![]() ![]() Some only have agents, and some have historically been traffic-only. Nowadays, most companies are trying to do both, but some still focus mostly on traffic, and some still focus mostly on agents. If you're monitoring network traffic going out through the firewall, then you would have to tap into the firewall traffic. They put in a couple of appliances, and we have to tie them to our firewall. Its initial setup is fairly straightforward. It has the same agents and same equipment, but it is an additional feature. This is an additional module that isn't part of the primary Arctic Wolf SOC. It gives you a place in the console to manage it. You can kind of attack the high-level ones first and work your way down. They also do a brute force scan of all your equipment, acting like a hacker with a scanner, and then in the risk management console, they list all of your current vulnerabilities that have been detected and what level of risk they present. They scan for vulnerabilities on a daily, weekly, or monthly basis based on your preference. ![]() ![]() They scan daily for vulnerabilities, and they perform them by using agents. We have also subscribed to an additional feature that they offer for vulnerability management and risk management. It doesn't do it for you, but it gives you good heads up and collects good information to let you hit the ground running instead of having to do the research yourself and maybe miss things. It gives us prescriptive guidance regarding how exactly to install the updates, etc. It has provided just a little bit more peace of mind in terms of not having to be constantly on our toes and wondering if something is going on while we're trying to enjoy our weekends. ![]()
0 Comments
Leave a Reply. |