 |
POSTED BY Matt McKinley on 03.07.2013 |
Lancope launched StealthWatch 6.3 last week at RSA 2013 in San Francisco, CA.
With perimeters vanishing and traditional tools no longer enough to address challenges like APTs, advanced malware, BYOD and others, RSA attendees were chomping at the bit to find a new solution. They were seeking tools that could provide the crucial internal network visibility needed to combat threats that have breached the perimeter.
To address the challenge of visibility from edge to core, Lancope launched StealthWatch 6.3 at the show. Anticipating what will come next, Lancope has taken visibility several steps further by adding rich context around the visibility achieved from leveraging NetFlow. In the security industry, innovation is the key driver, lest one becomes relegated to commoditization. From the booth traffic and the mobs of people crowding the aisles at RSA, it was easy to see the innovators. Lancope had some nice mobs.
Visibility should ideally provide information on as many areas of your security and network as it possibly can. Arbitrary limitations of the technology are a blind spot for security consumers. To that end, StealthWatch 6.3 has a tight integration with the Cisco Cyber Threat Defense Solution, and the capability to leverage other switches and routers to provide just the kind of visibility that will allow you to prevent some of the insidious attacks of late. Additionally, StealthWatch 6.3 can correlate NAT events, permit/deny events through the use of the Cisco NSEL format, and provide internal host reputation through the use of the Concern Index.
Last, and certainly not least, is the StealthWatch Labs Intelligence Center, or SLIC. SLIC incorporates additional intelligence in the form of research and a continuously updated threat feed of known botnet command-and-control servers. StealthWatch monitors the network for any communication, coming or going, to one of these servers and alerts the administrator accordingly. SLIC is coupled with a new site, {page_1618}slic, which provides intelligence on the origin of threats and other information that serves to arm administrators with as much security context as possible.
We were very happy with the 2013 RSA show. 2013 has already started with a bang. Facebook, Evernote, the New York Times...the list of attacks is almost exhausting. That said, it will be very interesting to see what happens the remainder of the year. Rest assured that we came away from the show with even more ideas and suggestions that will, no doubt, give us the vision to secure and the intelligence to protect our customers both now and into the future.
Click here for more information on StealthWatch 6.3.
TweetTAGS stealthwatch, netflow, lancope, network security, network visibility, advanced threats, nsel, cyber threat defense, slic, security intelligence, nat, internal host reputation, threat feed
