www.archive-org-2014.com » HR » I » IKI

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".

    Archived pages: 3 . Archive date: 2014-08.

  • Title: IKI SITO
    Descriptive info: .. SITO IPPOS.. is a specialized passive (nonintrusive) monitoring system for point of sale terminal payment card transactions over IP networks (IP POS transactions).. It continuously monitors all and each IP POS TCP/SSL transactions and dramatically improves visibility of IP POS transactions security, availability and performance.. SITO SSL.. is a specialized passive (nonintrusive) monitoring system for short SSL/TLS transactions.. It continuously monitors all and each IP/TCP/SSL/TLS transactions and dramatically improves  ...   SSL/TLS handshake environment with large number of client certificates but it can be used in any TCP/SSL/TLS transaction architecture.. SITO HC.. is an advanced active (intrusive) monitoring application health check system.. SITO HC is especially useful in client-authenticated SSL/TLS handshake environment with large number of client certificates but it can be used in any TCP/SSL/TLS transaction architecture.. comming soon.. CARTES SESAMES Award 2013, Paris and MPE Award 2014, Berlin finalist..

    Original link path: /
    Open archive

  • Title: SITO IPPOS
    Descriptive info: SITO IPPOS - POS over IP Transaction Monitoring System.. Introduction.. Security.. Availability.. Performance.. Merchant Loyalty.. SSL Certificates.. Architecture.. PCI DSS.. There is a strong trend of POS (point of sale) transactions migration from dial-up to the IP infrastructure.. Payment transaction speed increase, faster response time, wider geographical availability of payment card services and lower IP telecommunications infrastructure cost are just some of the benefits.. Anyway some negative side effects like greater exposure to denial of service (DoS) attacks or other abuses, QoS issues and much higher complexity of protocols like TCP, SSL /TLS are also introduced.. Such problems are permanently affecting payment card processors and payment card acquirers services.. SITO IPPOS (Croatian for sieve) is a specialized monitoring system for point of sale terminal payment card transactions over IP networks (IP POS transactions).. Security module tracks all IP packets and flows.. Traffic anomalies, like DoS attacks, could be easily detected through sensitive triggers for maximum simultaneous sessions (total or per IP) or new sessions per second.. For example SYN Flood attack will be observed through “Attempt to open an existing session” alert.. In addition to these traffic triggers each TCP/SSL session is compared to black and white lists of client and server IP addresses and white lists of client and server SSL certificates.. In case of any irregularity (or abuse) alerts will be triggered.. Stolen POS terminals, transaction attempts from unauthorized locations (or countries) or transaction attempts with compromised server or client SSL Certificates will be easily detected.. Even misconfigured POS terminals with wrong or expired SSL certificates will be observed with this module.. Most of other general security and monitoring systems like firewalls and intrusion detection will overlook some or most of such events due to insufficient knowledge of IP POS protocols and specific payment network environments.. Availability module takes track of all successful and failed TCP/SSL transaction sessions.. Such failed SSL transaction sessions are usually not visible to POS transactions servers since they are dismissed before reaching them.. Due to problems with some IP telecommunication networks (especially in mobile networks) or due to even simple configuration errors like  ...   or via other POS terminal.. Such event may be called transaction churn.. SSL Certificates module monitors thousands of client and server certificates used in real-time payment transactions.. It discovers all certificates directly from transaction IP packet flows.. If any detected SSL certificate is not found in the white list or certificate has already expired security alert will be immediately triggered.. Detailed statistics including expiration dates of all SSL certificates are shown in tabular and graphical reports.. If a certain SSL certificate is close to its expiration date the warning will be clearly shown.. SITO IPPOS appliance is based on a standard high availability Linux server hardware with optional additional Ethernet network card.. SITO IPPOS appliance cannot influence IP POS payment transactions in any way.. All analysis is done on a copy of the transaction traffic so SITO IPPOS cannot change, add or delay monitored packets.. High security is based on network separation.. There are no IP addresses on dedicated physical Ethernet port used for payment transaction monitoring.. SITO IPPOS appliance configuration and management is done through a different dedicated physical Ethernet port.. It is recommended to connect SITO IPPOS to monitored network with an intelligent filtering inline monitoring tap.. Span (mirror) port on router or switch is also option but filtering tap is less likely to drop packets and can also perform intelligent hardware packet filtering for IP POS traffic only.. All sensitive credit card information remains hidden from the SITO IPPOS system.. SITO IPPOS analyzes only IP/TCP/SSL transaction sessions and cannot actually see into encrypted payment card financial transaction data.. Neither private keys needed for sensitive data decryption nor any credit card information is stored on SITO IPPOS appliance.. According to these facts SITO IPPOS does not have to be a part of PCI DSS scope.. Anyway SITO IPPOS can help in PCI DSS procedures since it can provide SIEM or other security systems with unique information not available by general network security and monitoring systems.. IKI d.. o.. o Rapska 42 10000 Zagreb Croatia / Hrvatska Phone: +385 1 3665788 Fax: +385 1 3667119 Email:.. iki.. @iki.. hr..

    Original link path: /ippos.html
    Open archive

  • Title: IKI SITO SSL
    Descriptive info: SITO SSL - SSL Transaction Monitoring System.. There is a strong trend of developing new or migrating old transaction applications for public Internet infrastructure according to the REST application model with SSL/TLS cryptographic protocol.. A lot of such web applications and other services open short TCP/SSL/TLS connections to securely process a client transaction with a server.. Several standards and protocols are used for such applications like XML, SOAP, JSON, YAML which all rely on SSL/TLS for securing transaction data over Internet.. SITO SSL is a specialized monitoring system for short SSL/TLS transactions.. Security SITO SSL module tracks all IP packets and flows.. Traffic anomalies like DoS attacks could be easily detected through sensitive triggers for maximum simultaneous sessions (total or per IP) or new sessions per second.. In addition to these traffic triggers each TCP/SSL/TLS session is compared to black and white lists of client and server IP addresses and white lists and black list of client and server SSL certificates.. In case of any irregularity or abuse alerts will be triggered.. Transaction attempts from unauthorized locations (or countries) or transaction attempts with compromised server or client SSL certificates will be easily detected and notified.. Even missconfigured clients with wrong or expired SSL certificate will be observed.. Most of other general security and monitoring systems like firewalls and intrusion detection systems will overlook some or most  ...   number of failed TCP/SSL/TLS transactions or pinpoint telecommunication operators with unacceptable quality of IP transmission service.. Performance module analyzes only quality of successful TCP/SSL/TLS sessions.. Although successful even such sessions may be unnecessary long due to transmission errors or maybe non-responsive due to server overload.. Continuously monitoring all IP TCP/SSL/TLS transactions SITO SSL provides detailed quality of experience information for all such sessions.. Again clients with lower quality of service or unacceptable quality of experience (QoS/QoE) can be easily spotted from dedicated dashboards and proper measures can be taken proactively.. SITO SSL appliance is based on standard high availability Linux server hardware with optional additional Ethernet network card.. SITO SSL appliance cannot influence IP/TCP/SSL/TLS transactions in any way.. All analysis is done on a copy of the transaction traffic so SITO SSL cannot change, add or delay monitored packets.. High security is based on appliance network separation.. There are no IP addresses on dedicated physical Ethernet port used for SSL transaction monitoring.. SITO SSL appliance configuration and management is done through a different dedicated physical Ethernet port.. It is recommended to connect SITO SSL to monitored network with an intelligent filtering inline monitoring tap.. Span (mirror) port on router or switch is also option but filtering tap is less likely to drop packets and can also perform intelligent hardware packet filtering for SSL/TLS transaction traffic only..

    Original link path: /ssl.html
    Open archive
  •  



     


    Archived pages: 3