Thank you for signing up!

Thank you for signing up for our newsletter. It's a great way to stay up to date with everything about Grove Group.

Cybersecurity

Cyber Risks are increasing not decreasing. Everyone and every company at some stage will be the victim of a cyber attack. It is happening all the time. At Grove we believe it is not about the attack but how you prepare for it and how you mitigate the cyber risk.


To that end we have teamed up with some of the best players in the market to offer a comprehensive suite of services to protect you against cyber risks and give you confident cyber security protection.


Whether its cloud email security, email archiving, email continuity, network security or end-point protection – we have a solution for you. Our enterprise-grade advanced email security, endpoint security, network protection and secure Cloud management tools means that your assets are always monitored giving you unparalleled peace of mind. We’ll ensure that your sensitive information and assets are safeguarded against loss, compromise and unauthorised access.

Best-of-breed cybersecurity solutions – Cylance, Darktrace, Kenna Security, Netography and Mimecast and Proofpoint

As an EMEA Premier Reseller/ Global Partner/ Distributor of BlackBerry Cylance, Darktrace, Kenna Security, Mimecast and Proofpoint, we’re positioned as leaders at the forefront of cybersecurity services for small,medium and large enterprises.


BlackBerry Cylance, Darktrace, Kenna Security, Mimecast and Proofpoint are mould-breaking, next generation, advanced cybersecurity solutions. At Grove, we’ll assess your systems, identify weaknesses and cyber-clad your enterprise with the best cybersecurity solutions that fit you and your organisation.

Netography Distributed Intrusion Detection and Prevention service

Distributed IPS cloud native SaaS that uses lightweight protocols, such as Flow, to ingest network activity.

Netography Distributed Intrusion Detection and Prevention service

Distributed IPS

Distributed IPS cloud native SaaS that uses lightweight protocols, such as Flow, to ingest network activity.

By enriching the flow data and applying rules and signatures that are not bound to single machines, the inability to scale original IPS platforms has been defeated. With Netography Distributed IPS, detection rules and signatures have limitless CPU, storage, and historical data capabilities that have never been available before.

After the detection phase of Distributed IPS, “bad traffic” can then be blocked using existing network devices such as routers, switches, policy groups, or devops calls to our API, which outscales the traditional IPS blocking model.

Netography Distributed IPS is complementary to existing security deployments, and by leveraging the Netography Fusion portal, it enables teams to better control devices and reduce threats.


What Is Distributed IPS?

Distributed IPS is the progression of IDS, IPS, and Cloud Services: Collecting flow and VPC data in a decentralized cloud service, analyzing it using robust algorithms, and then actioning on threats that have been detected via a rules engine.


Distributed IPS Scales

IDS ran into scalability problems with sheer amounts of traffic, encryption, storage, and giant rule-sets. IPS leveraged IDS, but as rule and signature complexity grew, custom FPGAs and ASICs could not keep up. With Distributed IPS, we made the assumption that we do not see all of the traffic and designed our algorithms with that in mind. By leveraging sampling vs. full packet capture, we can store more information longer term, and with the scalability of the cloud, we can leverage more CPU than a single box.


DIPS-Graphic-crop-v3.png

BGP and Flowspec Route Manipulation

Remotely-Triggered Black Hole (RTBH) routing is the modern application of BGP as a security tool. RTBH has traditionally only been used for service provider networks, but it can now apply to the enterprise and the Cloud. In the past, it has been used for DDoS mitigation, but it’s application goes well beyond simple DDoS attack defense and coordination. Netography uses RTBH to push highly customized block lists of IP addresses to customers that are experiencing threats. These block lists are limited only to the capacity of your switch, router, or cloud provider.

By default, Netography provides a pre-configured list of algorithms and plugins that are easily enabled once your network or cloud service has paired with Netography.

Remotely-Triggered BGP, Flowspec, and APIs are the key components to improving border security and a better overall security posture. Remote-Triggering works by injecting a specially crafted rule (in most cases, routes) into the network, and forcing devices to drop all traffic with a specific next-hop (typically null) – effectively creating a “black hole.” Depending on which blocking facility you leverage, it will determine the accuracy and effectiveness of each rule.

Flowspec leverages NLRI (Network Layer Reachability Information) which includes 12 NLRI types and 4 minimum actions that can route traffic based on matching NRLI types.

Similar to how BGP RTBH works, the Netography Rules Engine can craft even more detailed block lists beyond what is possible with simple black holing of IP addresses.

VPC Security Groups

A security group acts as a virtual firewall for your instance to control inbound and outbound traffic in cloud environments. The Netography Distributed IPS can set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC in real-time.

Start Enjoying Unmatched Network Visibility Integrate your Global Network Traffic into one intelligent platform - Contact sales@groveis.com to arrange a demo

More Grove Services

Recent Tweets