Vanguard Network Cyber Management Software (NCM)

Vanguard Network Cyber Management Software (NCM) is a unique system enabling early detection and protection of cyber threats on Physical Security and Control Systems networks
The Vanguard Network Cyber Management Software (NCM) system visualizes the network and its various elements, detects and identifies a wide range of cyber-threats, including new threats and 0-day exploits
The Vanguard Network Cyber Management Software (NCM) system monitors all network traffic by means of DPI Deep Packet Inspection, detects mismatches with established behavior profiles and issues alerts
The metadata are stored in a Big Data Repository for forensic analysis
Benefits of the Architecture
Non-intrusive, full separation between the monitored network and the Cyber Protection network
Active Protection, upon detection of a threat, it disconnects the communication with the malicious device
Information are shared and alerts are sent to the event management system
The existing communication switches are controllable for immediate protection purposes
Unlimited expansion – The software architecture allows expansions as needed without limitations

Centralized Management

Centralized management
Interactive Dashboard for network management and visualization of threats
Real-time alerts are sent to the operator
Automatic Network Discovery
Automatic network discovery
Interactive Network mapping and visual presentation of all connected devices
Analysis at layers 7 & 4

Behavior Monitoring

Continuous monitoring of the network components and network traffic (DPI)
Constant monitoring of element’s behavior vs approved profiles and behavior patterns
Deviations of patterns behavior are immediately detected by means of Deep Learning algorithms
Metadata information are saved for forensic analysis and comprehension of historical changes
Detectable Cyber-Threats
- New Threats
- DoS attacks
- MITM (Man-In-The-Middle)
- Communication with unauthorized IP
- Unauthorized L7 protocols
- Brute Force password attacks
- Port Scanning
- MAC address change/new
- IP address change/new
- Off line elements
- Device unusual traffic
- Device unusual throughput
- Web Browsing
- Unusual operations on endpoints