YBOX Shield

YBOX Shield is a comprehensive security suite which is designed and enhanced based on recommendations of The National Institute of Standards and Technology. When it comes to security, there is no single silver bullet. Depth-in-Defense is the formidable strategy. It involves defense in multiple layers.

OS Level Hardening

YBOX Shield detects the OS and apply latest patches and upgrades. It also removes or disables unnecessary services, applications and network protocols. It also installs and configures additional security controls which enhance the default security control present in the OS.

Once the OS installation and hardening is complete, it runs a complete security check to determine the level of hardening is attained.

Server Application Level Hardening

Typically a server runs web, ftp, dns, database, mail and other services. YBOX Shield detects these important services and apply patches or upgrades. It also removes unnecessary services and hardens the default settings. Based on the type of application that is required to run in the server, the services are fine tuned. This helps in smooth running of the applications with the most optimal settings.

YBOX Shield also sets the process priority so that vital server resources such as memory, cpu and utilized for processes that are high in priority.

Network Level Hardening

This involves enabling additional protection in standard ports and protocols and disabling unnecessary ports and protocols. It also involves effective tools such as firewall, anti-virus, root kit detectors, host based DOS shields in monitoring and protecting the incoming and outgoing traffic.

Encryption and Higher Strength Authentication

YBOX Shield configures services and authentication daemons to use high strength level or encryption while communicating with client and server. This helps in preventing attacks originating from infected clients.

DDOS mitigation

In line with Depth-in-Defense strategy, YBOX Shield now comes bundled with DDOS mitigation module. This module detects and prevents further flooding of attacks to a particular service. Apart from that, it also helps in identifying which service or website is under such attack to enhance better mitigation and prevention from future attacks.

YBOX Patrol Engine

YBOX Shield now includes a Patrol Engine which scans the websites hosted in the server and alerts the system admin or concerned user immediately. It also suspends and isolates the infected files or malware. The YBOX Patrol Engine can detect

1. Malicious Files Upload: Malicious scripts, codes, exes, files uploaded in a website which could be used for defacing your website, websites in your reseller and other sites in the server

2. Gumblar Attack: Iframe injections in html,php,asp,asp.net,.css files, javascript files which are injected with a malware code

Maintain and Monitor Security

YBOX Shield comes with state of the art Intrusion Detection and Prevention Software [ IDPS ]. This analyses the incoming traffic, logs, processes frequently. This also check key system files and processes and detects any variations.

The server is continuously monitored and more than 300 samples are collected on key parameters in a day. The entire environment is pre-built and tested in real time environment for 170 man hours. Such a rigorous hardware and software testing helps in identifying and rectifying 70 % of the issues that occur in a enterprise level dedicated server environment.