Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

Deep Dive Horizon NDR: Video, Slides, and Q&A

Slides are attached, Q&A for the session is below.

What are the pros and cons of the physical vs virtual NDR? Can existing Quantum Gateway in production function as NDR also?

Physical deployment has dedicated resources for flows and has the possibility to be inline for immediate prevention. A virtual does not always has dedicated resource, but can be scaled to what you need at the point in time. Virtual, as it's KVM based, could be deployed to any private and public clouds, and at any time, so it's a quick and on demand deployment. Existing Quantum GWs sending logs to existing LogServer, which you could export logs to NDR SaaS.

Can you quarantine a device and take a forensic snapshot for analysis?

Yes, through integration with other tools. We also provide a "tiny" Harmony Endpoint client (installable via Infinity Portal) that can be deployed to infected machines to remediate them. 

Is NDR SaaS the same as MDR? If not, where can I find info on it?

NDR and MDR are different.
NDR is a tool for SOC analysts to understand traffic patterns and perform Threat Hunting.
MDR is short for Managed Detection and Response, and is a managed servi

...
TO READ THE FULL POST it's simple and free
Upcoming Events

    CheckMates Events