Fidelis Network Detection and Response (NDR)

About the product

Fidelis Network Detection and Response (NDR) is an advanced network security solution designed to detect, analyze, and automatically respond to threats in network traffic in real time. The Fidelis Network platform provides complete visibility into your network, enabling protection against advanced attacks, data leaks, and other threats that can bypass traditional security measures such as firewalls and antivirus systems.

System składa się z następujących komponentów:

CommandPost—a central console for managing Fidelis NDR system components. It allows for real-time monitoring and analysis of events and metadata. The CommandPost console aggregates results from various components and presents them in a single, consistent view for SOC analysts.

Sensor – devices that allow monitoring of traffic at various levels (e.g., Web, Mail). They enable actions such as quarantine, session reset, etc.

Collector – a component responsible for collecting, storing, and analyzing metadata related to network traffic. Collector enables historical analysis of events and supports alert correlation.

Deception – a system component that enables the deployment of traps and decoys on the network to detect attackers before they reach the organization’s actual resources. It also allows you to obtain information about the techniques and behavior of attackers.

See producer

Advantages of the product

Full visibility of network traffic: Fidelis Network analyzes traffic on all ports and protocols, both at the Internet edge and within the local network, providing insight into every piece of information being transmitted.

Anomaly and advanced threat detection: Uses machine learning and behavioral analysis to identify unusual behavior that may indicate an attack, even if it is not known to traditional signature-based systems.

Data leak prevention (DLP): The system allows you to detect and block attempts to transfer confidential information outside the organization, including personal data, payment card numbers, and other sensitive data.

Automatic incident response: Fidelis NDR enables instant response to detected threats, including automatic blocking of unauthorized traffic, isolation of infected devices, and generation of detailed alerts for security teams.

Metadata collection and analysis: The system records all network traffic in the form of metadata, enabling retrospective forensic analysis and supporting threat hunting activities.

Integration with other tools: Fidelis Network offers an API and integration with a wide range of third-party technologies, allowing you to build a cohesive security ecosystem.

Protection in cloud and hybrid environments: The solution works well in both traditional local networks and cloud environments.

Deep Session Inspection: Advanced network session inspection allows real-time traffic analysis without the need to capture entire files, ensuring speed and efficiency.

Cyber Terrain Mapping: Automatic mapping of network resources and connections enables the identification of risky devices and so-called Shadow IT.

Benefits of Implementation

Reduced attack detection time: Fidelis Network detects incidents faster than traditional solutions, significantly reducing potential losses and the impact of attacks.

High effectiveness even against encrypted traffic: Fidelis NDR can analyze encrypted traffic without decrypting it, using advanced analytical techniques to detect anomalies in data streams.

Scalability and cost-effectiveness: The solution is scalable and can be deployed in both large and medium-sized organizations without impacting network performance.

IPS/IDS: Using Deep Packet Inspection and Deep Session Inspection technologies, the system offers IPS/IDS-class functionality. This includes detection of C2 communication, etc.