RouterHawk® is a patented design that revolutionizes monitoring and protecting network routers.
Advances in cybersecurity have led to an ever-increasing sophistication in malicious software and attempts to compromise networks. Often overlooked by computer security products, routers are vulnerable, and an entire network’s traffic and availability can be jeopardized if a router is compromised.
RouterHawk® employs a software agent installed directly on the router to continually monitor for changes. If RouterHawk® detects a compromise, it alerts the administrator through one of several configurable methods.
RouterHawk® is a unique tool that facilitates real-time monitoring of any and all changes made to the key software components of routers. RouterHawk® uses agents to monitor for changes made to the router and it reports any changes to a management dashboard. The dashboard can send alerts to administrators in the event of an attack.
Any changes to the router will be detected, so attempts to exploit a vulnerability will be captured, even if the vulnerability is unknown to the public or manufacturer. Attempts to make malware persist through a power-cycle will also be captured.
A sophisticated verification algorithm compares the router’s active operating system, bootstrap software, and run-time characteristics to known good versions. When differences are detected, the management dashboard alerts the administrator.
Features & Benefits
RouterHawk®’s patented design consists of two components: an agent that runs on the router, and a management dashboard that runs on a separate computer.
- Continuously scans for changes to potential target areas (executable code, function pointers, bootstrap software) of each router on which it is installed
- Monitors the CPU’s MMU (memory management unit), file system, and other volatile and nonvolatile storage for changes
- Direct, low-level access to system hardware and memory gives the agent the ability to locate sophisticated malware and other changes that may be hidden from high-level scans
- Communicates with the management dashboard via heartbeat messages
- Logs data to the enterprise logging system separately for each device
Management Dashboard Functionality
- Provides status information, alerts and logging for each router upon which an agent is installed
- Stores a known good copy of the bootstrap software, operating system and specific run-time characteristics for each router
- Recreates the operating environment for the router each time it is booted
- Compares the results of the agent’s scans to the known good state and notifies the administrator when there is a discrepancy
- Uses heartbeat messages: to know which devices are currently online; to ensure that security has not been disabled; and, to convey data for comparison with the known good state
- Uses challenges to ensure that the agent has not been tampered with or is being impersonated
- Issues alerts to assigned administrators via text message, page, or email
- Configurable to issue audible and visual alerts and run custom scripts
- Logs data to the enterprise logging system
For More Information
Please call or email us to learn how RouterHawk® can secure your routers.
- Email: firstname.lastname@example.org
- Phone: 703.865.3006 x701 – Dan Sherwell