An ExtraHop Infrastructure Assessment goes beyond consulting. We work with your team to understand the unique demands of your organisation and help to deliver better business outcomes – faster. Our experts have spent years honing methodologies that deliver rapid value and scale.
A dedicated ExtraHop engineer will whelp to quickly identify your unique needs and configure the ExtraHop platform to start delivering—and multiplying—value immediately. The engineer will walk you through implementation and out of the box functionality, including:
Live activity map & dependencies
An extensive analysis of your environment will be undertaken to provide visibility in to the following elements of your infrastructure:
Domain Name Server (DNS) – Identify DNS Errors and Timeouts:
Active Directory – Visibility into key metrics regarding account and computer activity such as:
Transmission Control Protocol – Identify TCP metrics including:
The ExtraHop appliance sees all CIFS and NFS file transfers, including the source IP address, the file and share name and the status of the request:
Slow servers can be highlighted, as well as repeated attempts to access files that are not allowed to that user
5. Baseline & Trend
ExtraHop can keep a history of up to thirty days of activity and display these metrics in its dashboards. This lets you understand the baseline activity across your estate to help understand the rhythms of activity that might be associated with daily, weekly or even monthly events.
ExtraHop can see all file write and rename activities in real-time enabling incident response teams to set up an alert and be notified within minutes of a Ransomware infection starting to encrypt files. Rapidly pinpointing attacks is crucial to stopping Ransomware. The ExtraHop platform enables teams to identify attacks on NAS systems and shared file infrastructure in real-time as well as identify users and IP addresses associated with malware.
ExtraHop understands the full SSL/TLS handshake, including all details of ciphers in use, certificate expiration date, certificate authority, etc. This gives you an understanding of the network-wide SSL posture for your organisation without have to resort to manual audits or spreadsheets.