NDR

What is NDR?

Alix Ingram
Placeholder for Female5Female5

Alix Ingram

2 min. read
Placeholder for Verne ho GJL L3 Tq K0 unsplashVerne ho GJL L3 Tq K0 unsplash
Arista Networks

Share

icon  Idea

Fraser Kyne from Arista Networks gives us the lowdown.

As part of Nomios 101, we spoke to Fraser Kyne from Arista Networks about the importance of NDR, especially in an age of increasingly complex networks.

View the video

What exactly is NDR?

Network detection and response, more commonly called NDR, is a network solution that uses a combination of machine learning and advanced AI to detect suspicious activity on your network. This enables your team to respond to abnormal or malicious activity that other security tools, like endpoint detection and response (EDR) working alone, might miss. As an NDR constantly monitors and analyses network traffic, it learns what is considered normal behaviour for your network. This allows it to recognise anomalies more easily.

Network detection

NDR specifically looks at what is happening on the network, allowing it to take the massive amounts of data generated, pull out meaningful information, and search for contextual anomalies.

NDR not only detects abnormalities in network activity but provides context through features such as the real-time inspection of network communications and network traffic analysis. This allows NDR to detect and investigate threats, and anomalous behaviours across the whole of your network. NDR can understand the full extent and specifics of a security breach and then respond appropriately.

Each vendor’s NDR works slightly differently but Arista’s for example is designed to mimic the human brain. Recognising malicious threats, and learning over time, gives you greater visibility into the threats that exist and how to respond to them. It can deliver data packets more contextually, letting you see the device and personnel information you need to understand the anomalous behaviour detected.

NDR: taking network security further

Fraser Kyne likens network security controls to a three-legged stool with NDR, SIEM and EDR being the three legs. Without one, the stool will fall over, and so will your network. Each one has an important role to play in the security of your organisation’s network, below is a brief description of the jobs they do. For a more in-depth rundown click the links for individual information pages.

Placeholder for NDR Blog Venn Diagram Graph 1NDR Blog Venn Diagram Graph 1

Individually each has a great benefit, but together they create a strong network solution protecting your business from malicious cyber threats.

Networks have evolved to now include devices that can’t run EDR but are still prone to attack, like smart TVs, CCTV and IP phones. NDR was created to fill that security gap and allow greater visibility across your whole network.

Learn more about why NDR is an important pillar in your network security in our great video interview with Fraser.

Find out more

At Nomios, we believe NDR is an important step on your organisation’s cyber maturity curve. That’s why we’ve partnered with Arista and other trusted vendors to offer a range of NDR solutions designed to fit your business.

If you’d like to know more about NDR or book a demo for your own network, get in touch with our expert team today.

Get in touch

Do you want to know more about this topic?

Our experts and sales teams are at your service. Leave your contact information and we will get back to you shortly.

Call now
Placeholder for Portrait of french manPortrait of french man
Updates

More updates