Security

DNS Protection


The very first open door exposing public networks to threats resides at the DNS level. DNS is at the heart of Internet usage.

Queentessence DNS
DNS is a service which allows users to transform a URL into an IP, thus contacting the web server of the firm.

The Andromeda dashboard allows filtering protection for your clients at the DNS layer, restricting access to certain categories of Internet content. It will block the majority of malicious websites hosting virus, ransomware, phishing, and malware. Brands are also protected by preventing your customers from reaching competitors' websites while using your services on your premises. This Cloud-Based service is transparent with respect to your internal IT operations, seamlessly deployed and managed by Queentessence, yet offering the exclusions of forbidden resources.

IOT Security


Andromeda uses Interconnected deployed IoT devices primarily to collect data. These devices must be trusted, they must be legitimate, authorized with digital certificates, validated with IoT/Device Credentialing, carrying adequate code signing for firmware and software updates. Queentessence partners with leaders in this field who oversee the entire process with Blockchain Root of Trust, Digital Signatures, PKI and Digital Certificates...

Queentessence IOT

IEEE 802.1X (EAP) AUTHENTICATION


With the relentless quest in mind to bring utmost security guarantees to end users using wireless networks, at least equal to that currently being enjoyed over wired networks, authentication plays an important role. The process or actions of verifying the identity of a user or an IoT device here relates to authentication. Many types and schemes are available for IT departments to choose from. Context and desired User eXperience defines the preferred type, ease of access, and its inherited security features.


WiFi Hotspot security threats essentially come from untempered authentication with strong encryption. While usage of Pre-Shared Key (WPA2-PSK) is common with WiFi connections, it was initially designed for home users without an enterprise authentication server. Some weak levels of encryption can be in place, thereby not ensuring data safety. Furthermore, it does not prevent man-in-the-middle attack (MITM), as the key is shared by all connected users. 802.1X addresses these concerns and can be described by the following three-part components. Extensible Authentication Protocol (EAP) can also be used in conjunction with 802.1X


In the realm of public hotspots, this authentication scheme is often been offered with a side by side separately broadcasted guest and internal SSID, also addressing specific trade-related needs. Vlan is also used to isolate clients on the network.


A Supplicant is a client device such as a laptop. An Authenticator is a network device which provides a data link between the client and the network. An Authentication server tells the Authenticator if the Supplicant can be granted access with the provided credentials. Most Wireless Internet Service Providers use Radius (AAA) as the software running on the Authentication Server.

Authentication Process

VPN


Queentessence Andromeda dashboard allows end users to use VPN connections. A virtual private network (VPN) is like a tunnel in which data moves. It extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.

VPN

GDPR


The General Data Protection Regulation applies to any organization that collects, stores or processes the personal data of EU data subjects, regardless of the location company headquarters. Queentessence has dedicated legal resources to address full compliance of these critical GDPR matters.

GDPR