With the growing demand for security and data protection, we understand the need for a partner that is constantly improving upon the tactics, techniques and tools that are securing your data and I.T. infrastructure.
Trillium Coast is a Managed Security Service Provider (MSSP), offering fully managed security tools, both software and hardware, to ensure your data is being protected around the clock.
Unparalleled security, connectivity, and automation
We believe that network security needs to do more than just secure your network and data. It needs to facilitate uninterrupted network availability and robust access to cloud applications and connected networks.
Our Firewall as a Service (FaaS) is a combination of physical, virtual, and cloud-hosted appliances that protect and enhance your network infrastructure no matter how dispersed.
Scalable, centralized management and cutting-edge security analytics will help reduce administrative burden while defining and enforcing granular policies across your network.
Trillium Coast offers an ideal security and connectivity solution for small businesses and multi-site enterprises.
(Firewall as a Service)
While traditional solutions typically detect network threats after they’ve already breached your network our ATP implements full system emulation, providing deep visibility into the behaviour of the malware. Files are checked against a cryptographic database that is updated near real-time hourly, daily, weekly and monthly. In the event that a file is unknown, it is emulated in a virtual environment where malicious behaviour can be identified.
Our ATP offers granular, file-type-based control including automatic quarantine and blacklist features, maintaining the highest level of protection for your network.
Botnet and Spyware Protection shields your network against botnet infections by blocking access to malicious sites and servers, and detecting potentially infected clients based on DNS Sinkholing technology. DNS Sinkholing blocks clients from accessing malicious domains by monitoring outbound DNS requests which pass through the firewall. These requests to malicious domains are redirected to an internal sinkhole, thereby preventing data exfiltration and identifying the victim. Once an infected client is detected, it is automatically isolated.
Using state-of-the-art Intrusion Detection and Prevention System (IDS/IPS), we enhance your network security by providing complete and comprehensive real-time network protection against a broad range of vulnerabilities, exploits, and exposures in operating systems, applications, and databases preventing network attacks such as:
- SQL injections and arbitrary code executions
- Access control attempts and privilege escalations
- Cross-Site Scripting and buffer overflows
- Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
- Directory traversal and probing and scanning attempts
- Backdoor attacks, Trojans, rootkits, viruses, worms, and spyware
Our system also provides advanced attack and threat protection features such as:
- Stream segmentation and packet anomaly protection
- TCP split handshake protection
- IP and RPC defragmentation
- FTP evasion protection
- URL and HTML decoding
As a result, the system is able to identify and block advanced evasion attempts and obfuscation techniques that are used by attackers to circumvent and trick traditional intrusion prevention systems.
In today’s world of ever-present bots, one of the primary tasks of perimeter protection is to ensure uninterrupted availability of your network for legitimate requests while detecting and repelling malicious denial of service attacks. With TCP SYN Flood Protection, our FaaS effectively functions as a generic TCP proxy, forwarding only legitimate TCP traffic to the inside of the network.
In a massive DDoS attack, the attackers may simply aim to saturate your link by transmitting a vast numbers of packets. The integrated environmental monitoring feature of our FaaS diagnoses such conditions by link and target address monitoring. Once the response of a remote target address to regular ICMP probing fails, the system can be configured to activate different routes and uplinks (for example backup line, ISDN, xDSL). Using this feature, traffic will be uninterrupted across unaffected lines and crucial site-to-site and site-to-Internet connectivity will remain operational.
The Malware Protection utility built into the Trillium Coast FaaS (Firewall as a Service) protects your internal network from malicious content by scanning web content, email, and FTP via two fully integrated antivirus engines. This Malware protection is based on regular signature updates as well as advanced heuristics to detect malware or other potentially unwanted programs even before signatures are available. This protection covers viruses, worms, Trojans, malicious java applets, and programs using known exploits on PDF, picture and office documents, macro viruses, and many more, even when using stealth or morphing techniques for obfuscation.
Our Firewall solutions will apply IPS, Virus Protection, Application Control, URL Filter and even Advanced Threat Protection to SSL encrypted web traffic using the standard ‘ trusted man-in-the-middle’ approach. SSL Interception can be fine-tuned to exempt local networks, users/groups, URL Filter categories or custom defined domains from SSL Inspection.
In addition to SSL Interception, of FaaS contains a high-performance stateful deep packet inspection engine which examines the header information as well as the data part of every passing packet. Compromised or malformed packets are disregarded, ensuring infrastructure protection against network level attacks. Protocol compliant packages are then checked to match any of the defined firewall rules.
Once a data packet is opened up for inspection, all other security inspection mechanisms like IPS/IDS, anti-virus are also applied to the packet or stream of consecutive packets. Security inspection is done in single pass mode without the need to hand over to a separate proxy.
Multi-factor authentication (MFA) has become the standard for preventing unauthorized access to your company’s critical information. Our FaaS supports and enforces multi factor authentication methods for protected resources, SSL-VPN as well as VPN connections. This makes the need for purchasing an additional multi-factor authentication or identity access management (IAM) solution obsolete.
Time-based one-time passwords (TOTP) are commonly used for two-factor authentication and is today the de-facto standard for multi factor authentication methods as used by cloud application providers. Our service includes an advanced multi-factor authentication function using the TOTP algorithm to protect company critical resources as well as SSL-VPN and VPN connections from unauthorized use.