Network Protect
Table of contents
Introduction
A lot of modern IT organizations its assets require a network connection. Often, the flow of network traffic goes through a firewall. You can think of a firewall in your local data center, but also virtual firewall appliances in the cloud. As part of Network Protect, customers will extend the Wortell MDR capabilities with network-related detections and extended investigation capabilities.
SKU’s
Feature | Network Protect |
---|---|
Firewall related logs stored in Azure Sentinel | + |
Extended investigation capabilities | + |
Extended threat hunting capabilities | + |
Protection against suspected network connections | + |
Compliant with NEN & ISO | + |
24/7 alert and incident follow-up | + |
Features
Firewall related logs stored in Azure Sentinel
The logs of your connected firewalls will get stored in Azure Sentinel. Doing so gives a single pane of view of all firewall-related logs and makes it possible to correlate on other alerts and events that are seen.
Extended investigation capabilities
By onboarding your Firewall devices to Wortell MDR, Wortell can include network (firewall) related data in incident investigations or crisis response investigations. This brings a better and more detailed timeline of the events that happened during an attack.
Extended threat hunting capabilities
Cyber threat hunting is an active cyber defense activity. It is “the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.” With Wortell Network Protect you can extend the threat hunting scope by including your network. This allows for hunting on suspicious network connections (such as TOR connections and connections with private IP addresses)
Protection against suspected network connections
As part of Network Protect, Wortell will detect suspicious network connections such as TOR IP addresses, anonymous IP addresses, or connections that match with threat intelligence that Wortell has gathered by using their Vidara Honey Network.
Compliant with NEN & ISO
ISO/IEC 27001 is widely known, providing requirements for an information security management system (ISMS). Using it enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details, or information entrusted by third parties.
24/7 alert and incident follow-up
Wortell will follow up network device-related alerts by forwarding them to the network operator. This could either be the customer itself or a partner of the customer who is operating the network devices.
Cost Calculation
The cost will be calculated based on the number of (virtual) network devices connected to Azure Sentinel