Security Analysis

Security Analysis is a tool designed to detect malicious activity and compromised machines at your company.

  • Beskrivelse av tjenesten

    What is Security Analysis

    Uninett supplies a sensor/server that is physically placed with the customer. This contains a continuously updated ruleset – so-called signatures. This solution analyzes incoming and outgoing traffic. Traffic that matches signatures will send out alarms to Uninett’s Log Analysis system. Matching of signatures can indicate unwanted security incidents. All other «normal» traffic that doesn’t provide a matching signature will not be logged.

    The customer itself has access to all alarms and logs generated by the system and decides who else should have access via Uninett’s Log Analysis system. The customer also has full access to the applicable ruleset.

    Cooperation agreements

    Uninett has a cooperation agreement with Mnemonic. The agreement specifies that Mnemonic shall share its updated ruleset in exchange for receiving anonymized data from Uninett.

    NorCERT has a similar system for such sensors (VDI), and Uninett is examining a variety of options for cooperating with NorCERT. The goal is to incorporate rules developed by NorCERT on Uninett’s sensors, and ensure that hits on NorCERT’s rules are logged. NorCERT is Norway’s national center for dealing with serious data attacks against socially critical infrastructure and information. Cooperation with NorCERT will better enable the college and university sector to discover such attacks.

  • Hvem er tjenesten for?

    Who is Security Analysis for?

    Security Analysis is available to all of Uninett’s customers. Those that do not alrerady use the quality measurement service (measuring pole) should expect a somewhat longer delivery time.

  • Organisering

    Organization of Security Analysis

    The service has a fixed maintenance window every Tuesday between 10:00 and 11:00. The window will mainly be used if there is a need for upgrades or reboots as a result of security updates and which can cause noticeable operational disruptions. Such changes will be made in this window without further notice. The service can be experienced as unstable during this period.

    Dialogue with the university and college sector and prioritization of work around the service will be taken care of by joint prioritization councils for networks and online services.

  • Pålitelighet

    Reliability of Security Analysis

    The service is monitored 24/7 by Uninett operations center.

    Service errors may be reported outside of normal business hours at +47 911 27 087.

    The service enclosure represents an Operational Level Agreement (OLA) between Uninett and your company.

  • Forutsetninger

    Forutsetninger for Sikkerhetsanalyse

    Security Analysis makes use of Uninett’s Log Analysis service for storing and analyzing logs. This does not generate any cost in the Log Analysis.

    This service requires being connected to the research network – that is, your company must use Uninett as its Internett service provider.

    Security Analysis also requires being logged into Feide.

  • Support

    Support for sikkerhetsanalyse

    Uninett provides technical support for the company’s IT department. For technical support, contact Uninett online at kontakt@uninett.no / +47 73 55 79 00. Opening hours are 8 a.m. to 4 p.m.

  • Pris

    Price for Sikkerhetsanalyse

    For state-run universities and colleges, this service is an integral part of the basic services. Other customers are billed with a start-up cost and an annual fee for operations and further development.

    The price for this service is specified 

    The price for this service is specified in advance as mentioned in the framework agreement.

  • Bestill

What is Security Analysis

Uninett supplies a sensor/server that is physically placed with the customer. This contains a continuously updated ruleset – so-called signatures. This solution analyzes incoming and outgoing traffic. Traffic that matches signatures will send out alarms to Uninett’s Log Analysis system. Matching of signatures can indicate unwanted security incidents. All other «normal» traffic that doesn’t provide a matching signature will not be logged.

The customer itself has access to all alarms and logs generated by the system and decides who else should have access via Uninett’s Log Analysis system. The customer also has full access to the applicable ruleset.

Cooperation agreements

Uninett has a cooperation agreement with Mnemonic. The agreement specifies that Mnemonic shall share its updated ruleset in exchange for receiving anonymized data from Uninett.

NorCERT has a similar system for such sensors (VDI), and Uninett is examining a variety of options for cooperating with NorCERT. The goal is to incorporate rules developed by NorCERT on Uninett’s sensors, and ensure that hits on NorCERT’s rules are logged. NorCERT is Norway’s national center for dealing with serious data attacks against socially critical infrastructure and information. Cooperation with NorCERT will better enable the college and university sector to discover such attacks.

Who is Security Analysis for?

Security Analysis is available to all of Uninett’s customers. Those that do not alrerady use the quality measurement service (measuring pole) should expect a somewhat longer delivery time.

Organization of Security Analysis

The service has a fixed maintenance window every Tuesday between 10:00 and 11:00. The window will mainly be used if there is a need for upgrades or reboots as a result of security updates and which can cause noticeable operational disruptions. Such changes will be made in this window without further notice. The service can be experienced as unstable during this period.

Dialogue with the university and college sector and prioritization of work around the service will be taken care of by joint prioritization councils for networks and online services.

Reliability of Security Analysis

The service is monitored 24/7 by Uninett operations center.

Service errors may be reported outside of normal business hours at +47 911 27 087.

The service enclosure represents an Operational Level Agreement (OLA) between Uninett and your company.

Forutsetninger for Sikkerhetsanalyse

Security Analysis makes use of Uninett’s Log Analysis service for storing and analyzing logs. This does not generate any cost in the Log Analysis.

This service requires being connected to the research network – that is, your company must use Uninett as its Internett service provider.

Security Analysis also requires being logged into Feide.

Support for sikkerhetsanalyse

Uninett provides technical support for the company’s IT department. For technical support, contact Uninett online at kontakt@uninett.no / +47 73 55 79 00. Opening hours are 8 a.m. to 4 p.m.

Price for Sikkerhetsanalyse

For state-run universities and colleges, this service is an integral part of the basic services. Other customers are billed with a start-up cost and an annual fee for operations and further development.

The price for this service is specified 

The price for this service is specified in advance as mentioned in the framework agreement.