Get Ready for Your Complimentary Network Threat Assessment

Thanks for booking your no-cost Trinsio network threat assessment!

Below you'll find information around what a threat assessment is, what to expect during your call, and one thing you can do right now to get ready.

What is Trinsio's Network Threat Assessment?

Without requiring access to or visibility into your network or assets, our Trinsio firewall threat assessment will identify, count and qualify the unwanted incoming and outgoing IP traffic on your network from millions of bad actors documented by more than 50 curated lists maintained by the cyber intelligence community.

A network threat assessment is one of four no-cost critical services from Trinsio that uncover previously unknown incoming and outgoing cyber security risks to your organization’s network. Trinsio provides these services at no cost to help customers understand their vulnerability to cyber security risk.

Read more about Trinsio's no-cost critical services here.

At Trinsio, we find even small and unassuming organizations are now continually exposed to high volumes of attempted breaches.

For example, a recent Trinsio network threat assessment for a small rural county government exposed more than 10 million external and internal threats from 108 different countries around the planet - all during a 24-hour period!

What To Expect During Your Threat Assessment Call

  • Assessment Overview & Process (about 15 min)

  • Assessment Initial Setup ( about 15-30 min)

  • Schedule Results Review (about 5 min)

What Can You Do to Get Ready for Your Threat Assessment?

In order for Trinsio to perform your complimentary Network Threat Assessment, we will need traffic logs from your firewall for at least one 24-hour period.

Remember we don't ask for or require access to your firewall at all during the threat assessment process. We'll only see a list of the IP addresses listing incoming and outgoing firewall traffic from your logs.

Upon receipt of 24 hours of log data, our team of threat analysts will process and complete the assessment, and then permanently delete your log data.

It's fast and easy to enable firewall logging (if it's not already turned on). You'll need admin access to your firewall. If you don't have access to your firewall please forward this information to the network admin for your organization.

Below are two options for capturing logs.

Option 1: SysLog File Upload

The logs you collect should:

  • Include source IP, destination IP, and date/time stamp

  • Cover at least 24 hours

  • Ensure the logs indicate if your firewall has allowed or blocked the traffic

Once you have a log file containing the above information.

  • Upload it to a secure file-sharing site (OneDrive, Google Drive, Dropbox, etc.)

  • Email us at [email protected] and provide a download link that will allow us to download the log file

Option 2: Remote Syslog Setup

The logs you collect should:

  • Include source IP, destination IP, and date/time stamp

  • Cover at least 24 hours (Trinsio will notify you once enough data has been collected)

  • Ensure the logs indicate if your firewall has allowed or blocked the traffic

  • Be configured in your firewall to send to our remote syslog server at 69.168.92.134

  • Once you have configured your firewall to send the data to our remote syslog server, email us at [email protected] and provide the public IP address that the data will be coming from so that we can whitelist that IP on our firewall and capture the traffic on our syslog server.

Vendor Log Guides:

Below you'll find links to guides for some of the most popular firewall vendors:

Palo Alto

Fortinet

Sophos

Watchguard

Sonicwall

Checkpoint

Cisco Meraki

If you need help or have any questions feel free to reach out to Trinsio at any time.

Image

Click the document icon to view a sample Threat Assessment report.

CONTACT TRINSIO

Trinsio

1155 S 800 E

Orem, UT 84097

385-283-1800

https://trins.io

[email protected]