Nebula Security Service (NSS) Analysis Report Provides Useful Insights for Better Policy Management and Network Protection
In this digital age, IT administrators often face significant hurdles when it comes to protecting their organizations’ digital assets and productivity against ever-evolving stealthy security threats including phishing attacks, viruses, unauthorized applications, and blocked websites. A lot of times, they would have to address these issues with limited budgets and resources, especially for small and medium-sized businesses (SMBs). Implementing unified threat management (UTM) can be a viable, cost-effective solution for SMBs since it offers the functionality of network security management with less cost; however, it usually does not provide adequate visibility reporting capability. Thus, SIEM (security information and event management) or other management report is needed, which not only adds to the complexity of management since it is not integrated with the existing system, but also drives the total cost of ownership (TCO) up for businesses with the software/hardware implementation and training required, etc.
The Zyxel Nebula Cloud Managed Security Gateway (NSG) is built with an extensive suite of security features including ICSA-certified firewall, IPsec VPN connectivity, intrusion detection prevention (IDP) and application patrol, content filtering as well as anti-virus. With Nebula’s cloud-managed interface, IT administrators can input and manage configurations and security policies with a single point of management without the hassle of juggling between multiple devices/operating systems while keeping the cost down.
Every NSG is pre-bundled with one-year Nebula Security Service – Security Pack (NSS–SP), including the licenses for IDP and Application Patrol, Content Filtering and Anti-virus. After a year, users may choose to extend their NSS-SP license or continue using the device without the premium security services. The NSS-SP license is sold separately from the Professional Pack license.
What is Nebula Security Service (NSS) Analysis Report?
The NSS Analysis Report is a newly-developed advanced reporting feature in NSS-SP, using the same UTM approach for network security management. Unlike many other UTM vendors only covering the security functionality on a box/appliance, the NSS Analysis Report integrates a wide range of security visibility features together in a single Nebula’s cloud-interface to further offer SIEM capability. The NSS Analysis Report provides a beneficial summary of the network activities including application patrol, content filtering, and anti-virus, without an expensive upgrade to SIEM or a third party security management. It not only allows IT administrators to understand the network user behaviors to better manage bandwidth usage and boost employee productivity, but also helps to get a clear understanding of the statistics of blocked malwares and unwanted/botnet web sites.
How does NSS Analysis Report Work?
The NSS Analysis Report summarizes the Application, Content Filtering, and Anti-Virus results, up to the latest 180 days. As shown in Image 1, the pie chart in the Application report gives the summarized data of the applications used within the user defined time frame and the number showing at the center of the pie chart is the total bandwidth usage amount. It also shows the historical application usage statistics, as well as the list of top applications and the usage details. In addition, there is an Email report feature that allows users to send a summarized report to the designated email addresses for further offline review and management; the report can be set to send on a daily, weekly or monthly basis with an option of adding a customized logo on the report to increase company or brand exposure.
Image 1: NSS Analysis Report - Application (Overall Summary)
Moreover, users can also click on the specific application on the pie chart or on the top application list to further view the details of the selected application usage. As shown below in Image 2, the report gives the specific details such as the total bandwidth usage amount of the application, the IP addresses that used the application, the total usage and the usage percentage by each IP address, and the historical usage statistics of the selected application. Actions can be taken to restrict the use of specific applications for specific IP addresses to better manage bandwidth after checking the Application report.
Image 2: NSS Analysis Report – Application (A specific application is selected)
The NSS Analysis Report also includes the reports on Content Filtering and Anti-Virus. The Content Filtering report (Image 3) tells the blocked websites visited by the network users and the viewing details like hits, hit percentages, and the IP addresses. As shown in Image 4, when a specific blocked website is selected, IT administrators can find out who was trying to access the blocked website and the other viewing details by looking at the IP address list, the hit numbers, and the hit history within the user defined time frame. Actions can be taken to further re-enforce the organization’s security policies and boost employee productivity after checking the Content Filtering report.
Image 3: NSS Analysis Report – Content Filtering (Overall Summary)
Image 4: NSS Analysis Report – Content Filtering (A specific blocked website is selected)
The Anti-Virus report, shown in Image 5, gives the detailed information of the virus names that were detected and blocked, how many times the viruses were detected and blocked and their hit percentages, and the historical statistics within the user defined time frame. In Image 6, when a specific virus is selected, IT administrators can trace the virus source to the IP address(es) that clicked the virus, how many times the virus was detected and blocked, the hit percentage, and the timeline of the hit of the virus. Actions can be taken to re-enforce the security measures in order to protect the organization’s digital assets after checking the Anti-virus report.
Image 5: NSS Analysis Report – Anti-Virus (Overall summary)
Image 6: NSS Analysis Report – Anti-Virus (A specific virus is selected)
With the insightful reports of the NSS Analysis Report, IT administrators can simply understand and analyze the user behavior and network activities, as well as the statistics of blocked malwares and unwanted/botnet web sites, all in a single pane of glass without additional hardware or software investments. More importantly, they can then take corresponding actions, based on the data presented in the NSS Analysis Report, to further enforce security policies, better manage bandwidth, improve workplace productivity, and ultimately protect their business’ digital assets.