Solutions

Become a Partner
Power Up with Nepean

Partner with us for advanced networking solutions, expert support, and exclusive resources to grow your business.

Become a Partner

Solutions

Multi-site connectivity

Empower your business with secure, and efficient inter-branch networking.

Internet Acceleration (Link Bonding)

Boost your internet performance with our advanced bonding technology.

Instant Failover (Same Static-IP)

Ensure uninterrupted connectivity with our rapid failover solutions.

Security (Firewall / SASE)

Protect your network with advanced firewall and SASE.
SD-WAN

Become a Partner
Power Up with Nepean

Partner with us for advanced networking solutions, expert support, and exclusive resources to grow your business.

Become a Partner

SD-WAN

Multi-tenant Management Portal – Antares

Manage multiple tenants with centralized control and intuitive dashboards.

Tools for technicians - Antares SecureConnect

Manage multiple tenants with centralized control and intuitive dashboards.

Advanced Traffic Visibility

Monitor network traffic in real-time to spot issues and optimize performance.

SD-WAN Vendor Agnostic Security

Secure your network with flexible, provider-independent SD-WAN solutions.
Partners

Become a Partner
Power Up with Nepean

Partner with us for advanced networking solutions, expert support, and exclusive resources to grow your business.

Partner Portal

Partners

Become a Partner

Join Nepean Networks to grow your business with exclusive benefits and support.

Our Partners

Access resources and tools to maximize your partnership with Nepean Networks.

How Illuminate Analytics Helped an IaaS Provider Survive a Catastrophic Ransomware Attack
Read More »
Company

Become a Partner
Power Up with Nepean

Partner with us for advanced networking solutions, expert support, and exclusive resources to grow your business.

Become a Partner

Company

About us

Learn about Nepean Networks' mission, values, and expertise.

Contact

Get in touch with us for inquiries, support, or partnership opportunities.

Careers

Explore exciting career opportunities and join our growing team.

Our Team

Meet the experts driving innovation at Nepean Networks.
Resources

Become a Partner
Power Up with Nepean

Partner with us for advanced networking solutions, expert support, and exclusive resources to grow your business.

Become a Partner

Resources

Blog

Stay updated with the latest news, insights, and industry trends.

FAQ

Find answers to common questions about our services and solutions.

Support

Get assistance and technical support from our expert team.

Global SD-WAN POPS

See where we have infrastructure available to route your SD-WAN traffic

Advanced Traffic Visibility

What is Illuminate?

Business threats come in many forms, from Ransomware, Covert Surveillance or simply from disgruntled staff stealing company data.
Your employee just upload 20GBs of company data to Dropbox. Your CCTV system is compromised and sending video traffic internationally. Would your firewall block that traffic? The answer is NO.
Firewalls are only a small part of an overall security framework and struggle to provide real-world insights that are meaningful to human interpretation.
Illuminate provides alerts and insights which are easy enough for a business owner to understand, yet detailed enough for the most senior technicians to work effectively.

Threat Detection

Identifies security threats to the organization by analyzing packets in real time.

Network Performance

Pinpoint the source of bandwidth hogs. Use the data to craft QoS policies or to justify why additional bandwidth should be procured.

Security Incident Analysis

1. CCTV DataUpload to China

Detecting High Traffic Levels

Network monitoring reveals an unusual spike in outbound traffic to China. The volume of data being transmitted is significantly higher than expected for normal operations. This raises concerns about potential data leaks or unauthorized access.

Identifying Internal Devices

Further investigation traces the suspicious traffic to Dahua CCTV cameras within the network. These cameras, instead of functioning solely for surveillance, are communicating with external servers in China. This unexpected behavior suggests a possible security breach or hidden backdoor.

Suspicious Upload Activity

Analysis confirms the CCTV cameras are not downloading updates but uploading large amounts of data. Over 10GB of information has already been transmitted, raising alarms about data security. This suggests possible espionage, unauthorized surveillance, or data exfiltration.

Investigating Recorded Flows

Traffic logs confirm continuous and structured uploads over time. The frequency and consistency indicate an automated or pre-programmed process rather than accidental behavior. Security teams must now determine what data is being sent and why.

Firmware-Driven Traffic

A deep dive into traffic flow origin reveals that the CCTV cameras themselves are initiating the data transfers. The firmware appears to have built-in instructions to send data externally without user consent. This confirms a serious security vulnerability requiring immediate action.

2. RDP Brute Force Attack Analysis

Detecting Unusual Russian Traffic

The system identifies an unusually high volume of inbound traffic from Russian sources. This unexpected activity raises concerns about potential malicious intent. Further analysis is required to determine the nature of this traffic.

Remote Desktop Attacks

The traffic is classified as Remote Desktop Protocol (RDP) traffic. A total of 440 connection attempts per hour are detected. This suggests a possible brute-force attack targeting remote access credentials.

Analyzing Ongoing Attempts

A review of flow logs shows that these attempts are still actively occurring. The repeated access attempts indicate a persistent attack on the system. Immediate mitigation measures are necessary to prevent unauthorized access.

Tracing the Attack Source

A deep dive into the traffic reveals the flow origin as “Remote.” This suggests an open port or firewall vulnerability is being exploited. Securing the system by closing unused ports and strengthening firewall rules is critical.

Nepean Networks SD-WAN L7 DPI Analytics

Go beyond traditional monitoring and gain real-time visibility into application performance with Layer 7 Deep Packet Inspection (DPI) analytics.

Benefits of DPI Analytics

Real-Time Insights

Gain deep visibility into network traffic, application usage, and potential security threats.

Security Compliance

Detect anomalies, prevent data breaches, and ensure compliance with industry regulations.

Speed Optimization

Enhance traffic management and resource allocation for a seamless network experience.

Get a Personalized Demo

Ready to Transform
Your Network?

Discover how SD-WAN can revolutionize your business. Book a demo with our experts to see the technology in action and explore tailored solutions for your needs.