Nelysis is a global leader of cyber security solutions providing a complete solution to reduce risk created by external and insider attackers while minimizing operational downtime making available Real Time DETECTION (IDS), WARNING (SOC), and PREVENTION (IPS) for cyber threats, attacks and malicious activities from new cyber-threats, 0-day exploits and targeted attacks means of:

PROTECTING - Automatic network discovery, interactive network visualization, device profiling, understanding of the normal network behaviour.

DETECTING - Constant monitoring of malicious activities within the network and real time alerting.

STERILIZING - Communication with the malicious devices may be disconnected and quarantined, minimizing the risks and damage.

Benefits of the Architecture

  • Non-intrusive, full separation between the monitored network and the Cyber Protection network

  • Active Protection, upon detection of a threat, it disconnects the communication with the malicious device

  • Information are shared and alerts are sent to the event management system

  • The existing communication switches are controllable for immediate protection purposes

  • Unlimited expansion – The software architecture allows expansions as needed without limitations

  

Centralized Management

  • Centralized management

  • Interactive Dashboard for network management and visualization of threats

  • Real-time alerts are sent to the operator

Automatic network discovery

  • Automatic network discovery

  • Interactive Network mapping and visual presentation of all connected devices

  • Analysis at layers 7 & 4

Behavior Monitoring

  • Continuous monitoring of the network components and network traffic (DPI)

  • Constant monitoring of element’s behavior vs approved profiles and behavior patterns

  • Deviations of patterns behavior are immediately detected by means of Deep Learning algorithms

  • Metadata information are saved for forensic analysis and comprehension of historical changes

Detectable Cyber-Threats

  • New Threats

  • DoS attacks

  • MITM (Man-In-The-Middle)

  • Communication with unauthorized IP

  • Unauthorized L7 protocols

  • Brute Force password attacks

  • Port Scanning

  • MAC address change/new

  • IP address change/new

  • Off line elements

  • Device unusual traffic

  • Device unusual throughput 

  • Web Browsing

  • Unusual operations on endpoints

  

 Vanguard Network Cyber Management Software (NCM) 

Vanguard Network Cyber Management Software (NCM) is a unique system enabling early detection and protection of cyber threats on Physical Security and Control Systems networks.

The Vanguard Network Cyber Management Software (NCM) system visualizes the network and its various elements, detects and identifies a wide range of cyber-threats, including new threats and 0-day exploits.

The Vanguard Network Cyber Management Software (NCM) system monitors all network traffic by means of DPI Deep Packet Inspection, detects mismatches with established behavior profiles and issues alerts.

The metadata are stored in a Big Data Repository for forensic analysis.

 Vanguard Network Traffic Cyber Collector (NTC) 

The Vanguard Network Traffic Collector (NTC) is a network analyzer that collects, consolidates and send traffic information to the Vanguard Network Central Management software (NCM).

Vanguard Network Traffic Collector (NTC) Main Features

  • Layer-7 application protocols

  • NetFlow Version v5/v9

  • IP flow format IPFIX

  • IPv4 and IPv6

  • NetFlow interface identification based on MAC/IP addresses

  • Multi-threaded architecture for the exploitation of multi-processor, multi-core elaboration systems

  • Support of tunneled traffic

  • Flow and packet sampling

  

 Vanguard USB Protector 

The proliferation of USB portable devices, either personal or for business use, is one of the major headaches of corporate CISOs and IT managers.

The improper usage of portable data storage devices can pose significant risks and easily violate company’s internal policy for data protection, security and privacy preservation.

 

Vanguard USB Protector provides control and data protection of USB portable devices.

It is part of the Vanguard System, a unique solution to protect Physical Security and Control Systems networks from cyber threats.

  

Main Features

  • Monitors the outgoing data

  • Controls the volume and format of outgoing data

  • Restricts flash-drives usage to the organization’s network

  • Groups USB thumb drives under the same label with specific assigned permissions

  • Backups/shadows outgoing files

  • Sends alerts when specific selected data are accessed

  • Keeps your mobile data confidential at all times

  • Reduces security vulnerabilities

  • Increases environmental knowledge

  • Prevents leaks and illegal infiltrations

  • Immediately sends alerts in case of data leaks

  • High secure data encryption

  

© 2019 Squalo Cybersystems | All rights reserved | Privacy Policy