LUCIDVIEW THREAT MANAGEMENT SERVICE
This service provides the Organisation to the tools to eliminate threats identified using the Content Management Service and the LucidView Netflow Dashboard. Additionally, using this service one is able to block access to the ever increasing using of the TOR Network as well as prevent unwanted Torrenting.
Due to the sophisticated nature of this type of content, blocking access to it requires a more sophisticated approach. The Organisation will need to subscribe to both of the above services in order to achieve this level of content management.
This service takes the data collected from the LucidView Content Management Service and the LucidView Netflow Dashboard. The data collected looks examines traffic in terms of throughput, connection counts and type of traffic. From this data the LucidView Threat Management Service creates a live list of IP’s (source based or destination based) of TOR and Torrent connections, as well as connections creating saturation points, this service also looks at the behaviour and where the traffic is originating from and compares it to the normal traffic flow of that Organisation, any anomalous traffic is identified and added to the live list of IP’s. This list is called the KILL-LIST as it literally identifies these connections and then terminates them.
The LucidView Threat Management Service dynamically and proactively protects the organisation against DDOS attacks by scrubbing all traffic destined for the Organisation and adding these IP’s to the KILL LIST.