Starlight TDR solution effectively reduces threats entering customer’s network by automating the detection and response process. TDR produces IOC objects for firewall to perform blocking action to the IOCs.
Starlight TDR – How it works
- Firewall Log Analytics System
- Threat Detection & Response (TDR) Machine Learning System
TDR assigns retention period of the IOC objects depending on the intensivity of the learned attacks.
Firewall pulls Attacker IOC objects and applies them to its firewall protection profile. Matched IP address with the protection profile will be blocked by firewall.
Only clean traffic will pass through firewall.
Starlight Firewall TDR System eliminates the requirement of manual user intervention in responding to large quantities of attack activities to customer networks. It provides consistent results operating around the clock responding to attacks at machine speed.
Machine Learning Functionality
The Machine Learning Logic evaluates IP addresses to identify Indicator of Compromise (IOC).
Through threat scoring system, the identified IOC will be assigned with retention period.
IOCs with higher severity score will be assigned with longer retention period.
Starlight TDR Offering
TDR is offering a Software as a Service (SaaS) – OPEX Model
Customers will receive:
- Dedicated Log Analyzer server for individual customer
- Dedicated IOCs and whitelist Database tailored to customer environment
- Automated Firewall threat protection
- Access to Realtime Threat Dashboard
24x7x4 – Email support
TDR Models and Specifications
TDR caters for all sizes of customer’s firewall setup.
The sizing is based on firewall log output measured in Event Per Second (EPS)
Larger EPS output requires higher processing resources and storage capacities to deliver adequate log analytics and machine learning functionality.
TDR Supported Firewall Models
Starlight TDR is being tested on the following firewall models
- All Palo Alto models with firmware version 9.0 and above
- All Fortigate models with firmware version 6.2 and above