Synapsa Interconnector (SIC)

Custom parsers

Ready made parsers to get useful information from received events and use them as a feed for security policy template. We have a complete parser for Flowmon ADS allowing us to gather threat description, attacker, targets, perspective or data feed which leads to very granular SYNAPSA rules.

User defined

Users can configure how to create a security policy to block malicious traffic on connected firewalls, also specify a rollback procedure.

Automatic or on-approval approach

Let SOC / CISO make a decision if a threat needs to be blocked automatically or approved by SecOps Expert.

Real-time feedback from firewalls

Let SOC see if security policies created by them are really existing in security rulebase to make sure a firewall admin did not disable or delete them.

Full control over rules

Let SOC fully control what to do with security policies. There is an option to reject, revoke, approve or rollback in case policy was not completely deployed.

Docker powered

The whole system is a containerized application allowing rapid deployment and easy resource management.

Event collector

Collect events from your IDS/NDR/SIEM solutions and anomaly detection devices.

Dashboard

User friendly, widget powered dashboard with option to create multiple dashboards for specific purpose or even having restricted user permissions.

Role based management

Comprehensive role based management allowing very granular control over who can do what in the system.

Event logging with notifications

Comprehensive event logging into system logs, separated by objects and severity. Platform allows users to notify external systems like SIEM or SOC via email or syslog message.

Software upgrade

Ready made script which allows software upgrade with all the necessary checks for smooth and error free Panos deployment.

Fail-over

Allow NetOps to perform firewall failover in case of emergency or any other situation even without any knowledge, by a simple click or running a CLI command. SYNAPSA makes sure that all the pre-check and post-check are fulfilled for successful failover.

Web SSH access

Allowing full SSH access into the system via web browser.

Pre-defined data feeds from SYNAPSA

We provide IP ranges for public services like AWS, Azure, Google Cloud Platform and Office 365 with their regions and purpose. You can easily include these feeds into your security policy to only allow communication to necessary targets.

Automatic data feeds

Use IP address, URLs or Domains data feeds, which are filled from external Threat Intelligence sources or from your IPS/IDS/NDR systems and include this as an external dynamic list into security policies to dynamically block recognized attackers and malicious URL or Domains.

Security Policy Match tester

Test if a specific connection is allowed by a security policy on a firewall. No need for CISO/SOC to have any kind of access to customer’s firewalls, but the match test is performed directly on customer’s device.

Threat simulation

Allowing to test a specific threat automation process or even blocking communication based on SecOps expert structured input.