Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Use Case: Simulate Attacks on Network Assets

 

You can use a simulation to test your network for vulnerabilities from various sources.

You can use attack simulations to audit device configurations in your network.

Simulations provide the following key features:

  • Simulations display the theoretical path permutations an attack can take against your network.

  • Simulations display how attacks can propagate through your network devices to spread to other assets.

  • Simulations allow monitoring to detect new exposure sites.

Creating a Simulation

You can create a simulation for an network attack on an SSH protocol.

  1. Click the Risks tab.
  2. On the navigation menu, select Simulation >Simulations.
  3. From the Actions list, select New.
  4. Type a name for the simulation.
  5. Select Current Topology.
  6. Select the Use Connection Data check box.
  7. From the Where do you want the simulation to begin list, select an origin for the simulation.
  8. Add the simulation attack, Attack targets one of the following open ports using protocols.
  9. For this simulation, click open ports, and then add port 22.
  10. Click protocols, and then select TCP.

    SSH uses TCP.

  11. Click OK.
  12. Click Save Simulation.
  13. From the Actions list, select Run Simulation.

    The results column contains a list with the date the simulation was run and a link to view the results.

  14. Click View Results.

A list of assets containing SSH vulnerabilities is displayed in the results, allowing network administrators to approve SSH connections that are allowed or expected in your network. The communications that are not approved can be monitored for events or offenses.

The results that are displayed provide your network administrators or security professionals with a visual representation of the attack path and the connections that the attack could take in your network. For example, the first step provides a list of the directly connected assets affected by the simulation. The second step lists assets in your network that can communicate to first level assets in your simulation.

The information provided in the attack allows you to strengthen and test your network against thousands of possible attack scenarios.