a dedicated server running Red Hat Enterprise Linux 7.2 or CentOS. To find out more about our solutions and request a call from an expert to help you with integration, please visit KPSN’s home page.