The Cyberwall approach represents
a completely new class of web security
Websites can‘t be protected easily, because there is a virtually infinite number of ways to attack them
Problem 1: Websites consist of many attackable resources
In addition, attackers and normal users alike can easily analyse website code and other page resources
Problem 2: Very many ways to attack each resource or server
Web servers and browsers have to communicate in an open language (protocol) which leads to a very large attack surface (HTTP/S)
Cyberwall fixes this fundamental problem of website security
Fix 1: Client-code executed in a trusted container incl. Scripts
The complete application incl. all Scripts and even third party resources are securely rendered in a container on the Cyberwall server
Fix 2: No connection between attacker and website possible
Cyberwall forwards only basic keyboard and mouse events from users to the original application. Virtually no hacking attempts can reach actual website or application servers
New protection for web applications through Application Streaming
Cyberwall separates user and web application through application streaming.
Logic separation of execution and displaying
High-performance Application Streaming
Cyberwall selected security features
- IT operations minimally impacted
Cyberwall produces no False Positives, thus no analysis thereof is required. Also, Cyberwall supports even complex applications without adjustments to the application itself. Therefore, the protected applications can as well be changed over time without the need of adjustments to Cyberwall. Cyberwall works fully transparent to users, and mainly silent for system administrators.
- Immediate protection without patching
Want to secure applications as soon as possible? Lacking the resources to fix critical vulnerabilities in productive applications? Or does the provider of legacy software simply not support your needs fast enough? Cyberwall can help. It simply puts most vulnerabilities out of the reach of potential attackers - and silently supports even complex and or older applications.
- Fast deployment for faster time to value
Cyberwall can be deployed fast, whether it is on premise, via our SaaS offering or as hybrid model. You chose the speed. The roll-out can be undertaken step-by-step, ramping up traffic secured via the cyberwall gateway over time. Additional web applications used throughout your network can be added to the Cyberwall-protection over time and seemlessly. Depending on the requirements, we are supported by local partners to deliver larger deployments.
- Full SSL encryption integrated
Encrypts all communication between users and all applications behind Cyberwall without any changes to the protected applications. Also, if numerous third party data source which not all support SSL are integrated in an application - Cyberwall will SSL-encrypt the communication between user browsers and all integrated third parties and end-points.
- VPN tunneling can be replaced
If certain user groups need to connect to web applications securely, Cyberwall can replace VPN tunneling. Whether users have to connect from home offices, other external locations, or from internal to isolated networks - Cyberwall can be the intermediare ensuring a secured connection without the need to install, configure and maintain software on the connecting client devices.
- Full end-to-end traffic encryption
Cyberwall supports local encryption of data before it is stored in online services such as SaaS offerings, e.g. a web-based sales tool. Form-fields inputs such as credentials, e.g. name and contact details of customers can be encrypted before they leave the users' devices. Within the databases of the online service provider, they are not decrypted. When the user retrieves data, it will be decrypted at the user device. Cyberwall can support this feature with limited adjustments for a wide variety of SaaS services.
- Data Leackage Prevention (DLP)
Cyberwall identifiies sensitive data directly right before passing it on to the enduser devices for display, i.e. Cyberwall can block the display of sensitive data. Also, forbidden export of data, (e.g. xls, csv, pdf) will controlled by Cyberwall. Role based adjustments are possible.
- Support of all common browsers, mobile & desktop
The technology supports all common, modern web browsers (e.g. Chrome 24+ , Firefox 28+, IE 10+, Safari 6+) on desktops as well as mobile user devices. Cyberwall supports even complex, dynamic web applications and will be fully transparent to users - unless they are trying to analyse the applications source code, that is.
- No adjustment of WAF rules required
Cyberwall provides protection which doesn't depend on rules. Thus the adjustment of complex security rules, as needed by widely used security solutions is not necessary. Even if you are operating WAF-like services, Cyberwall can complement these making constant updating of security-rules less critical. Cyberwall greatly reduces the complexity of security contexts.
- Significant cost benefits and minimal upfront investment
In comparison to complex detection engines, loaded with rules, requiring constant maintenance to be reasonably secure, Cyberwall is a leightweight solution. It takes out the complexity of threat landscapes, saving security teams valuable time and resources.
- Implementing Cyberwall can be done fast and without much effort in most cases and setups.
- Handling during operations requires hardly any human attention over extended periods.
- There are no specific appliances and related upfront investments required.
- Seamless transition from test to production environments
Cyberwall can easily be implemented and activated for lab testing and demo environments of a specific application. It is not necessary to set up complex rules, systems or adjustments to the application. Development and security teams, as well as business management can test Cyberwall and convince themselves of the correct, perfectly normal functionality of the respective application behind Cyberwall - before transition to productivity. The step from testing environments to productivity is simple as well: mere DNS configurations are necessary to route live traffic via Cyberwall.
- Reduced consumed bandwidth & traffic compression
Depending on web application and content, Cyberwall reduces the consumed bandwith by about 40%. Also, Cyberwall delivers web applications as single source to the enduser. This can result in an acceleration of the web app.
- Backdoor-free, made in Switzerland/Germany
Protected by the mighty peaks of the Swiss Alps as well as the traditionally rather strong privacy regulations of Switzerland, we developed Cyberwall with love and passion for high security, personal freedom and privacy. We keep our software strictly backdoor-free and strive to select only backdoor-free third party products and services throughout all operations of our firm.
- Data handling and hosting in compliance with EU regulations
All data handled at your own datacenters or in high-quality datacenters of our Swiss/German hosting partners (as required). All data handeled in accordance with European laws regulating data storage and handling.