Get in Touch
Get in Touch

VigilanceTM
Watchdog

Cyber intrusion detection and forensic analysis for telecommunications networks

The Challenge with Network Cyber Intrusion

Monitoring the numerous connections into and out of a telecommunications network is difficult. Legacy protocols, such as SS7, and more modern interfaces, such as Diameter, remain essential elements. But, with Global Title leasing offering easy access for hostile actors, they present a significant threat surface that can impact the network, connected devices, and users’ data.
 
Modern firewalls go some way to protect the network, but with most being rule-based gateways, they are not perfect. If the rules are too tight, they risk blocking legitimate traffic and overloading network security personnel; too loose, and they increase the risk of successful attacks. Moreover, when attacks do occur, they provide little insight into what happened.

Vigilance Watchdog increases network security by intelligently comparing SS7 and Diameter traffic to known threat signatures and machine learning to spot unusual activity. Working alongside the existing firewalls, Watchdog records the packets before and after an event, creates a clear timeline, and provides your security team with the tools to analyze, understand, and take action quickly.

Key Benefits of Vigilance Watchdog

Leverages a Comprehensive Threat Library

More →
Uses a regularly updated vulnerabilities and threat database

Provides an Extra Layer of Defense

More →
Complements firewalls by using leading-edge machine learning to detect and identify threats

Aids Forensics During and Post-Event

More →
Provides a clear timeline of events leading up to and after an alarm

Defends Against Common Attack Vectors

More →
Detects SMS-based malware (smishing), GPRS-based IoT devices, Global Title leasing, corporate systems, and roaming interfaces

Reduces Operator Burden

More →
Uses severity levels to allow operators to separate significant attacks from minor incursions and false alarms

Integrates with Your Tools

More →
Offers built-in analysis dashboards or facilitates integration with your own preferred applications

How Watchdog Protects Your Network

1
Sensors monitor interconnect data.
 
2
Watchdog is capable of monitoring multiple connections or networks.
3
Packet Broker strips out relevant packets, e.g., SS7 or Diameter traffic.
4
Threat Detector monitors traffic for suspicious content or behavior and rates it in terms of severity.
5
Packet Recorder continuously captures data over a rolling time period.
6
On detection, the Event Builder automatically extracts associated packets and metadata to create a timeline of events.
7
Event Store records metadata for complete events for follow-up by network security personnel.
8
All packet data relating to specific events is captured in the Packet Store, ready for detailed analysis.
9
Analytics Dashboard provides real-time view of network activity and current threats.
10
Forensics Services enables the detailed analysis of alerts and their causes.
11
Session Viewer enables low-level analysis.
12
Web-based interface provides Identity and Access Management.
13
Threat Events can immediately be correlated to other defense mechanisms, e.g., firewall notifications.
14
Events are exported in Syslog format for integration with third party security information and event management system, e.g., Splunk or QRadar.

Related Pages

Previous
Next

Find Out More

Download the Brief

Get in Touch

contact@oneilluminate.com

+1 (703) 659 9965

Headquarters

198 Van Buren Street, Suite 200
Herndon, Virginia 20170
United States of America

Europe

Apex 2, 1st Floor
97 Haymarket Terrace
Edinburgh EH12 5HD
United Kingdom