Network Security Monitoring
The damage caused by digital intruders grows year by year. While previously their targets were financial institutions and individuals, in recent years there has been a trend that the attackers are paying more attention to industrial corporations. This is facilitated by the fact that large manufacturers do not have full knowledge of their IT networks, do not have built-in IT security systems, and have a clear lack of relevant professionals. And the situation only gets worse from year to year.
What can we do?
NIST employs a simple method: for industrial network security, the following functions should be implemented and used: device identification, device protection, threat detection, rapid threat response and disaster recovery.
We have recently completed the implementation of Microsoft AZURE Defender for IOT for one of our regular customers, which covers device identification and threat detection functions.
We implemented the project in 3D mode (Discovery, Design, Deployment): we carried out an inventory, created the necessary documentation and implemented the solution in a network with 100+ switches and 2000+ devices. All this was implemented without interruption at the production facility, which operates in 24 x 7 mode.
The customer received the functionality of early detection and notification of illegitimate network traffic, unauthorized connections, suspicious traffic, network vulnerabilities, and additional useful functionality such as automatic inventory, network diagram construction, mapping the network interaction between devices and more.