Vanguard Network Cyber Management Software (NCM)

Vanguard Network Cyber Management Software (NCM) is a unique system enabling early detection and protection of cyber threats on Physical Security and Control Systems networks

The Vanguard Network Cyber Management Software (NCM) system visualizes the network and its various elements, detects and identifies a wide range of cyber-threats, including new threats and 0-day exploits

The Vanguard Network Cyber Management Software (NCM) system monitors all network traffic by means of DPI Deep Packet Inspection, detects mismatches with established behavior profiles and issues alerts

The metadata are stored in a Big Data Repository for forensic analysis

Benefits of the Architecture

Non-intrusive, full separation between the monitored network and the Cyber Protection network

Active Protection, upon detection of a threat, it disconnects the communication with the malicious device

Information are shared and alerts are sent to the event management system

The existing communication switches are controllable for immediate protection purposes

Unlimited expansion – The software architecture allows expansions as needed without limitations

Centralized Management

Centralized management

Interactive Dashboard for network management and visualization of threats

Real-time alerts are sent to the operator

Automatic Network Discovery

Automatic network discovery

Interactive Network mapping and visual presentation of all connected devices

Analysis at layers 7 & 4

Behavior Monitoring

Continuous monitoring of the network components and network traffic (DPI)

Constant monitoring of element’s behavior vs approved profiles and behavior patterns

Deviations of patterns behavior are immediately detected by means of Deep Learning algorithms

Metadata information are saved for forensic analysis and comprehension of historical changes

Detectable Cyber-Threats

  • New Threats, including 0-day exploits
  • DDoS attacks
  • MITM (Man-In-The-Middle)
  • Communication with unauthorized IP
  • Unauthorized L7 protocols
  • Brute Force password attacks
  • Port Scanning
  • MAC address change/new
  • IP address change/new
  • Off line elements
  • Device unusual traffic
  • Device unusual throughput
  • Web Browsing
  • Unusual operations on endpoints