Interconnector features
Custom parsers
Ready made parsers to get useful information from received events and use them as a feed for security policy template. We have a complete parser for Flowmon ADS allowing us to gather threat description, attacker, targets, perspective or data feed which leads to very granular SYNAPSA rules.
User defined
Users can configure how to create a security policy to block malicious traffic on connected firewalls, also specify a rollback procedure.
Automatic or on-approval approach
Let SOC / CISO make a decision if a threat needs to be blocked automatically or approved by SecOps Expert.
Real-time feedback from firewalls
Let SOC see if security policies created by them are really existing in security rulebase to make sure a firewall admin did not disable or delete them.
Full control over rules
Let SOC fully control what to do with security policies. There is an option to reject, revoke, approve or rollback in case policy was not completely deployed.
Synapsa platform features
Docker powered
The whole system is a containerized application allowing rapid deployment and easy resource management.
Event collector
Collect events from your IDS/NDR/SIEM solutions and anomaly detection devices.
Dashboard
User friendly, widget powered dashboard with option to create multiple dashboards for specific purpose or even having restricted user permissions.
Role based management
Comprehensive role based management allowing very granular control over who can do what in the system.
Event logging with notifications
Comprehensive event logging into system logs, separated by objects and severity. Platform allows users to notify external systems like SIEM or SOC via email or syslog message.
Software upgrade
Ready made script which allows software upgrade with all the necessary checks for smooth and error free Panos deployment.
Fail-over
Allow NetOps to perform firewall failover in case of emergency or any other situation even without any knowledge, by a simple click or running a CLI command. SYNAPSA makes sure that all the pre-check and post-check are fulfilled for successful failover.
Web SSH access
Allowing full SSH access into the system via web browser.
Datafeed features
Pre-defined data feeds from SYNAPSA
We provide IP ranges for public services like AWS, Azure, Google Cloud Platform and Office 365 with their regions and purpose. You can easily include these feeds into your security policy to only allow communication to necessary targets.
Automatic data feeds
Use IP address, URLs or Domains data feeds, which are filled from external Threat Intelligence sources or from your IPS/IDS/NDR systems and include this as an external dynamic list into security policies to dynamically block recognized attackers and malicious URL or Domains.
Toolbox features
Security Policy Match tester
Test if a specific connection is allowed by a security policy on a firewall. No need for CISO/SOC to have any kind of access to customer’s firewalls, but the match test is performed directly on customer’s device.
Threat simulation
Allowing to test a specific threat automation process or even blocking communication based on SecOps expert structured input.
Are you interested?
CONTACT US