Lynx defends 10,000 cyber-attacks every day
On Thursday 20th May, our cyber defences successfully kept 10,297 external scans from probing our network as a pre-cursor to an attack. Had just one these probes found a weakness and been exploited, our business could have been badly damaged.
However, this day was no different to any other day. Lynx Networks constantly bombarded by potential attacks, as is every other network with a connection to the internet.
Several layers of defence protect us: Firstly our first layer of protection is a Cisco firewall, protecting us against the majority of scans and probes and only allowing the traffic onto our network that our rules allow.
The next layer sits on top of our firewall and is Cisco Fire Power, this uses next generation technology to look at the traffic that goes in and out through the firewall, leveraging Cisco’s worldwide threat intelligence centre (TALOS) to detect all kinds of threats from Malware to encrypted traffic. By being connected in real time to the TALOS database it is a significant weapon in the fight against Zero-Day attacks.
The reporting from Firepower is particularly important as it can be the first alert to something that is wrong. For example Firepower can report the geolocations of IP addresses, so if you have a PC on the network that appears to be sending data to IP addresses based in suspicious countries then a closer look at what that workstation is doing, and why they are sending data, could be in order.
Our next layer is Cisco Umbrella, this service checks every DNS request that comes out of our network to make sure that it is not a known source of Malware or malicious code. If it is, it blocks it before allowing the user to get the IP address. Umbrella is a cloud service and also leverages the TALOS database in real-time to protect the network and reduce the zero-day attack time window.
Finally we have an Advanced Workstation Protection application which, as well as providing traditional antivirus protection, is constantly checking for unexpected activity on the individual workstation, and blocks scans and other probing type mechanisms used to try and find weaknesses across the network.
These are just some of the ways we keep our network as safe as possible against the constant threat of Cyber-attacks.
News, Articles & Case Studies
The aim of our breakfast update is to guide you to a place where your organization is at a much lower risk from such attacks. You should leave with the basis of a strategy to get there.
Insider cyber security threats refer to actions taken by employees, contractors, or business partners who have legitimate access to an...
Vulnerability testing and penetration testing are both methods used to assess the security of an organization's systems and infrastructure, but...