HAVARO is a national monitoring and early warning system provided by the NCSA-FI for critical infrastructure providers and central government. HAVARO detects malicious or abnormal traffic on an organisation’s network traffic using identifiers for information security threats from different sources. The NCSA-FI receives data on the anomalies and analyses them and if an anomaly turns out to be an information security threat organization is warned and information is provided to other parties in the network.
HAVARO 2.0 changes the model so that instead of being a government service, HAVARO will be jointly provided by commercial operators and the NCSA-FI. In the future the customer service is provided by a commercial partners, and NCSA-FI focuses on network traffic monitoring. The advantage of the new model is the better scalability of the service to a wide target customer field.
Insta and NCSA-FI have agreed on cooperation that will enable HAVARO 2.0 service from the Insta SOC (Security Operations Center). The HAVARO service integrates with existing Insta SOC services and can be provided as a separate or a complementary service. Insta launched the HAVARO 2.0 service for the first pilot customers on March 26th, 2020.
As a part of HAVARO, the customer joins the national information security network that detects serious threats, is supported by a wide international ecosystem and receives analysis service provided by the SOC and is thus able to improve their situation picture of information security.
- The added value of HAVARO information comes, for example, through the database of classified threats, namely the information that the NCSA-FI receives from the world through its networks. It is information that cannot be obtained with other tools, says Tero Leppänen from Insta.
Read more about HAVARO on the National Cyber Security Center homepage.
