We hear the question from the title very frequently, so today I would like to share with you how the traffic inspection works in Veronym Services.
Network traffic is tunneled through Veronym Cloud, and there inspected for traces of hacking attack. Inspection is conducted by our security systems only with a view to search and block potentially malicious activity transferred most often in the application layer of the network traffic generated by users. The process and methods of threat identification cannot be simply described in one sentence, as we offer multi-layered security system, consisting of a variety of complementary mechanisms. Each of these mechanisms reacts to a different threat category, and so each of the mechanisms uses different method of detection and blocking. These are, among others, signature methods, anomaly analysis, behavioral methods, static analysis based on machine learning algorithms, URL categorisation or keyword search. They are hardcoded in the security system, so operators or administrators of the system don’t have the access to the application payload of the traffic itself - e.g. we don’t see the documents. Traffic decryption is also not a part of our inspection. This means that we won’t detect some of the threats on the Internet perimeter - on our state-of-the-art firewall. That’s why we offer also a full protection of endpoint devices.
This way we protect your data from unauthorized access and at the same time we don’t let threats from encrypted traffic cause any harm on the protected devices. What’s more, when it comes to personal data protection we use pseudonymization, which means we do not have any access to the end user’s identity, we only have their unique and randomized Veronym Services IDs, which are used for authentication in our Services.
The best protection against threats is multilevel, it guarantees network security from the cloud, and provides it through integration of the best available technologies, which communicate with each other and act preventively. Such a system has the biggest chance of succeeding when faced with various categories of attacks. That’s why Veronym Services not only detect attacks, but first and foremost, prevent them. Our Services guarantee security on the network, as well as on the endpoints, providing two complementary layers of protection. Consequently, we offer real-time prevention, stopping threats before any real harm comes to the system under attack.