It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Domain Fraud Protection

Network Security

Support Services

Barracuda XDR

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Domain Fraud Protection

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

Simulating Network Monitoring Threats

Last updated on 2023-11-21 13:21:37

The use case for this simulation is traffic detecting communication with a Malware IP address.

Malicious actors do not just enter your network quietly. Cyber attacks intend to exfiltrate data. Monitoring for unusual traffic patterns leaving a network is a primary indicator of a compromise. Compromised systems often “talk” to the command-and-control servers that provide commands to infected devices & these devices communicate to known Indicators of Compromise IOCs (Website/IPs).

Test Workflow

Networking Monitoring 1.png

How to Test

From the network where you are spanning traffic, in the device's browser, navigate to https://128.31.0.39.

The IP address 128.31.0.39 has been flagged for the Ransomware Shade in the past. It is thought to be of Russian origin and has been around since 2014.

This triggers a Barracuda XDR alarm for “SKOUT CYBERSECURITY Network Monitoring TEST”, which detects network traffic to the Malware Testing IP address.

Simulating Other Threats

You can simulate the following threats:

You can also view Threat Simulation videos. See Threat Simulation Videos.

Previous Article Next Article