Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Niag
Explorer

Detecting periodic network traffic

Hi,

Is it possible to detect outbound periodic network traffic (i.e. beaconing maleware) based purely on network traffic rather than destination IP using the IPS/AS/AB/AV blads on R80.30?

Kind Reagrads

 

 

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

Without the Threat Prevention blades, no.

The Threat Prevention blades do provide an important signal here. Using the data from a lot of other customers run through machine learning, we are able to identify potentially malicious traffic patterns.

While this ultimately does inform the Threat Prevention intelligence sent to your gateways, we have a service coming soon that will leverage this intelligence in a new way, helping you to easily pinpoint the source of the problem with high confidence. We plan to launch it in the near future. 

@Oren_Koren can tell you more if you're interested.

0 Kudos
Niag
Explorer

I'll need to see about getting that blade added to our next refresh. Thanks.

0 Kudos
Oren_Koren
Employee Alumnus
Employee Alumnus

Hey
As phoneboy mentioned, We do have lots of customers that are already using the AI solution that answers your need. We will soon publish a post on it in CheckMates allows our customers to join the EA or POC program. Sent me a personal message, I will share the needed data if you want.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events