Network Detection & Response – NDR

The heightened threat of targeted and complex cyberattacks is prompting the maritime sector to look for ways to improve network security. Perpetrators continue to devise new ways to exploit the vulnerabilities of a vessels network. Security investments onboard vessels need to include detection and response – not just prevention such as a regular anti-virus. NDR is a vessels best protection strategy against any cyber attack. Port-IT is the first IT cybersecurity provider to launch a fully maritime tailored NDR solution.

Network Detection and Response (NDR) is a security solution used to detect and prevent malicious network activity, investigate and perform forensics to determine root cause, and then respond and mitigate. Hereby protecting organizations against cyber threats.

Implementing NDR will give organizations greater visibility into what is actually on the network as well as all activities. In turn, this will enable security teams to identify and stop suspicious network activity rapidly and minimize its impact on a daily business.

Port-IT NDR silently monitors the vessels network, watching for malicious events or suspicious traffic, even between devices only used internally, such as the VDR and a guest PC. Once this kind of traffic is detected the solution will deploy forensics, mitigate the issue and instantly informs the Port-IT Security Operations Center (SOC) team.

To detect malicious kinds of traffic it uses a combination of artificial intelligence, machine learning and userdefined policies, offering intelligent layers on which the configuration can be strengthened. Port-IT NDR uses NTA, Network Traffic Analysis. NTA does not only monitor the network perimeter, but more importantly all traffic within the network for complete coverage. NDR detects threats across the entire network, including BYOD & IoT devices and even advanced unknown attacks that other solutions have missed.

“There are only two types of companies; those that have been hacked and those that don’t know they have been hacked.” John Chambers, former CEO Cisco

With NDR it is not needed to install software on any device, hence it is the ultimate solution to detect malicious activity from or within a network, regardless if it is crew, business or a guest network. NDR can be used on commercial vessels and fits in perfectly on yacht networks to monitor the traffic of its guests.

An NDR solution can see this traffic. The NDR receives a copy of all traffic transmitted over the local network. Even traffic between locally connected devices will be monitored.

Example of a local network detection:

The Port-IT NDR solution seamlessly integrates with all existing security products of the Port-IT portfolio, providing the shipping companies with a full security-minded overview of all network elements of the vessel. Received data is monitored 24/7 and analyzed by a team of maritime trained network/security engineers.