Network Detection and Response (NDR)


Network Detection and Response (NDR): proactively assesses your environment and make informed decisions on vulnerabilities

Network Detection and Response (NDR) proactively assesses your environment on a continual basis by giving the organisation the understanding of what is on your network and in your cloud environment to highlight what is communicating with what. This allows you to make informed decisions as to what systems and tools are vulnerable to an attacker.

We have also noticed, in the new age of home or remote working, customers are struggling to manage the overnight conversion to a distributed workforce as more IT teams push laptops, VPN access and BYOD opportunities to people that have not used them before. As you will appreciate, remote workers are much more vulnerable to attack due to an expanded attack surface and fewer protections for end-user devices.

By assessing these internal infrastructures, you can:


Identify remote access and login issues

This provides visibility into VPN, Citrix, firewalls and other elements needed to monitor and troubleshoot remote access.

Provide geographical origin

The platform will highlight geographical origin of external IP’s connecting to their VPN connector or access gateway so the security team can spot anomalies.

Unapproved remote access tools

Helping security teams to identify remote access tools, such as TeamViewer, LogMeIn and GoToMyPC.

Utilisation monitoring

The platform can help IT teams measure VPN and remote access usage to show their value to management.

Monitor active directory accounts

The platform uncovers activity indicating the attackers have compromised a user device and are trying to gain access, such as excessive lockouts, failed logins and use of disabled accounts.

Network Detection and Response capabilities:


Predictive security operations


Compliance/regulatory auditing


Ransomware detection


Encryption/Cipher Suite auditing


Cloud application usage monitoring


Command/control tracking


Tool consolidation


Threat hunting and investigations


Identity monitoring (AD)


Firewall/NAC rules auditing


GEO IP mapping/rouge state


SSH monitoring


Adaptive new threat visibility


Focussed on business systems integration and world leading vendor alignment, we have deployed many solutions over a prolonged and successful history

Keeping up with continual IT change and expanding a range of technologies, we have become the leading, preferred and often sole IT partner for many South West & Wales businesses.

Technology Investing

We have weathered the commercial storms of recession and made significant personnel investment across all areas of our business. We are proud to continue to strengthen and grow.

Extensive portfolio of products and services

Offering an extensive portfolio of products and services, developed many solutions to suit any type of business.

Service Transitions

Supporting businesses with the transition from Microsoft 2003 server, Exchange 2003 and Windows XP to the newer versions of Microsoft 2008/2012 server.

Best Pricing

Our procurement team have an extensive range of supplier relationships, ensuring the best pricing is gained to offer the most comprehensive solutions.

How can BOM IT Solutions help?

Many organisations only review their cyber security capabilities when a breach has already occurred. Importantly, the cost of a breach can often run into the hundreds of thousands-far outweighing the cost of proactively assessing your level of cyber security.

0800 038 7222

Call for a consultation.

Email BOM IT Solutions.

Contact BOM IT Solutions