NDRaaS for the detection of anomalies

Ensure visibility with Network Detection & Response

Go to offer

Go to SME

Corporate networks are often hybrid and spread across several locations. When it comes to cyber defence, it is important to maintain a complete overview, and this includes complex networks. With Network Detection & Response (NDR), you get the visibility back and can detect cyber attacks at an early stage.

Rapid anomaly detection

These days, the majority of network traffic is encrypted. This makes anomaly detection more difficult, such as when malware communicates with a command and control server via open standard ports. And even internal shadow IT, such as unofficial access points, remains undetected in encrypted traffic. An effective NDR solution must therefore be able to correlate signals from a range of sources and rapidly detect anomalies.

Your benefits

End-to-end visibility over your entire network

Reduction of analysis workload thanks to the automated correlation of security incidents

Reliable identification of internal shadow IT and unwanted cloud services

When is it the right solution?

The network is an important component of cyber defence. Companies require a wide range of security mechanisms to detect and block cyber attacks. You therefore need a solution to analyse the network traffic and rapidly detect anomalies as well as potential vulnerabilities – for novel types of attack too.

To analyse security incidents efficiently, the NDR solution needs to generate minimal false positives and enable the security experts to concentrate on the critical events. You cannot solely rely on known indicators of compromise to protect your company from new or varying patterns of attack. Unknown anomalies must also be registered to meet the required security standards.

What’s in it for you:

Automated, early detection of attacks within the corporate network
Predefined use cases and machine learning for the detection of new anomalies
Rapid deployment with NDR as a Service without additional hardware and agents

Why Swisscom?

Located in Switzerland: Service from Swiss data centres.
Comprehensive: Analysis and correlation across different data sources.
Efficient: Simple deployment and maintenance without additional hardware and agents.

The first step

Would you like personal advice on the Network Detection & Response options available? Get in touch without obligation.

Request quotation

Downloads

Netword Detection & Response factsheet

Whitepaper: Threat Detection & Response

Services in detail

Two service options are available. With the On-Premise version, the NDR appliance runs on your own infrastructure. With the Managed version, Swisscom operates the appliance in one of its own Swiss data centres.

On-Premise NDRaaS

Static and dynamic detection of cyber threats using machine learning
Detection and visualisation of cyber threats including in DNS traffic and through web proxies
Graphic display of all devices in the network including internal shadow IT
Support to operate the appliance
Optional analysis and assessment of security alerts in combination with Security Analytics as a Service/SOCaaS

Managed NDRaaS

Static and dynamic detection of cyber threats using machine learning
Detection and visualisation of cyber threats including in DNS traffic and through web proxies
Analysis and assessment of security alerts
Logging platform to compile and evaluate log files from various sources
Operation of appliance in Swisscom data centres
Optional analysis and assessment of security alerts in combination with Security Analytics as a Service/SOCaaS

Application examples

Use AI-enabled detection to identify advanced persistent threats (APTs) and automate certain steps in the threat hunting process.

Ransomware/Trojan attacks go through various phases lasting from a few days to several months. Detect these attacks at an early stage and react before the attackers press the kill switch to encrypt your systems.

Inventories and blacklists are often not up to date, leading to internal and external threats from shadow IT. Detect the use of unwanted cloud services and unauthorised devices in the network.

You can only protect what you can see. The graph database and specialised visualisations make it easy to browse billions of raw data points.

Network Detection & Response as part of the TDR portfolio

NDRaaS is an analytical module that complements our Threat Detection and Response service offerings. Detected threats can then be further processed by the analysis and incident response services.

Still looking for answers? Our security experts will be happy to advise you.