Partner Integration

StealthWatch and Bradford Networks

Download Integration Brief

A new integration between Lancope’s StealthWatch System for Network Behavior Analysis (NBA) and Bradford Networks’ Campus Manager and NAC Director solutions now allows institutions and enterprises to automatically address suspicious behavior at the network edge. This joint solution ensures that malicious or suspicious network behavior from users or devices is discovered and flagged so that access control actions can take place at the offender’s point of network access. By combining Lancope and Bradford Networks’ robust security capabilities, organizations can continuously assess hosts responsible for disrupting network performance and quickly quarantine offenders before any impact to network availability.

Benefits of the Integrated Solution

Clearly, pre-connect assessment controls raise the standard for host integrity and minimize the potential for devices to be attacked in the first place. However, suspicious and malicious activities still occur after pre-connect assessment. As such, internal monitoring for suspicious or malicious host activities remains a requirement for today’s IT staffs.

By combining Lancope’s StealthWatch behavior-based anomaly detection and network performance monitoring for enterprise-wide visibility with Bradford Networks’ NAC posture assessment and network wide quarantine and policy enforcement capabilities, enterprises can enhance overall network stability by rapidly identifying compromised hosts and unwarranted network behavior.

How Does It Work?

During the pre-connect process, Bradford Networks’ NAC solutions grant entry onto the network only after a successful posture assessment by a persistent or dissolvable agent. If these same hosts begin to exhibit malicious or suspicious activity once connected, Lancope’s StealthWatch quickly identifies this anomalous host behavior and sends alarm notification to Bradford Networks’ NAC solutions via SNMP or Syslog.

Bradford Networks’ SNMP/Syslog management feature allows Lancope’s StealthWatch notifications to become NAC events/alarm pairs, which are mapped to specific network access control actions. Depending on the environment and the policy, this action could be as simple as sending an email to an administrator or as drastic as moving the offender’s switch port to an isolation VLAN. StealthWatch’s ability to analyze behavior from all parts of the network and Bradford Networks’ ability to control wired, wireless, and VPN access gives enterprises unequaled control over their entire network.

By working together, the combined solution couples pre-connect assessment and enforcement with post-connect monitoring and containment to deliver a cost-effective and comprehensive NAC solution.

Lancope’s StealthWatch Benefits

StealthWatch provides value in the battle against malware by unifying behavior-based anomaly detection and network performance monitoring. Leveraging data from the network infrastructure, StealthWatch delivers end-to-end network visibility to quickly detect compromised hosts, and accelerate the incident response process. This critical network intelligence significantly reduces the window of time from problem identification to problem resolution. Additionally, StealthWatch easily identifies and troubleshoots traffic bottlenecks and points of network slowdown to improve network performance, availability and security.

Operates Out of Band and Agentlessly to Provide Enterprise-Wide Visibility

StealthWatch provides Enterprise-wide visibility into host and network behaviors through graphical representations of traffic and attention-focusing visual cues.

Cost-Effective, Highly Scalable Solution

StealthWatch provides a cost-effective alternative for both securing and understanding what you don’t already know about your entire network.

User Accountability

StealthWatch promotes ever increasing levels of accountability by integrating with many common authentication stores to identify users in addition to IP addresses.

Bradford Networks’ NAC Benefits

To address the inherent complexity of heterogeneous networks, Bradford Networks offers an integrated and comprehensive NAC architecture that works with the existing infrastructure, allowing network administrators to identify security issues and take action immediately. Bradford Networks’ NAC solutions deliver identity management, endpoint compliance, and usage policy enforcement regardless of the kind of network connection (wired, wireless or VPN).

Enforces at the Edge

Bradford Networks’ edge enforcement provides the best security, the most flexibility in enforcement methods, and the least risk in deployment. Edge enforcement implementations also are highly scalable and cost-effective.

Operates Out of Band

Bradford Networks’ NAC solutions enforcement actions leverage the unique security features and properties of the installed networking devices. This allows organizations to leverage all past and current infrastructure investments.

Unique 7 Point Identity Profile

Bradford Networks’ NAC solutions create an advanced 7 point identity profile linking the user name, user role, device name, MAC address, IP address, physical network access point, and access time for each user. This gives administrators the ability to