VTPP

VNET Threat Perception Platform: Revolutionizing Digital Infrastructure Security

For over two decades, VNET has evolved from a standard ISP service provider to a cutting-edge Digital Infrastructure specialist. Our expertise spans IaaS, PaaS, SaaS, SASE, SD-WAN, and IoT services, marking a transformation towards comprehensive system integration experiences.

In today's landscape, where VNET is not only classified as an essential service but also a critical infrastructure provider, the risks of malicious disruptions are exponentially higher. The distinction lies in our unique ability to ensure data sovereignty, a crucial aspect for both VNET and its customers.

This project outlines our vision for a robust security platform, safeguarding both traditional and modern digital services. From enhancing detection capabilities using Zeek's open-source system to AI-based services, automated penetration testing, and high-standard data encryption, we aim to cover all fronts. The platform's scope includes DDoS protection, virtualized hardware utilization, and data analytics, all managed through a flexible SIEM interface compliant with the NIS2 (EU) 2022/2555 directive.

Recognizing that many clients lack the expertise to combat the increasing complexity of cyber threats, VNET is taking a proactive stance. We are integrating a cybersecurity platform directly into our infrastructure to protect the majority of our clients' services.

Our solution is sophisticated and aligns with the following goals:

Preventing Security Breaches: Enhancing monitoring and real-time analytics, deploying new hardware platforms, and fortifying encryption capabilities.
Cost Savings: Establishing a coherent and expandable cybersecurity platform optimized through process automation, AI, and ML models.
Real-time Operations: Providing real-time reporting, log collection, analysis, and data retention.
Cybersecurity Awareness: Elevating overall cybersecurity awareness and fostering knowledge-sharing with relevant partners.

In our pursuit of a secure digital future, VNET invites you to join us in redefining the standards of cybersecurity.

Key features

Common attack prevention toolbox

Based on the analysis of the observed vectors of attacks and expert knowledge of the field, VNET identified countermeasures that can be efficiently provided to all connected entities as a shared service, thus significantly mitigate risk and/or impact of some common types of attacks:

Internet routing attacks - prevented by implementation of RPKI
Defeating Ransomware Attacks and Data Leaks - deep packet inspection
DDoS attacks - IPFIX/Netflow
Traffic anomalies - with AI/ML module based on Minerwa project (2019-SK-IA-0140)

Real-time detection

Operation on real-time data is necessity for this tool to be useful for SoC teams. Based on hardware VTPP is capable to analyze up to TODO Gbps [OVERIT!] of real-time traffic. SIEM system will be integrated for event recording, visualization, and response. Data processing modules and AI/ML event automatization will enable cost-effective and timely threat response and post-attack investigation.

Monitoring and event visibility

SIEM system will be integrated for event recording, visualization, and response from all early mentioned data toolbox. Data processing modules and AI/ML event automatization will enable cost-effective and timely threat response and post-attack investigation.

Expandable Architecture

VTPP uses a pluggable architecture, allowing users to expand its detection and communication capabilities, like sending notifications and action triggering on remote systems. This create space for using of AI/ML event processing or even plug automated solutions like SOAR.