The manufacturer QNAP has developed a new technology for its QGD range switches, some managed switches that also perform the function of NAS server with the QTS operating system, so we can use the same equipment to function as the main router, managed switch and much more. This new technology is a software NDR (Network Detection and Response) which enables QGD switches to provide greater security to customers. Do you want to know what this new technology does and the main use cases?
What is ADRA and what is it used for?
This new software has been designed for the detection, analysis and response to possible cybersecurity incidents related to ransomware. Ransomware is one of the most popular attacks that exist today, this type of malware aims to encrypt or completely encrypt all data, with the aim of making it inaccessible to legitimate system users. This new technology is capable of allowing ransomware to move laterally within the local network, blocking these suspicious activities to help businesses prevent data theft and even mitigate the spread of ransomware throughout the local network.
The only thing we need to do to use this technology is to install QNAP ADRA NDR software on QGD switches, in this way, we will turn them into cyber security devices for our customers. Unlike other solutions that are reactive (something happens and then you act), this solution is proactive (before something happens, you act), so it allows you to automatically block threats, thanks to its rapid detection systems. Of course, all of these features also help protect private and confidential data on NAS servers, whether they are from QNAP or other manufacturers.
ADRA’s way of operating is based on two actions:
- Threat Watch– Looks for suspicious activity in network packets passing through the switch. It only checks part of the traffic, so local network performance is not affected.
- Threat Traps: it installs honeypots to hunt down cybercriminals, in this way, it is capable of simulating services as popular as SSH or Samba, and act as bait to detect the attack and stop it.
When the threat is detected, a deep analysis, then a threat correlation analysis is performed to assess the associated risks. Regarding responses to threats, stops and contains the malware attack immediately, furthermore, it allows you to do it without having to deactivate the entire network but the one that is affected. IT administrators will also be alerted to take a series of measures such as temporarily isolating or allowing traffic. A very important aspect is that QGD-1600P and QGD-1602P switches must be located in the network access layerthat is, the end devices must be connected to the switch in order to scan all network traffic, which adds this layer of security that this new technology offers us.
Finally, at QNAP we will also have the usual security measures to protect ourselves from ransomware, such as snapshots, scheduled backups such as HBS3, and many other ways to preserve what is most important: company information and data. Thanks to this new technology in QGD switches, they make them even more interesting for small and medium businesses.
