Market Brief

Combining Internal and Perimeter Monitoring for Improved Contextual Awareness

Download Market Brief

In a technology environment marked by quickly vanishing perimeters and increasingly sophisticated cyber attacks, organizations must now pay as much attention to their internal networks as their external environments. Simply put, traditional, perimeter-based technologies such as firewalls, antivirus and IDS/IPS are no longer enough to adequately safeguard enterprise network performance and security. Through new capabilities for combining internal and perimeter-based network and security monitoring, Lancope is providing IT administrators with greater contextual awareness to make faster, more informed decisions.

By leveraging flow data from existing network devices, Lancope is dedicated to cost-effectively delivering seamless, in-depth visibility into the internal network for vastly improved network and security operations. By extending behavioral analytics to the perimeter, StealthWatch significantly improves risk posture as well as a wide range of other IT initiatives including policy management, troubleshooting and compliance.

StealthWatch Provides End-to-End Visibility for Improved Network Performance and Security

Lancope’s StealthWatch® flow-based monitoring solution fills in the gaps between other network and security technologies to provide faster troubleshooting and more secure, high-performance networks. The system delivers complete, real-time visibility, cuts network and security management costs and dramatically reduces the time from problem onset to resolution. By providing a comprehensive view of what is going on in the network at any given time, StealthWatch addresses increasing demands being placed on corporate infrastructure due to trends such as IT consumerization, user mobility, cloud computing, live telepresence and streaming video.

Through behavioral analysis, StealthWatch uncovers sophisticated, zero-day attacks that bypass perimeter defenses, as well as internal threats such as policy violations, network misuse, unauthorized access, device misconfigurations and data leakage. Advanced features including application and identity awareness, as well as automatic threat prioritization and mitigation, also make the system ideal for other efforts such as forensic investigations and compliance initiatives. StealthWatch is scalable to meet the needs of even the largest networks, and can also monitor and protect virtual environments.

Integrating Internal and External Network Monitoring Bolsters Risk Posture

StealthWatch unifies security, network and application performance monitoring for more comprehensive protection and less downtime. Through new capabilities, the system assigns Concern Index™ points to IP addresses that are continuously denied access to the network by perimeter technologies such as firewalls. When malicious users evade perimeter defenses, they will already be red hot, lighting up their activity to IT administrators as a potential concern immediately upon entering the network. These new capabilities revolutionize network and security monitoring by conducting in-depth, behavioral analysis on flow data from the network perimeter.