The early warning system for the cybersecurity of your network
High level cyber security with secunet monitor
Identify gaps in your systems - before and if they are exploited
To increase cyber security in your company, secunet monitor expands your current security structure or your existing system for attack detection or establishes one in your infrastructure. secunet monitor is a software appliance with passive sensors that record network traffic in a data protection-compliant manner. In the central system, this data is analysed, correlated and learned.
As a result, the system itself is not recognisable and, by default, has no repercussions. Thus, it cannot trigger any negative effects on the monitored networks and devices.
Functionality for attack detection
Modern networks have complex structures and thus many possible points at which security-relevant data flows past. However, the largest part is still handled via central nodes - e.g. at network transitions. In order to cover other relevant points and areas, secunet monitor offers options for distributed data tapping from the network node to individual systems or machines.
Network security monitoring as a modular system
secunet monitor is our solution for your requirements in Network Security Monitoring (NSM) and for your system for attack detection in the network. It monitors the processes and "systems" in your networks for activities or conditions that are not as they should be. In doing so, monitor uses passive network traffic analysis (see Functionality) to identify assets, vulnerabilities, compliance deviations, possible attacks and anomalies to specifically increase network security.
With these modules towards security in the network
For detection and monitoring and to uncover unknown attacks, monitor extracts communication partners from the network traffic and consolidates them as assets. Automatically created profiles and individually maintained details enable pinpointing of anomalies and make unwanted guests visible.
In order to identify gaps in the existing procedure and to uncover problems that are unknown, secunet monitor analyses network traffic for vulnerabilities such as outdated operating systems. In addition to providing quality assurance for vulnerability management, this reduces the risk of hidden defensive weaknesses.
States or activities that do not comply with the specifications or where vulnerabilities arise can be detected and contained via predefined, but also customisable compliance rules. The intuitive default rule set and the Network Policy Editor enable quality control for security measures and notification of compliance violations or unexpected behaviour.
To detect and analyse attacks, which can range from automated scans to malware to targeted and highly complex attacker activity, monitor extracts indicators from network traffic. Rule sets, heuristics and machine learning enable faster detection as well as second guessing on other signals such as anomalies on endpoints, providing an opportunity to catch advanced attacks early.
In addition to relatively clear indicators depending on the signal strength, security problems can also be hidden in the background noise. Monitor therefore detects anomalies in network traffic or behaviour that can indicate configuration problems, errors or attacks. Anomalies are pointed out by means of behavioural analysis and baselines automatically created by machine learning.
With secunet monitor, you strengthen your resistance and resilience against attacks and other security problems.
High cybersecurity with secunet monitor: advantages at a glance
Prevents and detects advanced forms of attack, enables dynamic detection of behavioural changes and strengthens proactivity and network resilience
Provides an intuitive yet in-depth user interface, operationalizes next steps through recommendations, and is automatable via a REST API
Detects even very inconspicuous security problems, takes only a passive approach itself, and enables privacy-compliant evaluation
Strong in production-related IT/OT mixed operation
How do you want to use our solution?
There are several ways to integrate secunet monitor into your existing IT infrastructure. We will be happy to advise you and work with you to design the best strategy for your organization.
In this model, all evaluations can be carried out in the secunet data centre or the secunet Cloud via secure connections and on secure infrastructure. For the very highest cybersecurity, an optional connection via secunet SINA is possible.
■ On-site sensor technology, core system in a secure environment at secunet
■ Simplest integration and leaner infrastructure
■ Flexible use and less administration effort
All necessary components from sensors to core system to web application are integrated and operated locally on your premises. secunet or one of our specialised and trustworthy partners will take over the selection and integration of the infrastructure following a conception phase, if desired.
■ Full control and data retention in your own network
■ Internal company connection
■ Support from secunet or partners via secure remote access on request
In the case of network monitoring or Security Operations Centre (SOC) as a Service, secunet monitor is integrated, operated and serviced by secunet partners. Depending on the operating model, sub-processes are also possible as a managed service - e.g. operation by a service provider and operation by an internal SOC.
■ Integration, operation and handling by competent partners
■ Possible with secunet monitor on-premise as well as secunet monitor as-a-service
■ Scaling effects and expertise through specialised service providers
Send us an enquiry via the contact form. We will be happy to help.