Back-End Improvement

//Back-End Improvement
Back-End Improvement 2024-10-11T15:29:58-05:00

RESPOND is a second layer that’s added to your existing cyber defenses. It does not replace them but augments them. And then, as seen in other sections, it uses them to do remediation.

RESPOND is one appliance with two to three applications that’s installed in your network core, behind your firewall.

The first application spans to your core switch and looks at your critical VLANS, or in some cases, all of your VLANs (thin, solid red lines) on your internal networks. It uses artificial intelligence and machine learning to examine files and all traffic for the presence of hacking, malware, unauthorized activity—it’s like having a dozen highly trained cyber analysts working for you around the clock to monitor your networks. It’s actually even better than those dozen humans—it has historically found 99 percent-plus of all bad activity, and found it within 100 milliseconds (well, that’s what computers are good at!). RESPOND is also programmed to collect information from your existing firewall to enrich its own traffic analysis (solid red arrow).

When that first application finds bad activity it sends an alert to the second application (solid blue arrow). The second application—actually, a full-function SIEM—consolidates the alerts into one useful alert and then automatically contacts designated people (dashed red arrow). They then remotely access the second application (dashed red arrow) from wherever they happen to be, see the alert, analyze it, or use it to automatically deal with the issue with a couple of mouse-clicks (dashed green arrows). Blocks in the firewall are the standard response that’s programmed into the basic installation (top green dashed arrow); RESPOND can also block or quarantine that bad activity on internal networks (bottom dashed green arrow) with selective enhancements.

This detection, analysis and response of from one second to a few minutes is a lot less time than the days to months that malicious actors usually spend on most networks.

Next: Revolutionary Capability

RESPOND—a new way to provide cyber protection

  1. Introduction
  2. Back-End Improvement
  3. Revolutionary Capability
  4. Some Real-World Benefits
  5. Project Particulars
  6. RESPOND Costs
  7. Adding in a Network Access Control System (NAC)
  8. Expanding a RESPOND System
  9. Respond Includes a SIEM