White BriteProtect logo with Managed Security Services tag

Powerful NTA/NDR to Simplify Complex Attacks

Improve visibility beyond logs with the source of truth from lightweight, non-intrusive network sensors. Detect unknown attacks before damage is done.

What is Network Traffic Analysis (NTA)?

NTA feeds network traffic information into a platform and performs Deep Packet Inspection (DPI) to identify at least 4000 applications and build behavior models on the network traffic.

What is Network Detection and Response (NDR)?

NDR takes the rich data provided by NTA and correlates it to detect anomalous and potentially detrimental behavior. Next, action is taken based on pre-determined playbooks to halt unapproved activities.

Why NTA/NDR?

The power of deep-packet inspection with the ability to analyze and act on unwanted behaviors means quicker action on bad actors. Together, the impact of an incident is minimized.

Benefits of Managed NTA/NDR

NTA/NDR tools are powerful, but powerful tools also require management and monitoring to realize their full ability. Gain superior security and offload tactical management by utilizing BriteProtect’s managed NTA/NDR service to remove alert fatigue and achieve better accuracy.

Light-weight Sensors

Powerful, yet light-weight sensors with a DPI engine are able to monitor both east/west and north/south traffic.

Leverage Existing NGFW

By leveraging your existing NGFW infrastructure, deployments are easy and full coverage is obtained.

Complete Cloud Visibility

Complete visibility across public, private and hybrid cloud environments.

Identify Assets Automatically

Identify assets, users and applications and their associated risk automatically.

Machine Learning Detection

Machine learning driven by use cases provides detection with supervised, unsupervised ML and deep learning and eliminates false positives.

Create Context

Create context to investigate and respond to attacks quickly and directly through the platform.

Managed NTA and NDR Services

Configuration and Maintenance

To have real-time NTA and NDR functions, data from a NGFW must be properly fed into the platform.  Next, data is reduced to relevant metadata, including payload data to provide a significant reduction in the amount of storage necessary. Proper initial setup and maintenance are critical to see all data and reduce storage needs.

Services Include:

  • Appliance Set-up & Configuration
  • Software & Firmware Updates
  • Subscription, Signatures and Intelligence Feed Updates

Software Tuning and Policy Refinement

Like most security tools, NTA and NDR are not set and forget.  They require careful tuning and management. Utilize a wide variety of out-of-the-box detections or have custom ones built to fit your organization’s needs.

Out-of-the-Box Detections Include:

  • Application Usage Anomalies
  • Long App Session Anomalies
  • Unapproved Asset Activity
  • Anomalies Firewall Behavior
  • Etc.

Response

Once abnormalities are detected, proper alerting and response is needed to truly protect an organization. Brite’s security analysts will investigate and respond to alerts based on pre-determined playbooks.  When link with BriteProtect’s XDR service, automated response options become available.

Services Include:

  •   Playbook Development
  •   Automated Incident Response

Start Your BriteProtect Journey

Scroll to Top