In the command center, the Watch Officer sees that a mission’s status has changed. He needs to immediately assess the situation, determine the cause and impact and prepare a briefing for Command. Edge Technologies provides complete visibility into the situation.
Clicking on the mission provides a filtered view of the ships and other assets associated with that mission along with a visual status indication. It is quickly apparent that there is an issue associated with one ship. The Critical Incident TimeLine shows an infected file and quarantine failure.
Ship and Device Details
From the Mission View the Watch Officer can drill down to Ship Details and Device Details to see Key Performance Indicators coming from a number of sources. In doing so it becomes apparent that the ship's DNS server is down.
This ship serves as a communications relay for other nearby vessels. The Communications View shows the communications relationships and status. A quick check reveals that fortunately this incident appears to be isolated and is not impacting other mission assets.
The compliance view confirms that the ship’s anti-malware definitions were not up to date, leaving the ship vulnerable to an emerging security threats. After confirming that the ship’s Operations team has the problem identified and isolated, the Watch Officer now has the information needed to brief Command on the mission impact and root cause.
Edge provides the visual correlation between a NetOps or Cyber event, asset impact, and mission impact, in a single integrated dashboard. This isn’t a vision for the future. Edge has already delivered this solution with proven time to value in weeks, not months.
The Edge Solution
Edge helps government organizations protect critical information and infrastructure by presenting simplified, unified views of available security-related information and tools. The Security Information and Event Management (SIEM) systems that are used to collect, monitor, analyze, and respond to threats produce a staggering amount of information. This presents a challenge for those responsible for recognizing and responding to threats, especially in distributed environments. Edge solutions address this challenge by enabling analysts, operators and commanders to filter and focus on what is critical so they can more efficiently identify and deal with threats before they affect the mission.