Power Up Your Managed Security Services,
Now and Into the Future.
netForensics' nFX One platform gives MSPs the agility and power to meet virtually any security challenge because it is the only technology designed to handle the complexity of collecting, correlating and processing large volumes of security events across multi-tenant environments. nFX One gives both you and your customer understandable, actionable security intelligence. The nFX One platform includes,
- Multi-Tenant Account Segregation System silos data for the complete privacy, protection and integrity of individual customer information.
- Robust, Multi-tier Architecture easily scales to meets critical compliance, risk management and business continuity challenges at a low total cost of ownership.
- Integrated SIEM Functionality features sophisticated correlation, dynamic threat detection, real-time attack visualization and an integrated incident resolution workflow.
- Cross Customer Correlation provides unparalleled visibility across all customer environments to identify hidden threats, trends and anomalous behavior.
- Real-Time Dashboards across all customers let you proactively monitor customer sites and stop attacks in their tracks before real damage occurs.
- Marketable, Customer-Ready Reports and analytic tools for security, risk management, compliance, performance management and operations.
- And much more...
The Modular Approach to Security-as-a-Service:
Monitor. Detect. Inspect. Comply.
A full suite of nFX One solutions act as an integrated platform to give you and your customers a full range of security and compliance options. Implement only the modules you need. Add functionality as you grow. Every SP (Service Provider) module is time-tested in data centers and MSP SOCs around the world. Now you can offer top-tier security services with confidence and expand your service business with little up-front cost or extensive training.
nFX One SP Solution Suite
Designed to give you everything you need to get started immediately providing Security-as-a Service, SP Monitor is a real-time event monitoring platform coupled with a full complement of customer-ready reports and procedures to get you up and running quickly.
The SP Monitor Module is the baseline system of the nFX One Platform for MSPs and includes,
- Account Visualization System makes it easier and less costly for your analysts to identify and investigate suspicious activity across your customer base.
- Virtual Account Views give customers real-time insight into their own security posture through a web-based portal without calling on your analysts.
- Customer Alerting informs your team of critical activity on a customer-by-customer basis.
- Customer-Ready Reports offer robust yet streamlined reporting and analytic tools for security, risk management, performance management and operations.
- Remote Updates and Patch Management eliminates the need for Customer Premise Equipment.
- Fault Tolerance and Load Sharing provides multiple forms of failover that guarantee SIM One will be up and running regardless of the size and traffic flow in your infrastructure.
Proactively monitor your customers' networks for emerging threats and all types of malicious activity. SP Detect dynamically collects a broad depth and breadth of global threat information from a myriad of live threat profiling sources and applies sophisticated correlation analysis to provide you and your customer with actionable threat intelligence.
Dynamic Global Threat Detection
- Enhances data on known and evolving threats with data specific to your environment and automatically enriches it to make it even more relevant to your users.
- Provides clear visibility into emerging threats and zero-day attacks even if no attack signature or published exploit yet exists.
- Tracks intruders from dynamic global threat profiling sources to defend against known threats and alerts not only to inbound threats, but also on suspicious outbound activity. Botnets or malicious code propagating from your network can be stamped out immediately.
- Delivers the right information to the right person for the fastest results.
- Optimizes operations with effective filters that reduce false positives.
Integrated Security Help Desk Ticketing System guides your team through a proven process to eradicate threats.
Rules-based Correlation automatically applies conditional logic to identify likely attack scenarios.
Customer Ready Threat and Operational Reports provide insight into malcode, botnets and emerging threats and show how they were accurately detected, analyzed and mitigated.
SP Inspect adds two powerful capabilities for enhancing your on-demand threat monitoring service offerings— inside threat recognition and vulnerability correlation. With these capabilities your team has everything they need to detect, prioritize and resolve even the most sophisticated internal security events.
Local Threat Detection Technology monitors security breaches by correlating network activities against a series of dynamically generated watch lists of IP addresses or users identified as potential threats, such as botnets, port scanning, virus propagation, or SPAM originators.
- Your team can gain real-time actionable insight into the activities of known suspects who have a history of suspicious activity within their own networks.
- User behavior such as reconnaissance scanning or multiple failed log-in attempts or actions against assets are automatically added to watch lists.
- Manual watch lists are easily created for all highly valued assets and appended with terminated or temporary employees.
Internal Threat Reporting provides insight into the top attackers and top targeted hosts, detailed data on security incidents, emerging trends and suspicious users.
Vulnerability Correlation and Conclusion Scoring reveals which threats pose a true threat, the potential business impact of specific events and lets you demonstrate progress in eliminating your customer's vulnerabilities.
- Correlates data from any CVE-compliant IDS with vulnerability scanner data from leading vulnerability management products
- Automated exposure scoring based on current vulnerability profiles reduces risk, freeing up analyst time to investigate and mitigate actual threats
- IDS Validation eliminates false positives associated with IDS data
Vulnerability Reports detail the most severe vulnerabilities; meanwhile, their conclusions help the team develop and revise even greater mitigation and policy compliance strategies.
SP Comply provides unprecedented guidance for managing and reporting on compliance-related security issues to address your customer's regulatory requirements and needs for audit-ready reports. By integrating SP Comply with your SIM One platform, you have a comprehensive solution for managing and reporting on PCI, Sarbanes Oxley, HIPAA and other regulatory and governance mandates for all your clients. New compliance centric services deliver your customers status reports that prove to auditors the effectiveness and efficiency of your customer's control environment.
SP Comply includes:
- Knowledge-based guidance that details compliance requirements
- Monitoring the status of the control environment
- Documented evidence to auditors
- Continuous monitoring, risk assessments, and incident handling mapped to business processes and procedures
- Processes for resolving incidents
- Advanced correlation rules and report templates needed to speed deployment
- Complete suite of compliance and audit specific reports
The main goal of regulatory compliance is to assert that a common baseline of controls can be applied across business processes. SP Comply provides you the ability to show how the control environment is aligned with business processes and the protection of your customer's business assets.
Read about nFX Managed Logging Solutions >
Quick Links