Skip to main content

Cyglass NDaaS

CyGlass NDaaS

CyGlass simply and effectively identifies, detects, and responds to threats to your network without requiring any additional hardware, software, or people. The TSG CyGlass Cloud uses AI to continuously analyse the billions of conversations happening on your network, learn what is normal, and alert when suspicious behaviours that risk the security of your critical IT assets are detected. Your private data stays private, as the CyGlass Cloud doesn’t require any personally identifiable information to detect threats.

What is Network Defence as a Service (NDaaS)

Network Defence as a Service (NDaaS) is designed to be part of an organisation’s layered security architecture. As such, it has the ability to integrate with all other surrounding security technologies, including SEIM, EDR, network access control (NAC), network performance monitoring and diagnostics (NPMD), and security orchestration, automation, and response (SOAR). To prove compliance with relevant audit and regulatory requirements, companies want reports that prove they are monitoring their networks. Because NDaaS is provided through the cloud, rather than via a physical security appliance, companies do not face the long-term costs of appliance deployment and maintenance.

CyGlass provides a critical layer of defence behind the firewall to detect anomalies and threats that can lurk in your network for weeks, months, or even years before executing a devastating attack.

For Example:

  • Unauthorised VPNs created for the purpose of exfiltration
  • Tampered firewall policies
  • Rogue machines – machines running in an unknown subnet
  • Data traffic to prohibited countries (North Korea, Iran, etc.)
  • Network Dark Spots – network misconfiguration increasing the risk of an attack going undetected
  • Retired asset suddenly becoming active
  • Unauthorised use of company IT resources
  • Suspicious after-hours traffic These types of activities are common to a wide range of attacks, including ransomware, Bitcoin mining, cybercriminal hacking attempts, and malicious insiders.

Benefits of CyGlass Include

  • Deploys in Minutes
  • Discovers Network Assets
  • Learns Network Behaviours
  • Alerts On Policy Violations
  • Detects Threats Behind the Firewall
  • Measures Network Risk and Progress Over Time


Please leave a few contact details and one of our Trusted Advisors will get back to you. Or call us to speak with someone immediately:

+44 (0)203 892 4812

    Fortinet Fabric Ready

    As part of the Fabric-Ready partnership between Fortinet and CyGlass, network traffic information flowing into FortiGate and FortiSwitch is shared with the CyGlass physical or virtual collector. The PCAP (packet capture) Header or Netflow data flows through an encrypted channel to CyGlass’s analytics engine in the cloud. CyGlass applies machine learning and machine reasoning to baseline normal behaviours, and correlate events and behaviours across networks. This promptly detects anomalous behaviours and potential threats. CyGlass charts out the emergence of threats to provide greater insight into the major actors involved, and the behaviours causing the suspicious activities. As it learns from customer feedback, it becomes more precise and allows analysts to focus on the most serious threats. CyGlass AI sends detailed alerts to FortiSIEM, enabling efficient and effective investigations and remediation.

    FortiSIEM also provides rapid time to value with out-of-the-box compliance reporting and analytics tools. Pre-built reports are standard and help to manage a wide range of compliance needs, including PCI – DSS, HIPAA, ISO 27001, FISMA, SOX, NERC, COBIT, ITIL, SOX, GLBA, GPG13, and SANS best practices. These reports can be customised to suit unique needs.

    Close Menu