A security operation center (SOC) provides not only an extra set of eyes for 24×7 monitoring on cloud services but also the security knowhow and guidance for resolving potential security incidents detected. SOC as a Service, as the naming suggests, delivers the aforementioned security measures as an outsourced service, delivering the highest level of security posture for organizations with limited time, budget, or trained staff needed for an in-house 24×7 SOC deployment.
Before any security incident, if any, can be mitigated with actionable intelligence, however, a SOC must begin with comprehensive on-premises data collection, logging and retention by way of on-premises security gateway appliances.
A SOC-as-a-Service provider came to Lanner looking for a hardware solution capable of running their suite of proprietary software needed for deploying an airtight SOC for one of their end customers. This hardware solution, along with their software suite, is demanded for allowing the deployment of a highly trained team of network security professionals so the said end customer would not be burdened with building and managing their own SOC. In other words, this service provider and their services would be regarded as an extension of the end customer’s team, delivering 24×7 visibility to and providing support for monitoring network and cloud services such as NRT cloud/network resource monitoring, vulnerability scans, patch management and regulations compliance.
The said on-premises security gateway appliance, therefore, must:
- Simplify customer site deployment
- Enable a software platform with a consistent management interface
- Offer multi-core computing prowess and power-efficiency
- Be lightweight and has a small form factor
The on-premises hardware solution must, in turn, enable the followings for the cloud monitoring SOC:
- 24/7 NRT detection, altering and mitigation
- Network usage analytics and logging
- Regulations compliance insurance
- Full-coverage vulnerability scans
Lanner’s NCA-1510, a fanless SFF desktop network security appliance, is powered by Intel® Atom® C3000 CPU (codenamed Denverton). The NCA-1510 features robust performance and Intel’s QuickAssist Technology, offering cryptographic acceleration and commercial-grade LAN functions in a 231mm x 200mm x 44mm form factor.
Intel®’s Atom™ C3000 CPU and QuickAssist Technology, running at 10G, together greatly boost network responsiveness and security by distributing processing power to more critical applications and by offloading computationally intensive compression and encryption/decryption tasks.
Other features include secure boot, support for TPM 2.0, K-lock and FIPS compliance, 0~50ºC operating temperature range, Intel® AES-NI, up to 16 GB of DDR4 2133MHz memory, 6x GbE RJ45 or x4 GbE RJ45 and 2x GbE SFP, 1x mini-PCIe slot and 1x M.2 slot with nano SIM accessibility for function expansion and wireless connectivity via 3G, Wi-Fi or LTE, 1x mini USB console, 2x USB 2.0, 1x 2.5” HDD/SSD bay and 1x onboard EMMC (8GB).
The NCA-1510 emerges as the cost effective and high-volume on-premises security gateway with standardized software APIs as it offers exceptional performance, power efficiency, simplifies customer site deployments and extends cloud-centric technologies all the way to the access part of the telco network.
In addition to deployment agility and flexibility, the NCA-1510 works well with the proprietary software platform, providing a consistent management interface regardless of the selected network functions.
The combination of Lanner and solution provider’s technologies delivers a streamlined solution that optimizes networking performance with minimal footprint, not only resulting in very high compute density but also reducing costs and computing complexity at the network edge.
The collaboration between Lanner and the service provider is a SOC-as-a-Service solution built with purpose designed hardware, industry-leading software and advanced machine learning; it delivers comprehensive, up-to-the-minute threat detection and mitigation for both routine and non-routine tasks, protecting this end customer’s network from known and emerging threats.