Threat Analysis

Local Network Box SOC’s monitor our customers’ boxes worldwide, reporting on attacks and intrusion attempts and thereby building up a picture of the vulnerabilities being exploited. Each SOC’s has security personnel able to analyse this information, providing a box by box trend analysis. This allows Network Box to provide useful feedback on the security status of a customer and the growth of threats to that company. As a simple example, the graph below shows the email received by a company. In this graph, it is easy to see that while the email and virus threat have remained stationary over the period, the spam has steadily escalated. This allows the company to target its spend in the right area which helps ensure the security of the business.

 

All information is also returned to the global SOC’s for further analysis, enabling a world view on the information and allowing Network Box to see how trends are affecting the Internet. The diagram below shows the email and spam trends per box worldwide.

The advantage to the customer is that they benefit from the statistics being captured by their equipment and from Network Box’s ability to view global trends. For instance, ‘envelope pre-scan’, a new technology developed by Network Box, was developed as a result of seeing the growth in spam from botnets. This technology allows Network Box systems to make a sound judgment on whether an email is from a spammer or not, without even needing to actually download and scan the email itself. This means that Spam does not occupy the company’s broadband bandwidth.