Today’s threat landscape is challenging for all organizations that operate network-connected devices. Attackers are continually probing for vulnerabilities, looking for systems that they can compromise and leverage for their own purposes.
Keeping all of your systems updated and protected is a daunting task for every organization. At MCNC, we monitor the NCREN network for indicators that customer systems may have been compromised. We currently operate these two separate detection techniques:
Google Safe Browsing Alerts We receive alerts when any IP address assigned to NCREN appears in Google’s updated database of unsafe web resources. This database, known as the Google Safe Browsing list, is leveraged by web browsers like Google Chrome and Mozilla Firefox to help protect their users. If you are an MCNC customer and one of your NCREN IP addresses is added to the database, we will alert your organization so that you can investigate.
Outbound DDoS Attack Alerts In addition to MCNC’s Enhanced DDoS Protection capabilities, we also monitor traffic leaving your network for DDoS characteristics. If we see DDoS attack traffic leaving your network, it is usually an indication that there is a vulnerable or compromised system. When we see this traffic, we will alert the affected organization so that an investigation can be undertaken.
We are also evaluating other opportunities for detecting compromised hosts. As other capabilities are added to the Compromised Host Detection service, we will update this page.
Requirements of Service:
In order to receive service, you must be an existing NCREN network customer.
Eligibility & Pricing:
MCNC’s Compromised Host Detection services are provided to NCREN network customers at no additional cost. This detection capability is a standard part of NCREN network services and is another way that MCNC provides value to its customers.
Terms & Conditions:
Technical support is available 24x7 by phone 877-GO-NCREN (877-466-2736) or by submitting a web request.