When was the last time a salesman presented a product with the caveat that it wouldn’t solve the client’s problems? Never, of course. Every security vendor has the answer to every organization’s prayers.
To sift through the noise from the steady stream of sales pitches, many organizations gravitate toward whatever is shiny and new. They have little else to go on. It’s hard to tell if a security product works until an intrusion is discovered, and that often takes months. The global average time between breach and detection is 146 days.
Many organizations rely somewhat on faith that security products will keep their networks safe. They could conduct penetration tests or vulnerability scans, but these processes can stress a network enough to impede performance.
Security Advice – Without a Catch
When I tell security managers that CDW can monitor their networks passively, analyzing traffic for malicious activity or vulnerabilities with zero interaction or disruption to the network, they perk up. When I add that it’s a free service, they get that look that suggests, “there must be a catch.” There’s not.
Through its complimentary Threat Check service, CDW provides organizations with a custom, automated security appliance that combines industry-leading software from Cisco Systems and Tenable Network Security. CDW ships the tool, which easily plugs into an organization’s network. It runs passively in the background for a few weeks, then produces an actionable report spelling out the organization’s security posture, any vulnerabilities on the network and the maturity of its security efforts. After the assessment, the customer wipes the data from the appliance, then ships it back to CDW.
Threat Check clients also get insight from CDW’s team of security experts. Our engineers examine the data, and a security architect explains what the results mean for the client, shares strategies that other organizations have taken, and lists products and services that can solve the problems identified during the process.
The Technology Behind a Threat Check
The software on the appliance includes Cisco’s FirePOWER Next-Generation Intrusion Prevention System, which analyzes network traffic for signs of malicious activity, and Tenable’s Passive Vulnerability Scanner, which identifies vulnerabilities in systems that communicate with the network.
In February, CDW replaced the base hardware in Threat Check to provide the appliance with more horsepower. Threat Check Version 2.5 also incorporates Cisco’s Advanced Malware Protection (AMP) solution, which references a database compiled by Cisco’s Talos Security Intelligence and Research Group to determine if a file contains malware.
Rather than guarding against malware through signature updates that must be downloaded onto devices, the Talos database is cloud-based, so as soon as it discovers a piece of malware, it notifies all other systems of the threat. And due to the large number of AMP-enabled security solutions reporting to Talos, it’s able to cut the time to identify malware from weeks or months to hours or minutes.
After conducting thousands of Threat Checks, I have yet to hear from a customer who didn’t gain value from it. An organization that has been using a security product for years can get a snapshot of its traffic and evaluate whether the product is truly working as intended. The results of a Threat Check might inform an organization’s IT leaders that they can consolidate security measures or that it’s time to move to a next-generation product.
Threat Check gives organizations concrete data and access to trusted advisers to help them determine which solutions are best suited to their actual needs.
To learn more about how CDW Threat Check can help your organization detect malware and other hidden threats, visit CDW.com/threatcheck