StealthWatch from Both the Private and Public Sectors
 |
POSTED BY Jody Ma Kissling on 11.26.2011 0 comments |
As we come to the close of 2011 it is time to step back and look at how both the private and public sectors view Lancope's StealthWatch product family. From the perspective of the private sector Lancope is:
“The leading provider of flow-based monitoring to ensure high-performing and secure networks for global enterprises. Unifying critical network performance and security information for borderless network visibility, Lancope provides actionable insight that reduces the time between problem onset and resolution.
Enterprise customers worldwide, including healthcare, financial services, government and higher education institutions, rely on Lancope to make better network decisions and avoid costly outages and downtime. Founded in 2000, Lancope is continuously innovating to stay ahead of customer demands and marketplace trends, holding five patents and more than 130 proprietary algorithms.”
There are two approaches for analyzing Lancope from the government's perspective. First we can look at specific government contracts and view how the government is utilizing the StealthWatch product family:
In light of increasingly sophisticated and high-profile cyber attacks, it became clear to this organization that implementing the minimum requirements to comply with federal regulations was no longer enough to adequately protect its critical assets. The organization therefore decided to move from a reactive to a proactive security strategy, going above and beyond traditional, perimeter-based security tools and embracing innovative solutions that would provide more comprehensive protection
“How do we get better situational awareness of attacks within our target-rich environment?” asked the organization’s chief security architect. “How do we stop reacting and start hunting?” In order to improve its security posture, the organization implemented a defense-in-depth strategy consisting of a set of innovative, complementary security technologies, including Lancope®’s StealthWatch for behavioral-based network monitoring and anomaly detection. Overall, the organization wanted to increase its situational awareness and improve incident response. “We have a target-rich environment that has been (and will continue to be) attacked,” said the chief security architect. “We need to detect these [attacks] sooner, and be able to rapidly investigate and respond.”
After reading these press-release based articles I still wanted to see, from a deeper perspective, the issues that were driving the federal agencies to rapidly adopt the Lancope StealthWatch product family. As you can imagine, for every government decision there are ten research/case studies and then several dozen official reports to Congress. Within a few hours of research I gathered the following set of documents that trace most of the issues surrounding the adoption of Lancope's StealthWatch.
Comprehensive National Cybersecurity Initiative: http://www.fas.org/sgp/crs/natsec/R40427.pdf
Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations: http://csrc.nist.gov/publications/nistpubs/800-137/SP800-137-Final.pdf
Guide to Intrusion Detection and Prevention Systems (IDPS): http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf
The fiscal 2011 Federal Information Security Management Act reporting metrics for CIOs: http://gcn.com/articles/2011/06/06/%7E/media/GIG/GCN/Documents/FISMA%20reporting.ashx
Managing Information Security Risk (Organization, Mission, and Information System View): http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf
Fiscal Year 2010 Report to Congress on the Implementation of The Federal Information Security Management Act of 2002: http://www.whitehouse.gov/sites/default/files/omb/assets/egov_docs/FY10_FISMA.pdf
At first this list of documents may seem a little daunting, but after spending several hours of reading I came away with a serious respect for the teams that assembled these reports. These documents taken as a whole layout the ground-work of information security management. Over the new few months I will dive into the content of these documents and how they relate to StealthWatch.
Tweet
Post a Comment
Join the conversation. Post a comment using the form below.