NetSkateKoban Use Case
Linkage of UTM and NetSkateKoban Nano/Nano(V)
We will introduce use case for linking third-party UTM (Unified Threat Management) with NetSkateKoban Nano/Nano(V). The linkage will use SNMP Trap or Syslog.
Next, we will explain the linkage with UTM and NetSkateKoban Nano/Nano(V), the isolation of terminal infected with computer virus, and the investigation of virus-infected terminal.
1. Installation of NetSkateKoban Nano/Nano(V).
NetSkateKoban Nano/Nano(V) is installed on the network managed by UTM.
Nano Manager is installed on the administrator's PC.
2. Identification and linkage of virus-infected terminal.
When a terminal on the network gets infected with a computer virus, the UTM can detect the infected terminal using its anti-virus function. At this time, the UTM is set to send an SNMP Trap or Syslog to NetSkateKoban Nano/Nano(V) (SNMP Trap Linkage, Syslog Linkage).
Note: The SNMP Trap or Syslog includes information about the virus-infected terminal.
3. Automatic action of NetSkateKoban Nano/Nano(V).
After receiving the SNMP Trap or Syslog, NetSkateKoban Nano/Nano(V) automatically actions "Blocking the virus-infected terminal" and "Email notification to the administrator". At this point, the virus-infected terminal can be isolated from other terminals.
4. Investigation of virus-infected terminal.
The notified administrator can investigate the virus-infected terminal using Peer List function of Nano Manager. Peer List can verify "when" and "with which terminals" the infected terminal communicated. This information can help prevent the spread of secondary damage caused by the virus infection.
Note: Peer List information is created based on the detection data of NetSkateKoban Nano/Nano(V).
