大多數組織對供應商存取的監控僅止於 VPN 日誌。它記錄了「誰」連線,卻無法解釋連線後的「行為」。缺乏行為數據會導致事故調查只能依靠假設而非事實。
網路可見性核心需求
- 即時與回溯追蹤存取的系統與服務。
- 對所有通訊進行協定級別的分。
- 記錄數據傳輸量與方向。
- 詳細記錄檔案複製與執行的指令。
VPN 與 ZTNA:原則的轉變
傳統 VPN
開啟整個網路區段。連線後,供應商可能觸及比工作需求更多的系統。
現代 ZTNA
僅授予對獲准使用的特定服務或應用程式的存取權,其餘網路皆不可觸及。
影子存取的風險 (4G/5G 路由器)
供應商為了方便常會安裝未經授權的 4G/5G 路由器。這些設備完全繞過了安全政策與稽核軌跡,在穩定的 OT (作業技術) 環境中構成嚴重風險。
如何偵測非法硬體
網路偵測與回應 (NDR) 解決方案透過以下方式識別非法硬體:
- 設備發現: 自動分類網段上的每一個新設備。
- 行為基準: 針對新的通訊模式或未知目的地發出警報。
About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.
MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.
MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.
About Version 2 Digital
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
