Powered by:
Conventional network security measures aren’t enough to protect your organization’s critical data and physical location anymore. Typical commercial and government networks are fixed, static, easily located, and thus more vulnerable to attack.
However, CAMO’s network obfuscation and managed attribution solution looks at the problem differently. It is designed to prevent adversaries from associating mobile users with Commercial Solutions for Classified (CSfC) enclaves and other government servers by using a VPN-based multi-hop technology. Simply put, our obfuscation and managed attribution solution keeps anyone from knowing who or where your users are.
Imagine if your team could execute their work from one place, while actually appearing to be anywhere in the world. What could they achieve with an actual obfuscated online existence? With CAMO, we have one goal, to protect the enterprise’s identity and physical location because if they can’t find you, they can’t attack you.
Below we have outlined a few of the most frequently asked questions we receive regarding our network obfuscation and managed attribution service, CAMO. Continue reading to learn more about how CAMO provides privacy and security for worldwide communications and transactions over the internet.
What is CAMO?
CAMO is an obfuscation and managed attribution solution that provides the ability to hide the users' presence online using a VPN-based multi-hop technology to make it more difficult for adversaries to identify CSfC enclaves.
How does CAMO hide you in plain sight?
There are two ways CAMO hides users and reshapes their traffic.
ONE: It makes IPsec VPN traffic look like another type of traffic, such as a YouTube video or IP camera stream.
TWO: Routing traffic through a multi-hop path that’s created exclusively for the current session. For each session, Archon CAMO randomly selects servers from hundreds of private and popular commercial services worldwide. (We can exclude specific countries or regions.) The options include major hosting providers that don’t attract attention, like Amazon Web Services (AWS), and VPN providers like NordVPN. At each hop, a VPN server is spun up just for the duration of the session. We will exclude countries or regions at your request.
Why are network obfuscation and managed attribution solutions like CAMO important?
Just encrypting your data before sending it over the open internet isn’t enough anymore. An adversary might not be able to view the data, but by seeing that it's encrypted and seeing where it's coming from they can easily extrapolate that A) this is probably important and B) this person's probably important. CAMO’s obfuscated VPN service adds an extra layer of protection by making IPsec VPN traffic look like another type of traffic, such as a YouTube video or IP camera stream.
How does CAMO protect against today’s largest privacy threat: The selling of Netflow data by ISP’s?
Netflow data refers to IP network traffic that can be collected as it enters or exits an interface. Using this aggregate data, it’s possible to trace network traffic even if a person uses a VPN. Internet service providers sell this information to third parties and you can’t get onto the internet without going through some third-party provider. CAMO eliminates this threat by using multiple randomized temporary servers (hops) that are created only for a single session. So from a netflow perspective, one isp sees data going into another isp's data center only for the time the connection is active and only for that session. The next time a session from a CAMO-originated connection is made, it's to a completely new entry point and paths someone can't connect the "network path dots”.
Is CAMO’s managed attribution solution fully configurable?
Yes. You can even integrate your private network and servers.
What makes CAMO different from other managed attribution solutions?
The biggest difference is CAMO’s ability to create and break down a new dynamic connection on demand or based on scheduled refreshes as frequent as hourly. We have the capabilities to set up new locations on the fly, whereas other obfuscation services on the market set up the first initial network and that is it. Keeping the initial network makes it easier for someone to eventually track down where they are.
How long does it take to set up an obfuscation connection with CAMO?
Compared to other obfuscation and managed attribution services out there, CAMO is relatively fast and agile when it comes to building and tearing down connections in the field. For a manually driven connection, all a user has to do is follow 4 simple steps.
1. Install Archon Camo on the user's device, select countries or regions you don't want traffic to come from, and you're off.
2. The operator connects to a local Wi-Fi network
3. Archon CAMO software dynamically spins up and links temporary servers and commercial services to be used only for this session.
4. Enjoy secure access. And when you disconnect, servers are wiped and terminated.
If the CAMO is setup to automatically refresh based on a given time interval, then the connection for the user is always available and CAMO’'s use is seamless and transparent to the user.
Is there a lot of equipment involved in setting up CAMO?
No additional equipment is needed. CAMO is a software-based solution which can optionally include hardware components. Various points of presence around the world are facilitated through the use of multiple cloud providers.
Want to see the interface for yourself? Schedule a demo and get an inside look into how you can easily reshape your presence online.