Cyber Threat Assessment

Full Spectrum Networks?allow organisations to determine if they have the ability to rapidly respond to sophisticated cyber threats. We allow you to determine:

  • How effective your current network solution is
  • If you are struggling with the sudden influx of devices
  • How applications and web resources are used within the network
  • If you have a comprehensive understanding of potential vulnerabilities that could be exposing your organisation

One way we achieve this is with our Cyber Threat Assessment reports, which validate your network’s security accuracy, application usage and?performance in three key ways:

  • Security and Threat Prevention: Discover which vulnerabilities are affecting the network and the risks to exposure, including ‘at risk’ devices for security breach probability.?Find out exactly which application vulnerabilities are attacking your network and which malware/botnets were detected.
  • User Productivity: Discover which applications and web resources users are using and how they are being utilised within the network. See which peer-to-peer, social media, instant messaging and other applications are running.
  • Network Utilisation and Performance: Understand how network security can be optimised for maximum performance. Determine?your throughput, session, and bandwidth usage requirements during peak hours and ensure it meets the business’s needs.

This service provides an analysis of actual traffic traversing the network and firewall services, allowing you to address concerns raised and implement further security measures (if required).

We achieve this by deploying a FortiGate Next Generation Firewall to monitor key indicators within your network (in one-arm sniffer,monitor mode) allowing the firewall to parse all traffic through its Intrusion Prevention Services engine, Anti-virus and Anti-malware filters and Content-filters if required.

The firewall will be connected as follows:

The firewall may be connected in-line, or simply connected using SPAN (mirrored) ports to the existing firewall. This method will not impact production services.

The service will run on-site for 5 days performing analysis on all the internal and external traffic, where the firewall will then be removed.

Following this the logs will be analysed and a report will be provided showing:

– Security and Threat Prevention: Number if IPS attacks, Malware/Botnets detected, High-Risk applications used and malicious websites detected.

– User Productivity: Applications detected and top used applications, along with websites visited and website categories

– Network Utilisation: Total bandwidth, top host by bandwidth and session information.

The report will detail the findings of this data and provide recommendations for remediation.