Turn-key Security Device Reduces Network Attack Surface and Alert Fatigue
Ixia [1] (Nasdaq: XXIA), a leading provider of application performance and security resilience solutions, launched a new front line of defense for enterprise networks. Ixia’s ThreatARMOR represents another innovation for the company’s Visibility Architecture, enabling enterprises to reduce the ever-increasing size of their global network attack surface. ThreatARMOR is a natural complement to an existing security infrastructure, decreasing the volume of security alerts generated and freeing resources to focus on critical issues.
ThreatARMOR shrinks the network attack surface :
A network attack surface is the sum of every access avenue an individual can use to gain access to an enterprise network. Enterprise security tools inspect all traffic, including that which should not be on the network in the first place, such as traffic from known malicious IPs, hijacked IPs, and unassigned or unused IP space/addresses. ThreatARMOR blocks this known bad traffic, reducing the burden on the existing security infrastructure. Ixia’s ThreatARMOR is an easy and fast way to reduce a network attack surface.
ThreatARMOR enables enterprise customers to :
- Block traffic from known bad IP addresses at line-rate speeds onsite without sending traffic outside the private network for inspection.
- Add malicious IP addresses for blocking, either manually or automatically from SIEM tools
- Identify and stop infected internal devices from communicating to known botnet C&C servers
- Block traffic by geography from entire countries that likely have no valid reason to access the network
- Block unused IP space / unassigned IP addresses and hijacked domains from the network
“What’s killing security is not technology, it’s operations,” stated Jon Oltsik, ESG senior principal analyst and the founder of the firm’s cybersecurity service. “Companies are looking for ways to reduce their overall operations requirements and need easy to use, high performance solutions, like ThreatARMOR, to help them do that.”
ThreatARMOR reduces security alert fatigue :
The enterprise security perimeter has expanded to address new classes of attack, advancing breeds of hackers, and an evolving regulatory landscape. As attacks increase in complexity and sophistication, security vendors respond with powerful inspection and prevention security products.
Enterprises spend approximately 21,000 hours per year on average dealing with false positive cyber security alerts per a Ponemon Institute report published January 2015. ThreatARMOR eliminates unwanted traffic before it can impact an existing enterprise security infrastructure. This saves customers time and the cost of reviewing the flood of unnecessary notifications generated by powerful security systems, which can create alert fatigue for enterprise security teams. ThreatARMOR enables IT security personnel and resources to focus on key business issues and reduces the risk of critical alerts being missed.
“As many recent breaches demonstrate, indications of intrusions and data exfiltration attempts are usually flagged through internal security alerts long before the intrusion is actually discovered. But determining the critical alerts is like trying to find a needle in a haystack, given the sheer number of security alerts that must be analyzed daily,” said
Dennis Cox, Chief Product Officer at Ixia. “ThreatARMOR delivers a new level of visibility and security by blocking unwanted traffic before many of these unnecessary security events are ever generated. And its protection is always up to date thanks to our Application and Threat Intelligence program.”
ThreatARMOR is backed by ixia’s application and threat intelligenceresearch center :
In 2014, more than 317 million new pieces of malware — computer viruses or other malicious software — were created. That means an average of nearly one million new threats were released each day.
Ixia’s professional-grade Application and Threat Intelligence (ATI) program has over a decade of experience providing threat intelligence to the world’s largest service providers and security equipment manufacturers for testing the efficacy of their cyber security products and systems.
The ATI program develops the threat intelligence for ThreatARMOR and a detailed “Rap Sheet” that documents the malicious activity of each included IP address. Rap Sheets provide proof of malicious activity for all blocked sites, supported with on-screen evidence of the activity such as malware distribution or phishing, including date of the most recent confirmation and screen shots.
With this clear reporting on blocking actions, customers can easily support IT compliance audits. Threat intelligence and Rap Sheet updates are pushed continuously to all ThreatARMOR devices for ongoing and consistent threat protection.
Competitive advantage for channel partners, business advantage for customers :
ThreatARMOR gives Ixia channel partners a compelling new tool to add to their end-to-end security offerings. Preventing unwanted traffic from accessing the network represents a powerful competitive advantage by reducing the burden on customers’ security teams and optimizing their use of other resources. ThreatARMOR’s plug and play operation allows for rapid time to value for customers with minimal upfront effort required to sell and deploy the solution.
“ThreatARMOR allows organizations of all sizes to elegantly deflect potential threats on a global scale and basis,” says Christian Pfalz, Sales Manager at Dimension Data. “By using ongoing threat intelligence to deflect unwanted traffic before it accesses the network, this new element stands to reduce the strain and improve ROI on businesses’ existing security resources quite dramatically.”
ABOUT IXIA
Ixia (Nasdaq: XXIA) provides application performance and security resilience solutions to validate, secure and optimize businesses’ physical and virtual networks. Enterprises, service providers, network equipment manufacturers and governments worldwide rely on Ixia’s solutions to deploy new technologies and achieve efficient, secure, ongoing operation of their networks. Ixia’s powerful and versatile solutions, expert global support and professional services equip organizations to exceed customer expectations and achieve better
business outcomes.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.