Proof of Value — Technical Note

BondMesh Alliance

Network Threat Intelligence  ·  Real-Time Prevention  ·  On-Premises

BondMesh Alliance is an advanced threat intelligence sharing platform designed to prevent cyberattacks in real time. By leveraging a comprehensive threat intelligence database, the platform correlates network traffic with known malicious indicators and provides actionable insights to strengthen the overall security posture of an organisation.

View PoV Process Technical Requirements Request a PoV
Objective

Demonstrating effectiveness
in real environments.

The purpose of this Proof of Value is to demonstrate the effectiveness of the BondMesh Alliance platform in identifying cyber threats and assessing its potential automated prevention capabilities within on-premises environments, including private cloud infrastructures.

The evaluation is performed through the deployment of a dedicated Virtual Machine running the BondMesh Alliance platform and the analysis of edge traffic logs to detect malicious activities and unauthorised access attempts.

Scope — Installation & Setup

Deploy a Virtual Machine hosting the BondMesh Alliance platform within the customer's on-premises environment. Ensure compatibility with the existing infrastructure, including private cloud environments.

Scope — Traffic Logging

Enable the collection of edge traffic logs and forward them to the BondMesh Alliance VM. Configure the infrastructure to capture and transmit all relevant network events for analysis.

Scope — Threat Analysis

Continuously monitor incoming traffic and correlate it with BondMesh Alliance's threat intelligence database. Provide real-time visibility and alerts regarding malicious actors attempting to compromise the network perimeter.

Prerequisites

What is needed
before we begin.

Before starting the Proof of Value, the following prerequisites shall be available.

🖥
Infrastructure
  • A Linux-based Virtual Machine (Ubuntu, Debian, Red Hat, or equivalent)
  • Docker and Docker Compose installed on the target VM
  • Hardware resources compliant with the minimum requirements specified in this document
🔌
Network Connectivity
  • Syslog traffic forwarding towards the BondMesh Alliance VM (UDP/514)
  • Inbound access on TCP/443 for UI and API access
  • Inbound SSH access (TCP/22) for installation and maintenance
  • Outbound TCP/443 connectivity to access BondMesh Alliance threat intelligence cloud feeds
🔑
Access Requirements
  • VPN access to the target environment, if required
  • Administrative credentials with sudo privileges for the target VM
  • Availability of the necessary permissions to enable log collection and integrations
Process

Five steps to
a complete evaluation.

BondMesh manages the entire deployment and configuration process, minimising disruption to your team while delivering a comprehensive evaluation of the platform's capabilities.

01
Preparation
Prepare a Linux-based Virtual Machine with Docker and Docker Compose installed. Ensure that the selected on-premises environment or private cloud instance satisfies all networking and permission requirements required for deployment.
  • Linux VM (Ubuntu, Debian, Red Hat, or equivalent) with Docker and Docker Compose
  • Network and permission requirements validated for deployment
  • VPN access and VM credentials with sudo privileges provided to the BondMesh team
02
Installation
The BondMesh Alliance On-Premises platform — delivered as a containerised architecture based on Docker Compose — will be installed and configured by BondMesh personnel using a dedicated Proof of Value licence.
  • Deployment of all required services
  • Verification of network connectivity to ensure the platform can receive and process traffic logs
  • Final installation and operational checks to confirm full functionality within the target environment
03
Configuration
Enable logging of all edge traffic towards the BondMesh Alliance VM and configure the required permissions and integrations to ensure comprehensive traffic visibility and analysis.
  • Enable edge traffic log forwarding to the BondMesh Alliance VM
  • Configure permissions and integrations for full traffic visibility
04
Monitoring & Analysis
Once operational, BondMesh Alliance starts continuous real-time monitoring of network traffic — analysing it against the threat intelligence database to identify and classify potential threats.
  • Continuous real-time monitoring of network traffic begins immediately
  • Traffic analysed against the BondMesh Alliance threat intelligence database
  • Reports and alerts generated with actionable insights into malicious activities and attack attempts
05
Evaluation
The PoV evaluation phase measures the platform's effectiveness and collects feedback from security personnel on usability and results.
  • Assessing the volume and characteristics of detected threats
  • Measuring effectiveness of BondMesh Alliance in identifying cyber threats and assessing prevention capabilities
  • Collecting feedback from security personnel regarding usability and effectiveness of the platform
Expected Outcome

What you receive
at the end of the PoV.

At the conclusion of the Proof of Value, BondMesh Alliance will provide visibility into malicious activities observed during the evaluation period and deliver a comprehensive analysis of the identified threats.

01
Evidence of malicious connections and events that were allowed by the existing security infrastructure — gaps your current controls missed.
02
Threats identified through BondMesh Alliance threat intelligence that were not intercepted by the current security controls.
03
Indicators of compromise (IoCs) and malicious IP addresses associated with the detected activities during the evaluation period.
04
Evidence of attack attempts that would have been eligible for automatic prevention through the enforcement capabilities provided by BondMesh Alliance.
05
Detailed insights into the detected threats — including attack types, sources, and frequency observed throughout the evaluation window.
06
Key findings supporting the assessment of the overall security posture, plus technical evidence supporting BondMesh Alliance as an additional layer of proactive cyber defence.
Technical Requirements

Virtual machine &
network specifications.

Virtual Machine Requirements

Component Minimum Recommended
CPU / vCPU8 vCPU16 vCPU
RAM32 GB48 GB
Storage750 GB SSD1 TB SSD

Network Connectivity Requirements

Direction Service Purpose
Inbound 514/UDP Syslog traffic
Inbound 443/TCP UI and API platform access
Inbound 22/TCP SSH console access for installation and maintenance
Outbound 443/TCP Access to BondMesh Alliance threat intelligence feeds
Customer Preparation Checklist

Ready to deploy?
Confirm all items below.

All items marked below are required before BondMesh can proceed with the PoV deployment. Our team will validate these together with you during the kickoff call.

Linux VM available
Minimum hardware requirements met
Docker installed
Docker Compose installed
Administrative account with sudo privileges
VPN access available (if required)
Traffic source(s) identified
Syslog forwarding configured
TCP/22 inbound opened
TCP/443 inbound opened
Outbound TCP/443 connectivity available
Get Started

Request a BondMesh Alliance
Proof of Value.

Our team will work with you to schedule a PoV deployment, validate prerequisites, and deliver a comprehensive threat analysis of your network environment — with zero disruption to your operations.

Contact BondMesh Back to BondMesh.com

BondMesh is a contributing member of the OneFirewall Alliance  ·  A global network of 210+ organisations sharing real-time Cyber Threat Intelligence.