Search
ADRA NDR Cybersecurity Solution

ADRA NDR Cybersecurity Solution
Proactively detects and prevents targeted ransomware

The QNAP ADRA series Network Detection and Response (NDR) appliances selectively screen network traffic and detect malware lateral movement, stopping hostile activities before data leakage and encryption can occur.

You need new defenses against new attacks

We are honored that you use QNAP devices to store your valuable data. Unfortunately, this makes QNAP NAS, along with other servers and services in your local network, a large target for attackers to attempt to gain unauthorized access to sensitive information stored within. With an increasing number of targeted ransomware cases encrypting personal and business data, it is time to thoroughly re-assess your existing information security measures.

What is targeted ransomware?

Targeted ransomware gains access to local networks using one or more techniques. Its modus operandi is complex and hard to detect. Once the perimeter is penetrated, ransomware can silently reside in local networks for a long time, gradually infecting all devices. Eventually you would only uncover the malware when the actual attack takes place, which is already too late. Manufacturing, government, and education are among the top three sectors that fall victim to targeted ransomware.

When your storage server has been encrypted by ransomware…

That can mean a lot of things. First, the malware has been laterally moving under the radar for quite some time. It has been able to penetrate all the way to the most critical part of your IT infrastructure, which is a serious issue. Second, your conventional security appliance next to the core switch is not detecting malware activities happening at a lower level of the network topology. And the performance degradation (caused by complete traffic scanning) makes it impractical to connect performance-demanding NAS and other storage servers to the conventional security appliance.

The threats of targeted ransomware

  • The "unguarded" local network

    Conventional security appliances are located at the edge of your local network as the perimeter. But once it is penetrated, there is no detection and response mechanism to prevent the lateral movement of targeted ransomware.

  • The "hard to detect" modus operandi

    Attackers are good at covering their traces with many attack vectors. It requires highly-skilled IT professionals for businesses to analyze and uncover these malware activities. These associated high costs make this impractical.

  • The "too late to react" timing

    Targeted ransomware can utilize virtually all connected devices (such as printers and VMs) as part of its attack. These clients are mostly overlooked. When malware activities are eventually detected, it is usually too late.

The QNAP solution: ADRA NDR appliances

The ADRA series NDR appliances are QNAP's answer to targeted ransomware. We started by building a solution to protect QNAP NAS from such threats, but it can also be used with other NAS and storage server brands.

Threat detection: uncover hostile activities in time

  • Threat Watch

    The ADRA appliance checks specific network packets passing through the switch for suspicious activities. As it only checks part of the network traffic, the throughput is unaffected for high-performance storage and services.

  • Threat Trap

    The Threat Trap simulates several common services (such as SSH and SAMBA) as a lure for the malware to attack. Once the attack is initiated, it can be detected and further isolated.

Threat analysis: yield valuable insights for further actions

  • Deep Threat Analysis

    Once suspicious activities are captured by Threat Detection, network traffic packets are analyzed against a collection of rules to determine the attack type.

  • Threat Correlation Analysis

    Different detection events over time will be evaluated against each other to determine their relations as an additional criterion for evaluating associated risk levels.

Threat response: stop and contain malware attack right away

  • Automated Isolation

    Automatically isolate affected devices only to contain the malware attack to a smaller range, without shutting down the entire network.

  • Manual Risk Management

    IT administrators can take a series of actions (such as isolating or temporarily allowing) to flexibly tackle operational needs.

Use QNAP NAS to rapidly restore affected data on computers/servers when attacks occur

If ADRA NDR detects a high-risk network attack, IT staff can isolate and scan affected computers/devices. QNAP NAS supports Snapshots to help protect data and files from targeted ransomware, and they should be used as part of a 3-2-1 Backup Strategy to ensure that data can be quickly restored to a healthy state in the event of an attack. Restorations only take a few seconds to complete, ensuring minimized business downtime.

Level up your cybersecurity by installing ADRA NDR on your switch – Upgrade Now!

Quickly detect unknown threats and bolster your defenses by upgrading your QGD switch to an ADRA NDR appliance. Licenses start at US$ 399 per year.

Check out NDR switches ADRA NDR Software License

Let QNAP’s technical consultants assist you in planning the optimal NDR cybersecurity deployment architecture.

Enterprise deployment consultation Tutorial video

Choose specification

      Show more Less

      Choose Your Country or Region

      open menu
      back to top