- 24x7 live Support
- (202) 769-5123
Understand Your Network Environment to Enable a Fast and Accurate Response
Before we can deploy the Streaming Defense Attack Operations Theater (SD AOT) or deliver a Health Check, we must know what kind of environment you operate. This helps us deliver the right solution with minimal disruption.
Before we can deploy the Streaming Defense Attack Operations Theater (SD AOT) or deliver a Health Check, we must know what kind of environment you operate. This helps us deliver the right solution with minimal disruption.
While our system is agentless, fast, and powerful, it still needs one thing to operate: a port from which network traffic can be mirrored. This can be a SPAN port, network TAP, or virtual traffic mirroring service.
Let’s walk through the most common environments we encounter so you can identify your configuration.
You likely have this setup if:
You operate a central office with on-premises servers Your internet traffic passes through a firewall or router on site Your devices are connected via Ethernet switches or internal Wi-FiWhat We Need:
A SPAN port or Network TAP on a switch or firewall that can mirror outbound traffic. Optional: Port-mirroring on internal segments to watch lateral movement.Typical Locations:
Behind the firewall at the network edge (near the demarcation point). On core switches or in the server room.Ideal For:
Small-to-medium businesses Local government offices Financial institutions with local server roomsYou likely have this setup if:
All assets are hosted in AWS, Azure, Google Cloud, or other cloud platforms You don’t manage physical infrastructure or on-prem networkingWhat We Need:
Virtual network traffic mirroring, such as:
AWS VPC Traffic Mirroring Azure Virtual Network TAP Google Cloud Packet MirroringIdeal For:
SaaS companies Remote-first enterprises Startups using only cloud-based workloadsNote: Cloud-native visibility is just as actionable as on-prem—SD AOT can analyze mirrored cloud traffic in real time.
Most organizations today are hybrid - mix of on-prem infrastructure, cloud-hosted services, and isolated environments. Each requires a unique approach:
(a) LAN + Cloud Mix
On-prem workstations, printers, or file servers PLUS cloud apps and services We deploy one probe for LAN and configure cloud mirroring separately(b) Closed LAN / Enclave
Air-gapped or semi-isolated networks used for sensitive systems Often no internet connectivity Requires internal port mirroring to see east-west traffic and detect lateral movementExamples: R&D labs, forensics facilities, special enclave environments
(c) IT/OT Mixed Environment
Supervisory Control and Data Acquisition (SCADA), ICS, or PLCs on the same network as IT systems Often used in utilities, manufacturing, defense, or smart buildings We detect protocols like Modbus, DNP3, OPC-UA and watch for unauthorized control attempts or lateral movement between segmentsSatellite Office with VPN Tunnel
We deploy at either the main site or cloud landing point Useful to detect anomalies across encrypted tunnels Co-Located Servers (Data Center)
Tap traffic from your firewall or edge device Evaluate both inbound and outbound servicesVirtual Desktop Infrastructure (VDI)
Monitor backplane traffic or the connection brokers to detect unusual access patternsWireless Mesh or SD-WAN Edge Networks
Mirror traffic from the central controller or appliance interfaceWhen you're ready to schedule a deployment or health check, just indicate:
Whether you are Traditional, Cloud, or Hybrid If you have port mirroring or TAP capabilities Which segment(s) you want us to evaluate: internal, external, or bothWe’ll take care of the rest.
If you're not sure which applies, no problem. Our experts can guide you in a short pre-deployment call.
Let us match the right response to your real-world configuration.
Beyond Detection - Full-Spectrum Support When It Matters Most.
Develop an attorney-client relationship with specialized cyber law counsel well in advance of a serious incident. Enveloping investigative data with privilege is critical in litigation.
Establish a pre-incident relationship to have a ready team experienced in digital forensics and incident response to investigate, contain and remediate a serious cyber-attack.
Third-party insurance experts providing industry leading and affordable insurance for cyber-related exposures and expenses including data breaches, legal defense costs, ransomware attack assistance, and system disruption recovery.
Continue Reading...