NETWORKING
SOLUTIONS

India’s First Enterprise Product Company with Octeon, Nitrox and Intel Processors with Tri-O-Core Architecture, equips Service providers with scalable High Throughput Cyber Security Network Function Gateway.

Nubewell’ s Tri-O-Core Architecture provides Cloud Class Industries First of its kind 10Gbps WAN Optimization with 4 Bypass 10G Segments, 60Gbps Hardware Compression Engine, low latency Packet Processing with 80Gbps Throughput and Industry-leading Ipoque DPI Engine that will classify/monitor/shape or block all well-known Apps such as Skype, WhatsApp, SCADA, Mqtt, Modbus, etc.


The innovative hardware architecture provides Service Providers and Enterprises 15Gbps SSL Full Proxy solutions to gain complete visibility of SSL, prevents attacks like Ransomware and with Data Leak prevention.
Nubewell’ s SSL Decryptor/Encryptor is one of the highest throughput SSL Visibility Appliance in the Market and First of its kind from India.
Nubewell’ s SSL Interception and Content Filtering solutions offer Social Media Monitoring or Regulating for ISPs, Industrial Cyber Security Firewall Solutions for Oil and Gas Sectors and Next-Generation Firewall Solutions for Service Providers and Enterprises.

Why performance Matters ?
Cloud computing applications and mobile apps demand high capacity multi-core or multi-processor architecture to perform seamlessly.


Applications are expected to securely deliver performance and scale to operate on any kind of environment and respond quickly at wire speed.


Nubewell Tri-O-Core architecture, harnesses the advantage of multi-core design and delivers high throughput, visibility in to encrypted traffic, Scalability, and agility at lower bandwidth with low latency.

Our Technology

Tri-O-Core is Nubewell’s next generation hardware architecture which allows up
to 80Gbps of Network traffic acceleration and 40Gbps of SSL throughput.

What is Our Tri-O-Core:

Tri-O-Core is Nubewell’s next generation hardware architecture allows up to 80Gbps of packet processing and 40Gbps of SSL throughput.

Tri-O-Core architecture uses a unique technology called copy-free packet processing to increase HTTP, TCP and SSL/TLS performance significantly and processing at wire speed.

Tri-O-Core allows Nubewell to deliver reliable, high throughput and full-featured network solution. Tri-O-Core architecture is optimized, efficient, scalable, and flexible, which can take on any load without compromising on quality, price, or performance.

Solutions:

Nubewell URL / URI Filtering Solution for DoT Compliance

Background: Regulated URL Filtering for ISPs-DoT Compliance

  • Total number Internet Service Providers in India offering Broadband and Narrowband are 358 as of Dec 2019.
    Source: https://en.wikipedia.org/wiki/Internet_in_India
  • As per Department of Telecommunication (DoT) rules and regulations, all Internet service providers in India to be comply by regulating the URL lists provided by DoT.
  • URL List which includes http and https domains are to blocked by ISPs for all Internet traffic before exiting the Internet Gateways.
    Challenges faced by ISPs in Regulated URL Filtering :
  •  Traditionally URL Filtering is implemented by Network Firewalls , DNS Filtering and Proxies which introduces Latency and degrade performance for ISPs Customers.
  • Customers needs to use DNS servers of DNS Filtering Services for URL Filtering
  • Number of Appliances required for URL / URI Filtering as per the Bandwidth Throughput would be more as the solutions are deployed in INLINE Mode
  • Cost of the solution for initial deployment are very high due to high throughput requirement for ISPs.
  • Recurring costs are very high due to Annual Subscription of URL Filtering / DNS
    based Filtering licenses
    Solution : Nubewell URL / URI Filtering Solution for DoT Compliance
  • Nubewell’s regulated URL/URI Filtering Solution is developed to overcome the traditional Technical and Financial Challenges faced by ISPs
  • Nubewell NFG, custom developed High Throughput Hardware and Software deployed in Out of Path Mode at ISP to filter all URLs or URIs as per DoT Compliance Requirements
  • With Nubewell NFG deployed in out of Path for URL Filtering reduces total cost of ownership and ensures minimal Latency
  • Intuitive GUI to upload the URL List and Centralized reporting solution
  • As compared to traditional firewalls for regulated URL Filtering, number of Appliances required using nubewell solution would be 10:1 ratio




SD-WAN / WAN Optimization: 
Software-Define Wide Area Network (SD-WAN) takes advantage of the Internet to solve the problem of high cost and limited flexibility of traditional WAN setup. SD-WAN offers greater flexibility with better control at cheaper operating expense. SD-WAN can be used along with MPLS and traditional WAN setup to create a hybrid WAN. SD-WAN increases your ability to perform WAN optimization and centralized control using a simple GUI. With SD-WAN, you can configure and deploy a branch office in minutes.

SD-WAN offers the ability to measure real-time transport quality and lets you centrally define and manage policies for network traffic , uses policy-based routing (PBR) to route application-specific traffic over the most appropriate network.

Secure, global SD-WAN, delivered as a service, provides the benefits of SD-WAN while enabling secure, direct Internet access, SLA-backed connectivity, and seamless integration of WAN with cloud data centers and mobile devices.

Nubewell SDWAN architecture:

Advantages of Nubewell’s SD-WAN Solutions:

Optimized Performance
Nubewell’s SSD-WAN improves WAN performance, reduces bandwidth, and provides you a centralized control using Nubewell’s unique software architecture. It also makes it easier to perform network analytics, traffic management, and monitor network security.

Smart Firewall
NubeWell Next GenX Firwall Solutions provides a set of in-built Security solutions like stateful / next generation Firewall with IPS/ IDS , Anti-Spam, Anti Malware & Anti Phishing, Content Filter / URL filter, IPsec VPN , Application Control & Visibility achieved through NubeWell Deep packet Inspection engine.

Network Orchestration
NuMS (Nubewell’s Management System) offers zero-touch configuration for SD-WAN and WAN optimization solutions. NuMS comes with various templates and application-based routing options and easy-to-use interface.

Dynamic Path Selection
Nubewell’s SSD WAN solutions provide improved throughput by performing link aggregation on both incoming and outgoing sessions providing high availability for all applications and improved performance.

Scalable
Create a hybrid WAN with existing infrastructure and use broadband to deploy WAN to branch offices in minutes. Reduce hardware deployment and upgrade costs by creating virtual machines on existing network devices.

Cost Effective
Create a hybrid WAN with existing infrastructure and use broadband to deploy WAN to branch offices in minutes. Reduce hardware deployment and upgrade costs by creating virtual machines on existing network devices.

Next Gen SSL Visibility

Highly Stateful and Meaningful Multi Tenant Visibility

SSL-VA : Secure Sockets Layer-Visibility Appliance
SSL stands for “Secure Socket Layer.” It is a technology that establishes a secure session link between the visitor’s web browser and your website so that all communications transmitted through this link are encrypted and are, therefore, secure. SSL is also used for transmitting secure email, secure files, and other forms of information.

Nubewell SSL Interception feature decrypts SSL traffic across all your network ports and sends the data in clear text format to your security device such as IPS, IDS, and firewall for inspection. This allows your organization to analyze all the enterprise traffic without compromising on performance. NSSLVA has Industry-leading Deep Packet Inspection (DPI) engine which helps you achieve complete visibility across all your network applications and network traffic.

Nubewell’s Network Traffic Visibility Architecture


Gain Complete Visibility

It decrypts all encrypted traffic and gives complete visibility using the Industry leading DPI Engine. Decryption of protocols like STARTTLS, XMPP, SMTP and POP3. The decryption feature is not limited to SSL/TLS protocol traffic, NSSLVA supports SSH traffic too.

 

ICAP Support

Data Loss prevention (DLP) systems typically use ICAP to connect to the network and help prevent unauthorized data exfiltration. NSSLVA supports ICAP connectivity simultaneously with other decryption modes.

Network Proxy
It can act as network proxy for transparent deployment and gives control over the traffic management. Using NSSLVA you can connect to multiple upstream proxy servers.

URL Classification
It can categorize your network traffic based on URL domains and bypass decryption or enforce privacy policies for sensitive data such as medical or financial data in adherence to compliance standards like HIPPA.
Extensive Protocol and Cipher Support
The following protocols and Cipher are supported

1. SSL 3.0, TLS 1.0/1.1/1.2
2. RSA/DHE/ECDHE Ciphers with PFS
3. SHA-1, SHA-2, MD5 Message Authentication Code algorithms
4. Decryption of HTTPS, STARTTLS, SMTP, XMPP, POP3, SSH, SCP, sFTP

Full Proxy Architecture
It provides full proxy which enables re-negotiating different cipher suite of similar strength and making the solution for future proof against new ciphers or TLS upgrades. NSSLVA also ensures traffic is encrypted using the most secure ciphers and avoids the use of compromised ciphers.

Decrypt Across Multiple Ports and Protocols
It decrypts traffic across all the TCP ports and protocols. The decryption functionalities and proxy support is not limited to SSL/TLS, encryption and decryption is supported for SSH traffic too.

URL Filtering for Access Control
URL filtering is used to maximize productivity and reduce security risks by blocking access to malicious websites, including malware, spam, and phishing sources.

Industry-Leading DPI Support
All the decrypted traffic can be classified using Industry-leading DPI Engine. This DPI Engine can classify more than 3000 applications and all the standard protocols. Nubewell SSL VA can bypass applications or block traffic based on application or protocol classification

Validate SSL Certificate Status
Hackers can use fraudulent certificates to infiltrate your network. If these certificates are not identified, users and web applications can be at risk of multiple attacks.

It uses Certification Revocation List (CRL) and Online Certificate Status Protocol (OCSP) to keep the database up to date and validates network certificates using latest updates.

 

Next Gen Inline Traffic Management

Regulating Social Network and Internet Traffic
Inline Traffic Management
Intercepting and decoding of HTTPS/SSL traffic can be used for Regulating Social Media like Twitter, Facebook, Gmail, Instagram, etc., to block/monitor content based on Lawful Interception policies provided by Law Enforcement Authorities.

With Nubewell’s Tri-O-Core Architecture with multi-core processor and dedicated crypto security engine, provides high throughput decoding of all the social websites traffic and high granularity on blocking/monitoring the URI/URL or any other content filtering at the wire speed. With Industry leading DPI engine, provides complete visibility of more than 3000 application and protocol classification across all Enterprise and Service Provider network traffic.

NuMS – Nubewell Management Server uses Big Data Analytics to provide complete analysis of all the traffic data with high granularity and the report can be accessed with multi-tenancy support.

Inline Traffic Management Architecture


Industry Leading DPI based Interception
End-to-end IP traffic analytics solution for CSPs that provides granular and multi-faceted visibility of the network. This includes statistics about protocol and application split, detailed mobile network usage data, communication quality KPIs and data rate analytics. This thorough understanding of the network allows CSPs to make informed decisions to increase business revenue and deliver optimal user QoE.

URL Classification
categorize your network traffic based on URL domains and bypass decryption or enforce privacy policies for sensitive data such as medical or financial data in adherence to compliance standards like HIPPA.

BGP and DNS based Routing
With BGP and DNS stack, only interested traffic can be routed and proxied for URI and content filtering.

High Throughput SSL Decryption
With Tri-O-Core Architecture, delivers very high throughput in SSL/HTTPS Decryption and Encryption.

Extensive Protocol and Cipher Support
The following protocols and Cipher are supported

1. SSL 3.0, TLS 1.0/1.1/1.2
2. RSA/DHE/ECDHE Ciphers with PFS
3. SHA-1, SHA-2, MD5 Message Authentication Code algorithms
4. Decryption of HTTPS, STARTTLS, SMTP, XMPP, POP3, SSH, SCP, sFTP

Full Proxy Architecture
NSSLVA provides full proxy which enables re-negotiating different cipher suite of similar strength and making the solution for future proof against new ciphers or TLS upgrades. NSSLVA also ensures traffic is encrypted using the most secure ciphers and avoids the use of compromised ciphers.

Decrypt Across Multiple Ports and Protocols
Nubewell SSL VA decrypts traffic across all the TCP ports and protocols. The decryption functionalities and proxy support is not limited to SSL/TLS, encryption and decryption is supported for SSH traffic too.

URL Filtering for Access Control
URL/URI and any web content can be blocked for social websites and SPAN the blocked traffic for audit logs.

Validate SSL Certificate Status
Hackers can use fraudulent certificates to infiltrate your network. If these certificates are not identified, users and web applications can be at risk of multiple attacks.

It uses Certification Revocation List (CRL) and Online Certificate Status Protocol (OCSP) to keep the database up to date and validates network certificates using latest updates.

IPv6 Support
IPv6 support for all the network traffic

 

Next Gen Inline Traffic Management

Highly Stateful and Meaningful Multi Tenant Visibility

VIEW DATASHEET

Network Traffic Visibility
Comprehensive Network Traffic Log Capture by Netflow, IPFIX, sFlow, Packet Capture and Normalizing the logs with deduplication of packets. Nubewell’s Intelligent Flow Analysis for many protocols with centralized and simple GUI to monitor the traffic pattern based on individual entity with data enrichment by interfacing with third party applications or devices for full visibility and Multi Tenant reporting.


Nubewell Network Traffic Visbility with buit in Network Processor and Crypto Processor parses ssl data or plain logs allowing organization to analyze all the Network traffic or flows without compromising on performance. Nubewell Network Traffic Visibility Solution comes with Industry-leading Deep Packet Inspection (DPI) engine to achieve complete visibility across all Enterprises or Service Providers network traffic.

Nubewell’s Network Traffic Visibility Architecture

Data Aggregation
NeTA uses Advanced clustering technology to aggregate Netflow/IPFIX, sFlow, jFlow packets at very high throughput using Network Processor based hardware Architecture.

Netflow/IPFIX Generation
NeTA collects Packet capture at 80G on a single 1 RU Appliance either by tapping or by network spanning and generates Netflow/IPFIX Flow packets either to NuMS or to third party log collectors.

Highly Stateful Correlation
All Packets either direct Netflow or flows generated by NeTA are correlated in a stateful manner for accurate reporting.

MutiTenant Architecture
Nubewell Management System- NuMS provides MultiTenant Access for Subscribers/Customers to access their reporting data using a easy to use simplified GUI.

Big Data Analytics Engine
NuMS uses standard Big Data components to analyze and report the nework traffic and data can be shared to customer business needs

Data Deduplication
NeTA provides Data Deduplication of packets created by SPAN traffic for accurate monitoring of network traffic.

High Throughput SSL/TLS Decryption
During Packet capture , SSL Packets are decrypted using dedicated crypto processor providing 50G Bulk Encryption supporting all Encryption Algorithms.

Realtime Data Enrichment
Customer Link identification, IP Context, Geo location context and Data Context are enriched in realtime.

Industry-Leading DPI Support
All the decrypted traffic can be classified using Industry-leading DPI Engine which classifies more than 3000 applications and all the standard protocols to provide Granular Application visibility.

Meaningful Reporting
NuMS Provides Simple and Easy to GUI with Advanced reporting capabilities for Subscribers and Customers.

CYBER SECURITY SOLUTIONS

A leader in designing innovative security solutions that take advantage of mobile and cutting-edge identity technologies. We secure access to critical data and infrastructure, as well as provide peace of mind that the most sensitive information our users care about, is protected.

Secure passwords are no longer adequate for even the most basic security protocol. With our new SecureIdentity platform, we provide a layer of security to prove the identity of the user. A layer that is easy to use, easy to deploy and simple to administer.

SecurEnvoy continue to innovate. From our first innovation; we took the concept in the 90s of pushing codes through to mobile devices and invented ‘tokenless’. This brought the ability to securely work remotely, to the mass. The spirit of innovation at SecurEnvoy continues today, with many patents in process, with pioneering inventive methods being created into the evolving solution set and with the true spirit of pushing the capabilities of protecting our customers’ identity, device and data to a reality.

We provide trusted identity and access management solutions to millions of users in real-time. Across five continents, our customers benefit from rapid deployments that scale through instant provision, simplicity of use and ease of management.

A complete IAM solution that delivers effective security, simply Designed with ease of use for the user and the team managing IAM in mind. SecurEnvoy IAM provides Single Sign On, Adaptive Multi-Factor Authentication, Access Management and User Life Cycle management. Delivers effortless onboarding, user interaction and administration. Active identity database supported by a robust, fully integrated Universal Directory (UD) as the Single Source of Truth (SSOT). Underpinned by IRAD our AI/machine learning intelligent reporting and anomaly detection

Simple & effective Security Management in a single pane of glass view The SecurEnvoy IAM platform delivers what your team needs, simply and effectively, removing workload and providing the tools you need in a single pane of glass view. Increases security while reducing the time taken to manage complex environments Simplifies how you manage user access Dynamically enforces access decisions around devices, applications and data repositories Logs all events for instant forensic traceability of all actions.

https://securenvoy.com/wp-content/uploads/2021/03/IAM-Brochure_2021_2-website.pdf

Discover an extensive range of authentication solutions ranging from phone apps to biometrics, smart cards, and real-time SMS. This powerful MFA tool allows you to select the specific authentication means by type of device and user. Multi-Factor Authentication for VPN, Remote Desktop, Web portals, Public Cloud Applications, and Server/Workstation logons.

SecurEnvoy MFA allows you to choose and set up any personal device for authentication while moving seamlessly between devices – without compromises. Easy to use, users can approve authentication attempts by accepting a push notification on a smartphone. In addition, users can enhance security by adding biometric approval. Deploy on-premise, in your private cloud, as ahosted solution via AWS and Azure, or as a full managed cloud service. We can deploy 100,000 users per hour –deployment and scalability when you need it. Authentication security second to none – but maintaining simplicity for user and manager

  • Full range of authentication options – beyond SMS
  • Scales as your business grows, integrating seamlessly with existing user repositories
  • Highly available resilient distributed server architecture
  • Feature rich integrations with wide ranging technologies
  • Support for seamless migration from existing authentication solutions
https://securenvoy.com/wp-content/uploads/2020/03/SE_SI_MFA_
2019v1.6_compressed.pdf

Data Loss Prevention (DLP)

Discover, classify, identify and protect your data. Any data. Any location. Any platform. Complete, comprehensive data protection. On-prem and in the cloud. SecurEnvoy DLP prevents data loss from malware, insider threat and human error, working across multi-channels regardless of file type and across structured/unstructured data repositories.

Modern, simple and effective DLP

Built from the ground up, SecurEnvoy’s Data Loss Prevention provides a full solution for data discovery, data classification and data control, so you can apply simple and effective polices to protect all types of data and ensure full policy compliance.

A simple but comprehensive solution designed to deal with the challenges of big data growth, flexible working, new technology adoption, and the Cloud.

Keeping track of sensitive data, anywhere

DLP can help you understand what sensitive information exists, where it is located, and the type of interaction they have. Once you have a full understanding, it is possible to quickly apply rules to how the data will be used by staff and external parties such as supply chain companies.

Implement policies to support user interaction with sensitive information across all aspects of a company’s data stores, whether this is within a trusted or a public cloud environment.

How SecurEnvoy DLP works
  • SecurEnvoy’s DLP uses the identity of the user, the device and the data they are working on to prove exactly who is doing what at any time.
  • With increasing integrations with other parts of the security market, DLP has become essential for protecting organisations when newer technologies are to be adopted.
  • Our DLP solutions are unique from competitors as we address threats from trusted and un-trusted users, through unique intellectual algorithms and fingerprinting features.
  • SecureIdentity DLP conducts real-time inspection of all protocols, even ones that are unknown, and has the ability to stop data loss immediately.
Data Discovery and Loss Prevention, across all platforms, devices and applications

SecurEnvoy’s Data Discovery can scan structured and unstructured data, protecting sensitive data residing on Local PCs, File-shares, Exchange, PST/OST files, SharePoint, and any ODBC compliant database. It can also discover the same data in cloud services, such as Box, Dropbox, Hosted Exchange, Azure, Office 365, OneDrive, SharePoint and Google Drive.

Scans can be run as a batch process with results streamed to configure both local and external systems. Enterprise reporting on locations, file types and actual DLP Policies are also included as standard

https://securenvoy.com/wp-content/uploads/2019/09/SE_SI_DLP_
2019v1.6standard_compressed.pdf

our partners

We have partnered with some of the world’s leading technology brands and We are the Exclusive Distributors in the region!

OUR PARTNERS

We have partnered with some of the world’s leading technology brands and We are the Exclusive Distributors in the region!