Block All Traffic From China improves your Defense

by

What if you could block all China originating traffic?

China_Traffic_Forbes

As you see there was a Forbes Internet attack survey done for Q2 2014. China  was the top source of attack traffic (43% of global Internet attack traffic).  Image reference Link: http://www.statista.com/chart/2801/china-is-the-worlds-top-source-of-internet-attack-traffic/ .

What if you could just block all this traffic? How could you do it?

It just so happens Bandura Systems has thought about this very scenario.  Country specific blocking of traffic.  Of course if you decide a specific server needs to access your network there is a way to configure the policy. The product is called Polliwall ( word play on Policy wall)

poliwallinnetwork_bandura

The above diagram is from a product brochure from Bandura Systems.

The systems are sized from small business to Enterprise grade class devices.

BanduraE-series  E-Series

The Bandura System sits before the firewall/IPS/IDS  system inline similar to the IPS Proventia system I used to manage for a couple of years. See  http://www.fixvirus.com/customers/ for more details.

So I am very familiar with this type of device, and was given a demo to see some of its functionality. It depends on how you configure it, but if one could remove all traffic but US traffic then attack traffic would be reduced by 87%. And this type of device would stop good and bad traffic, for example if you were looking for email from China to your work email which is hosted on your company server, then it will be blocked.  Email I am afraid could still get in your network, since people will check their gmail accounts.

 

The  idea is to stop all port scanning, DOS attacks and general mayhem that is being done on your firewall every day.  There is even a program where you can try the system for a month first.

 

As we have pointed out in the past with this report:  http://oversitesentry.com/how-many-scans-are-attacking-the-internet/  Jan 2014 paper about “An Internet wide view of Internet wide scanning. 10.8 million scans from 1.76 million hosts and that is for only one port and a small portion of time.  In total there were 5.4 trillion SYN (port 445) probes.

scansby port

Will you say http://oversitesentry.com/cyberattacks-too-difficult-i-give-up/  or will you defend your systems in the best way possible?

And the good thing is Bandura Systems devices are all made in the USA.

Let Bandura Systems know where you saw this blogpost.

Or Contact Us and we will get you in touch with relevant party.

3 thoughts on “Block All Traffic From China improves your Defense”

  1. Pingback: Is Your Cyber Risk Manageable? | Oversite Sentry
  2. Pingback: More Sophisticated Attacks = We Must UP CyberSecurity | Oversite Sentry
  3. Pingback: Do You Believe There is a #CyberSecurity Problem? | Oversite Sentry

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.