Do you have full visibility of what's really happening on your network?

29 April 2019

Our Security Expert explains what an Ideal Security Insight Report is, how it’s undertaken and how it can uncover hidden threats lurking on your network.

We speak to many businesses and most that undertake a Security Insight Report do so because they currently lack visibility on their network and want to know what security risks face their business.

Like them, are you concerned about unsecure applications on your network? Are you struggling to communicate the importance of network security to the rest of your business? And, are you sometimes left feeling like some users are blissfully unaware of the security threats they are vulnerable to and the resulting impact on the business?

If these ring true then a Security Insight Report could provide you with the robust data and deep insights you need to help solve these challenges.

So, what is a Security Insight Report?

Imagine what you could do if you knew how many applications were running on your network? Or even how much bandwidth they consumed. 


 

Or the power of having visibility into exploit attempts or malware infections or command and control events?

 

The Ideal Security Insight Report does just that, it's a security check-up to assess your corporate network’s exposure to threats by looking at applications, vulnerabilities, malware, command and control infections and URLs visited. After monitoring your network, we will produce, and present to you, a report detailing the findings and highlighting observed risks along with recommendations for improving your security posture.  

How is the Security Insight Report set-up and run?

The Security Insight Report requires the deployment of a Palo Alto device on your network and traffic is then recorded and sent to a Tap port on the device for a period of 1-2 weeks.  All that’s required is one switch port for the management interface and (at least) one switch port for the tap interface.  The switch which the tap interface connects to should be capable of port mirroring.  An Ideal engineer will then install and configure the device and check everything is working. During the 1-2 weeks we observe traffic at key transit points in the network and uncover any hidden threats and security risks on your network. We then analyse that data and provide actionable insights to minimise risks. 

What does the report include?

The Ideal SLR examines your network traffic and provides insight and recommendations on your network security in terms of a comprehensive report.  The report provides visibility across your network and includes: 

1. Network at a glance –  an executive summary of applications on the network including high risk applications, SaaS applications and threats, vulnerabilities and malware detected.

2. Applications - A deeper dive into the applications seen traversing the network, sorted into categories and illustrating bandwidth consumed.  This section of the report also focuses on applications that introduce risk enabling you to assess their legitimacy as business sanctioned applications, see a snippet below. 

3. URL analysis  - a snapshot of URL activity over the period of analysis including high risk URL categories visited, commonly visited and used categories.

4. SaaS application usage – insight into cloud applications in use within your enterprise often exposing shadow IT in use within an organisation. 

 SaaS application analysis screen grab from a sample report.

5. Data movement overview  - analysis of file movement within the network, file types and associated applications delivering them as well as the number of files leaving the network.

6. Threat exposure - including high-risk and malicious file type analysis.

7. Application vulnerabilities and Malware Events - details the top five application vulnerabilities attackers attempted to exploit within your organisation and the applications and or protocols involved.  The report also highlights any malware events seen on the network including any command and control (CnC) requests to suspicious domains.

The 'Application vulnerabilities and Malware Events' section from a sample report.

8. Recommendations - actionable insights you can act on immediately to reduce risk.

One of our Security Experts will walk through the report with you and apply their expertise in the form of recommendations. 

What are the business benefits of an Ideal Security Insight Report?

Ultimately the reports gives you the visibility of your network which you crave in order to reduce security risks across your business. The proven benefits are:

  • Network security visibility – Feel in control with full awareness of what’s actually happening on your network.
  • Application security confidence – Know what applications are in use across your network and which ones pose the highest risk.
  • Threat insight – Expose hidden security threats and malicious file types lurking in your network and gather known and unknown malware information.
  • Solid data to enforce the importance of network security – Utilise an accurate, up-to-date report to unveil vulnerabilities caused by end-users via their access to URLs, Apps, Data and File-sharing to communicate the importance of security awareness and impact/risk to the organisation .
  • Benchmark your security Compare your Security Insight Report results versus your industry peers to help bring the findings to life.
  • Enterprise-class expertise - Experienced, certified, UK-based team of security and network experts (LAN & WAN) to set-up, monitor and provide recommendations on the security review.

For a free Security Insight Report simply click on the button below and complete the short form. One of our Security Experts will get back to you shortly to discuss your requirements.

Register for a Security Insight Report

 

Image: Daniele Levis Pelusi on Unsplash