Virtualized Internal Advanced Threat Network Analysis
Enables Real-Time and Retrospective Analysis of Threat and Suspicious Activity Through High Performance Search of Network Traffic
BURLINGTON, Mass., 4 de outubro de 2016 – Arbor Networks Inc., the security division of NETSCOUT (NASDAQ: NTCT), today introduced version 2,2 of Arbor Networks Spectrum™, a high performance network traffic analysis platform integrating NetFlow packet and threat intelligence data for real-time and retrospective investigation of advanced threats.
“Network traffic analysis is a growing area of investment for enterprise security teams because of its rapid ROI when compared to endpoint and sandbox solutions. In fact, an IDC survey of more than 1.000 IT decision makers found that network traffic analysis security ranked the highest among large and very large organizations, with 42% of respondents citing it as a top initiative. CISOs consistently tell IDC that gaining visibility and full situational awareness about the organization's security posture at all times is a significant challenge, but paramount to detecting threats and containing threats as quickly as possible,” said Robert Westervelt, Research Manager Information Security at IDC.
ATLAS Global Threat Intelligence
ATLAS is a collaborative platform with more than 330 service provider customers sharing traffic and threat data, giving Arbor visibility into approximately one-third of all internet traffic. Arbor’s Security Engineering & Response Team (ASERT) utilizes a combination of ATLAS information, in-depth malware research and data from real-time botnet activity monitoring to understand current threats. ASERT knows when an attack is launched immediately, and what data the attackers are receiving back, enabling Arbor to provide much needed risk context.
New in Arbor Spectrum v2.2
Arbor Spectrum v2.2 now includes a virtualized offering for cost effective, rapid installation of network traffic analysis wherever it is needed within the network. Additionally, Spectrum now has enhanced retrospective analysis of network traffic through a new high performance traffic archive search capability, allowing users to identify threats from months of network data, providing rich detail about the when, where and how a threat entered and moved within the network. Other new features include:
- High performance traffic archive and powerful search capabilities provides complete, real time visibility into current and historic network activity at less cost than traditional security forensics or network traffic analysis solutions
- Retrospective analysis of network traffic based on new threat indicators
- Support for third party intelligence use in STIX formats
- User identity and Active Directory data incorporated into Dossier workflows to identify and track movement of individuals within the network, augmenting the detailed view of network conversations between hosts and connection points of interest with user identity data
- New options for deploying Spectrum in virtualized environments
“By virtualizing Arbor Spectrum, we make it much easier for enterprises to deploy network traffic analysis wherever they need it, enabling them to monitor and protect their most critical assets more completely and cost-effectively. Arbor Spectrum is helping customers reduce the risk to their business by giving them the visibility and context they need to reach conclusions that matter more quickly,” said Darren Anstee, Chief Security Technologist at Arbor Networks.
About Arbor Networks
Arbor Networks, the security division of NETSCOUT, helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor Networks Spectrum™ advanced threat solution delivers complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of attack campaigns, malware and malicious insiders. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context so customers can solve problems faster and reduce the risks to their business.
To learn more about Arbor products and services, please visit our website at arbornetworks.com or follow on Twitter @ArborNetworks. Arbor’s research, analysis and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal.
Trademark Notice: Arbor Networks, the Arbor Networks logo and ATLAS are all trademarks of Arbor Networks, Inc. All other brands may be the trademarks of their respective owners.