Due to the rapid evolution of cyber attacks, businesses and organizations across the world, no matter large or small scale, are exposed to extremely high risks of data security threats. The recent widespread of ransomware attacks has disrupted operations and profitability to many corporations and institutions. According to statistics, the top three victimized countries are United States, Taiwan and Japan. Recently, even well-known religious organizations and hospitals in Taiwan have been attacked by ransomware. In 2016 alone, experts have determined the most infamous global ransomware attacks: CryptoWall, Locky and Cerber, each accounted for approximately 41%, 34% and 24% respectively.
What is Ransomware?
Ransomware is a crypto-level virus usually in a covert malware that kidnaps significant data by encryption and requests a ransom in order to get the decryption key. In other words, the data is kidnapped and the owner has to pay a ransom in order to access the files. In most cases, ransomware is usually hidden in a Trojan with a payload disguised as normal files. Once under attack, operations and services are severely disrupted and suffered from great loss of profitability. For example, according to FBI, USA, CryptoWAll has accrued over $18 million of ransom by 2015.
Since ransomware has to go through the web and network, one of the most practical solutions is deploy a next-generation, demand-specified gateway for MSPs (Managed Service Providers), whose network security services are mainly provided to enterprise branches or SMBs. The edge security gateway will function as the firewall/UTM that integrates malicious email filtering, web filtering, IDP/IDS, deep packet inspection, reputation identification, malware scanning, bandwidth control/monitoring and intrusion prevention. By DPI, filtering and scanning, the gateway will stop potential threats. The UTM will also ensure the secured VPN connections with mobile devices, corporate sites and remote branches.
On the other hand, the UTM gateway will also act as the “security as a service” cloud console to control licensing and billing, as well as security policies.
To afford intrusion prevention systems for branches or SMBs, Lanner offers its cost-effective solution NCA-1011, an Intel Bay-Trail driven compact desktop endpoint security gateway designed for MSP’s network security as a service. NCA-1011 is packed with Intel Quad-core Celeron J1900 SoC CPU, five RJ-45 LAN ports, two USB 2.0 ports, one console port and one mini-PCIe slot for wireless network module.
NCA-1011 comes in compact fanless desktop form factor, ideal for enterprise branch office, campus building and retail environment. As a vCPE and UTM gateway, NCA-1011 is built in an x86 open architecture for flexibility to run various software. The platform is empowered by Intel Quad-core Celeron J1900 SoC CPU (codenamed Bay Trail) to deliver the required performance and power efficiency in an edge security deployment. Memory wise, the platform supports DDR3L 1333MHz non-ECC SO-DIMM up to 8GB.
At the networking aspect, NCA-1011 comes with five RJ-45 Gigabit Ethernet ports to connect with other networking devices. In fact, the RJ-45 I/O set of NCA-1011 is programmed with one pair of Lanner’s Gen 3 LAN Bypass. The platform also provides a RJ-45 console port to establish a console terminal for control and management.
Other functionalities of NCA-1011 include one mini-PCIe slot for wireless network module, two USB 2.0 ports, and a power input of AC 100~240V@50~60 Hz.