Managed
Security &
IoT Security
C－21
Automatic prevention against network intrusion and lateral movement with low OPEX
Detecting and containing invisible internal influence of
exploitation and compromise
Advanced persistent targeted attacks are becoming highly sophisticated and difficult to prevent. Attackers use malware infected
devices as stepping stones to intrude others. NTT Laboratories are developing defense-in-depth technology by collaborating
our security orchestration technology and Fujitsu’s intrusion detection and high-speed forensic technology.
⑥ Notify of attack,
select workaround
RSE(Resilient Security Engine)
Collect
Judge
⑤ Investigate
other devices
④ Alert
C2 server
Attacker
High-speed forensics*1
FW/IDS*2
③ Detect Intrusion
②
EMERGENCY!!
Security
operators
Execute
Features
■ Detecting compromised devices and attack paths from
network/endpoint logs with Fujitsu’s high-speed forensic
technology.
■ Enabling swift and reliable security incident responses with NTT
R&D in-house technology achieving both of fully automatic and
human interactive remediation.
⑦ Execute
High-speed forensics:
Investigate infected
device and attack path
by collecting device
and traffic information
continuously.
Application Scenarios
■ Initial responses against advanced persistent attacks when
suspect traffic is detected in an enterprise network.
■ Visualizing invisible compromised devices and heuristic attack
paths by orchestrating network detection and high-speed forensic
products.
① Infected malware
⑧ Cutting-off
infected devices
Office network
* 1 In this demo, collaborating with FUJITSU’s high-speed forensics http://pr.fujitsu.com/jp/news/2016/05/13-2.html (Japanese)
* 2 In this demo, collaborating with FUJITSU’s Malicious Intrusion Process Scan、iNetSec Intra Wall
https://www.pfu.fujitsu.com/about/technology/no49/images/49-5.pdf
Collaboration Partner
FUJITSU: Intrusion detection and high-speed forensic technology
〈Contact〉[email protected]
Copyright © 2017 NTT. All Rights Reserved.