+ How does Byos Portable Secure Gateway compare to a VPN?

A virtual private network (VPN) is a virtual point-to-point connection using a tunneling protocol over existing public networks. It enables users to send and receive encrypted data across shared or public networks as if their computing devices were directly connected to the private network. However, a computer using a VPN is still exposed to threats in the local network.

The Byos Portable Secure Gateway works on a lower level than a VPN (layers 1-5), closer to the host device’s kernel, and does not create a tunnel. The Portable Secure Gateway isolates endpoints using a small hardware device.

A computer using Byos will be placed in an effective bubble, receiving real-time alerts from network level threats and protection from various vulnerabilities like exploits, enumeration, port-scanning, sniffing, rerouting, etc. The Portable Secure Gateway also provides alerts for malicious outgoing traffic.

+ Why do I need hardware? Why can’t it be software?

Traditional endpoint protection softwares offer antivirus, firewall, intrusion detection services are acceptable for protecting the application and OS layers of the computer, but does not protect the computer’s hardware. Any generic network scanner can see all of the relevant details of any connected computer: computer name, IP address, MAC address, open ports, operating system version, etc.

Byos offers hardware-enforced isolation of computer endpoints. It provides a Firewall, Intrusion Prevention, and stops eavesdropping attacks or attempts to reroute your traffic. It also provides outgoing traffic control and access blacklisting.

The Byos Portable Secure Gateway also masks a computer’s MAC address by continuously randomizing it, therefore hiding your real identity on the network, preventing enumeration attacks.

For more information, take a look at our blog post: The 10 Commandments of Hardware Enforced Network Security

+ Does Byos Portable Secure Gateway affect connection speeds or computing performance in any way?

Byos Portable Secure Gateway does not affect the connection speed of the network. The limitation will always be the type of access point, the distance from it, and the number of connected devices.

The Byos Portable Secure Gateway does not affect computing performance of the endpoint computer because it is not software based. The device has its own System-on-Chip therefore does not restrict the devices computing resources.

+ What threat vectors does the Byos Portable Secure Gateway protect against?

The Byos Portable Secure Gateway protection mechanisms include detection and prevention against:

  • Rogue-AP / Evil Twin WiFi attacks
  • Scanning, enumeration, or DDoS attacks
  • Man-In-The-Middle attacks
  • Changes in route trace
  • Network usage spikes
  • Changes in exit country or IP address
  • Network identity change
  • Access to grey or black listed countries

To learn more, take a look at the protection mechanisms offered by the Byos BlackBox and the tech specs of the Hardware.

+ How does the Byos Portable Secure Gateway compare to a Secure Web Gateway?

A Secure Web Gateway (SWG) is a cloud-based security stack, offering protection against online security threats by enforcing company security policies and filtering malicious internet traffic in real-time. SWG typically offers URL filtering, application controls for web applications and the detection and filtering of malicious code. Data leak prevention (DLP) is also commonly offered with SWGs.

The Byos Portable Secure Gateway provides Hardware-Enforced Network Security to the host device against LAN threats. It does not provide security above Layer 5 on the OSI Model, giving the strongest level of Network security without compromising the user’s privacy. The Byos Portable Secure Gateway also provides encrypted DNS requests, preventing leakage and snooping from foreign entities.

To learn more, click here to see how VPNs and SWGs compare against The Byos BlackBox.

+ Is Byos compatible with different operating systems? Does it work on any computer?

The Byos Portable Secure Gateway is technology agnostic - it speaks TCP/IP and works on any operating system without the need to install any additional Software. The host computer will recognize Byos as a USB-Ethernet Gateway, right out the box.

It works as a single Portable Secure Gateway device per endpoint at a time, as each user is issued a Portable Secure Gateway with a specific username/password.

Whether you’re running Windows, Mac, or Linux, no agent, or driver is needed for the Portable Secure Gateway to work. It operates using an USB-OTG connection.

+ Can the use of the Portable Secure Gateway be enforced by the IT department to restrict normal WiFi connections?

Yes. IT departments can use Active Directory Group Policies or Mobile Device Management systems to force disablement of embedded Ethernet and WiFi modules on company-issued devices.

In addition, IT departments can establish whitelisting access control policy to corporate resources, allowing access to applications, repositories, email servers or even access to the full corporate network through Byos Portable Secure Gateway devices.

Still have questions? Contact Us