Monthly Archives: March 2013

disconnecting networks from the “bad parts” of the Internet

For years, CBSi has been connecting enterprise networks to the Internet.  As you likely realize, Internet connectivity is a requirement for almost every business to function today.  Unfortunately, there are a lot of “bad guys” on the Internet trying to do a lot of bad things to enterprise networks.  Just read up on botnetshackers, keyloggers, spyware, Trojansviruses, zombies, etc.

A long time ago, we decided that it was best to start disconnecting enterprise networks from the “bad parts” of the Internet.  Our original approach was to block the most problematic countries.  Our internal list was known as the “dirty dozen” country list.  Maintaining this list became a full-time job.  Often times, we had to call in a geopolitical specialist to determine if a country should be considered hostile.  This approach was not scalable so we started looking for new solutions.

After much research, CBSi decided that partnering with ThreatSTOP was the best approach.  This partnership provides a number of benefits to our joint customers:

  1. We can block “bad” countries with a single mouse click.  For example, if your business doesn’t need to do business with China, we can simply drop all packets from and to China.
  2. We can keep track of the geopolitical posture of all countries.  For example, we can drop all packets from and to all ITAR countries with a single mouse click.  Of course, we can also do this for all OFAC countries, etc.
  3. We maintain a reputation database down to the IP level.  So, our customers can block all traffic from and to hostile sources, such as botnet command-and-control (C&C) servers, as well.
  4. We maintain application-specific reputation databases.  Our customers can block all IP addresses that are seen initiating SIP attacks, etc.
  5. Because our customers are dropping these packets, they can get more performance from their other security devices (firewalls, intrusion prevention systems, etc.) as the devices are not busy processing known hostile traffic.

If you are interested in disconnecting your enterprise networks from the “bad parts” of the Internet, please call (804) 798-4444 Option 2 or email