Home > Industry Challenges > Non-Signature Based Threats
How to determine non-signature based threats PDF Print E-mail

 

Business Problem

Maintaining security of an IP network has traditionally revolved around the big three - anti-virus, firewall and intrusion detection/prevention systems. These three solutions are based on known signatures or policies. However, there are several threats such as worms, Trojans, zero day attacks and advanced persistent threats that are not based on signatures. Security threats such as exfiltration are non-signature but can be seen based on anomalies of traffic patterns. To maintain full network security, non-signature approaches must complement signature solutions. The combination represents a solid defense in depth.


Who is Affected

All businesses, carriers, critical infrastructures and governments are affected in different ways depending on the threat. Signature based threats will continue to increase over time, yet the real problem areas are non-signature threats to our government resources and critical network infrastructures.


Solution

To ensure a holistic defense of a network and its information, organizations need to be combine several approaches. Traditional signature based approaches need to be augmented with real time traffic intelligence based on anomaly detection (non-signature approaches). The right processes must be in place and employees need to understand how these processes can minimize security risks and network misppropriations. Employees need to be trained and alert to security risks.

NarusInsight Solution for Cyber Protection provides an anomaly detection system that addresses non-signature issues and complements signature-based solutions. NarusInsight is based on real time traffic intelligence and patented analytics to help network administrators and operators protect their network's integrity through tools and targeted information. 

This enables network operators to gain a clear picture of traffic from Layers2 through Layer 7 and provides information that enables them to take quick action to mitigate problems. Organizations need to supplement this technology with effective security processes and policies, then ensure they are followed. The complexity of protecting a network requires a fully trained cyber warrior to manage the technology and processes.


Credible Evidence

Building defense In-Depth Around Traffic Intelligence
Building Defense-In-Depth Around Traffic Intelligence


NarusInsight Solution for Cyber Protection alerts dashboard
NarusInsight Solution for Cyber Protection alerts dashboard


Benefits

  • Provides holistic defense against non-signature attacks
  • Complements existing signature based solution
  • Minimizes cyber threats and provides continuous monitoring against cyber attacks
 
   Copyright © 2012. Narus, Inc., a wholly owned subsidiary of The Boeing Company|
Site Terms