1. Home /
    2. Company news /
  2. Changing business environments needs better cybersecurity
Company news

Changing business environments needs better cybersecurity

Managed Services

ASP is providing operations to assure all critical components of our hosting platform are performing as expected. These critical components cover all network equipment including Internet connectivity.  Hosting equipment includes servers, storage and VMware/ HyperV virtualization layer. Our advanced monitoring software built around Check_MK enables us to identify and solve issues before it impacts our customers services. 

ISP Connectivity 

What is an ISP?

The fact you could read a web page, or access your Facebook page, or being able to shop online through many retail online website is only because you are using right now an Internet Service Provider Connectivity. ISP grants Internet access rather to professional organizations or rather to home users, which offers online services like: 

  • Web hosting; 
  • Email services; 
  • Domaine name registrations; 

In order to connect your hardware to the Internet requires specifics telecommunications, networking and routing equipment. ISP allows users access to networks that contain the required equipment, enabling users to establish internet connectivity. 

Is an ISP a mandatory to get connected to the net?  

Yes. Organizations and home users need an ISP to be able to access the Internet. If your ISP is down, you will not be able to access the internet unless you have access through another ISP.  

Why became ASP a member of RIPE NCC?

In 2000, just after its founding, ASP became a member from RIPE NCC and was registered by default as a Local Internet Registry. Because of this, ASP can provide general Internet support through RIPE NCC for the industry providing global Internet resources and related services to members such as IPv4, IPv6 and AS Number resources. ASP is very flexible and cost effective when choosing our IP transit providers. 

Example : Cogent, Bnix, serverius, … 

Tier levels of an ISP 

There are 3 different levels of Tier Internet service providers. At the top of the Internet, access pyramid is Tier 1 Internet service providers, which connect all corners of the World Wide Web, defined as the major highways of the Internet, using only network peering agreements they do not have to pay for. 

Example: The driving force of a locomotive which grants the power for the rest of the train. 

Tier 2 ISPs then sell Internet access to organizations and home users from Tier 1 ISP.  They actually use the link of Tier 1 ISP connectivity to make benefit the other levels. However, it could happen Tier 1 ISPs may sell Internet access directly to organizations and individuals. 

Example : The second part of the train, using the power of the driving force (Tier 1), make the link between Tier 1 and Tier 3. 

Additionally, a second intermediary ISP, referred to as a Tier 3 ISP, may purchase network bandwidth from a Tier 2 ISP before selling that bandwidth to end users. It is a network that only buys transit / peering from other networks to participate in the Internet 

Example : the last part of the train, which uses the Tier 2 connectivity. 

Datacenter connectivity

How good is the datacenter’s infrastructure? 

Poor power and cooling management can cause servers to go down frequently, costing companies enormously in terms of revenue, reputation, and opportunities. That is why choosing ASP ensures that your organization has a high level of data center connectivity. With well-trained and experienced technical ASP engineers, you avoid the human error which more likely to disrupt services as well.  

What cloud deployments does the datacenter offer? 

Public cloud platforms may be powerful and scalable, but they also come with security and visibility concerns. ASP assures the security of your data and your network. ASP provides Microsoft Azure as a public cloud. Our experience with data center connectivity technology allows your business to use the multi-cloud network, known as hybrid infrastructure, which combines the features of a few cloud computing platforms with the company’s own private cloud servers. 

Example : Using Azure & IX Zaventem. 

ASP is partnering with KEMP Technologies and can provide Layer 4 – 7 Application security for web services. 

An application delivery controller (ADC) is a computer network device in a datacenter, often part of an application delivery network (ADN), that helps perform common tasks, such as those done by web accelerators to remove load from the web servers themselves. 

Benefit of ADC
  • Improve the performance and capacity of an application by enabling it to spread across multiple servers 
  • Improve the availability and robustness of an application by detecting failures and switching to a different server 

Cybersecurity

What is a DDos attack?  

There are different types of Distributed Denial of Service (DDos) attacks, which in turn all slightly work in a different way. However, all DDos attacks always have one thing is common, being that, cyber criminals bombard a server or a group of servers with a large amount of data. This then can result in the server(s) temporarily being difficult to reach or even worse, it goes completely offline. When this happens, websites or online services respond slowly or are not available at all. 

How does it work in practice? 

One form of a DDos attack is a Border Gateway Control (BGP) attack. When BGP hijacking arises, an attacker impersonates a network, whilst using a legitimate network (prefix?) as their own. Once this impersonated information by your network, traffic is unwittingly sent to the attacker, instead of to the intended destination.  

What can BGP edge routers do for my business? 

When ASP`s BGP edge routers detect a possible DDoS attack, our BGP edge routers will start tracking this specific prefix. All incoming traffic will then be verified and filtered by our BGP scrubbing service, protecting your server(s) against the DDOS volumetric attacks.  

Verified and clean traffic reaching the ASP datacenter is then further inspected by our next generation firewall.  Our shared firewall infrastructure is built on top of the state-of-the-art Check Point Next-generation firewall with following specifications and functionalities:  

  • Network Access policies  
  • Network address translation and port forwarding  
  • Quality of service allocating and guaranteeing a specific amount of bandwidth 
  • VPN IPSEC site to Site connectivity  
  • VPN RAS connectivity (IPSEC and SSLVPN)  
  • Intrusion Prevention System (IPS)  
  • Signatures are updated via Check Point threat cloud  
  • Redundant solution built on top of Check Point ClusterXL

Leave a Reply