CyBoWall is a non-intrusive, agentless solution that provides complete and continuous monitoring of your network across all protocols and extending to all endpoints. The CyBoWall Network Security Platform provides agentless network breach detection as well as automated response and mitigation. CYBONET’s CyBoWall can secure networks of all sizes and provides unified defense and security for small and medium sized organizations to counter Advanced Persistent Threats.
- Full Coverage of Endpointsdesktops, laptops, servers, routers, smartphones, tablets, wired/wireless LANs, printers, IoT devices - cameras, healthcare, manufacturing, POS etc.
- Intrusion Detection System (IDS)functions as an IDS at the network level for total visibility via TAP/Port Mirroring
- Identify Lateral Movementnetwork traps identify lateral movement between endpoints and can detect threats originating within the network
- Immediate and Automated Response to Network Threatsquarantine and remediate high-risk endpoints without need for active monitoring by a System Administrator/CISO/SOC
As an agentless solution, CyBoWall does not reside on the endpoints but engages them continually, without the need for costly agent installation and maintenance. This makes CyBoWall ideally suited to small and medium sized organizations; effectively monitoring and mapping all endpoints without necessitating a high level of resources and expertise.
Multi-vector Detection and Response Solution
CyBoWall leverages three security vectors to analyze and monitor network activity across all endpoints. The Network Sensor utilizes TAP/Port Mirroring to monitor all inbound and outbound activity. Network Traps enable insight into lateral movement between endpoints and can detect threats originating within the network. The Agentless Network Scanner analyzes and monitors network traffic and enables the creation of an endpoint Asset Map. It can update port profiles, and WMI capabilities allow for remote monitoring of endpoints.
CyBoWall employs Security Information and Event Management (SIEM) to correlate output from all three security vectors in order to initiate automated, policy-based remediation. Data is fed directly into the configurable policy module, and responses are initiated according to assigned activity / risk factor scores. Automated responses; logs, alerts, quarantine and remediation actions enable real time attacks to be contained and enhance an organization’s security without adding complexity.