CAN YOU SEE WHAT IS REALLY HAPPENING ON YOUR NETWORK?

Both Malicious and Accidental Actions Raise Business Risk

“Numerous sources indicate that 80% of all attacks come from external parties, yet there are also indications that 80% of all security-related losses are attributed to the remaining 20% of attacks - that is, those that are attributed to internal parties...For example, with Blaster, numerous META Group customers acknowledged that the worm did not penetrate their perimeter controls. Rather, their computing systems were thoroughly “taken down” after an otherwise mobile user visited a corporate office and connected an infected machine on to the local-area network.” ¹

Arguably the insider threat is growing and will continue to do so. Compounding this business risk are internal misuse as well as unnecessary network exposures, such as:

worm propagation
firewall misconfigurations
unsecured site-to-site communications that bypass secured hubs
peer-to-peer file sharing
inappropriate server access
unauthorized employee web server implementation over the network

These problems persist on all networks because of an inability to see what is actually happening on the network.

Ever-Changing Networks Compound the Problem

Further escalating business risk is the fact that networks are constantly changing, creating even more opportunities for internal misuse and abuse. Following are common network scenarios that frequently cloud a corporation's network visibility:

MPLS rollouts
Datacenter consolidations, server virtualization
Mergers of once separate networks
Bandwidth upgrades to core networks

Many organizations wrestle with the same questions:

How Can I...

see what is actually happening across my entire network?
move beyond a perimeter-based security strategy as perimeters are crumbling around me?
regain control of my network?
quickly identify compromised hosts and rapidly squelch the resulting infection?
promptly detect and troubleshoot network performance and availability issues?
monitor network usage by employee, customer, partner and consultant?
focus my limited resources on the most critical issues?

What Can You Do?

Ideally, you want “x-ray vision into the network” - a level of visibility that clearly reveals network and security issues as well as quickly troubleshoots and resolves them. StealthWatch™, the most widely used Network Behavior Analysis (NBA) and Response solution, provides that Enterprise-wide visibility into host and network behaviors, adding a broader context around point-in-time security events. Hundreds of customers attest to StealthWatch's effectiveness in identifying compromised hosts and misconfigured devices, remediating network incidents and promoting network availability.

“Immediately upon deployment, StealthWatch™ uncovered 400 misbehaving hosts and helped reduce network threats by 90 percent. Email worms, which used to propagate quickly, are now immediately stopped with StealthWatch™. New attacks, for which no signatures exist, now fail to gain a foothold unlike before.” Dartmouth College

¹ Meta Practice (since acquired by Gartner), 4 August 2004

For more information, please contact 888.419.1462 (US), +1 770.225.6500 (International), or sales@lancope.com

MORE INFORMATION

WATCH FREE WEBINAR: Securing MPLS Networks
(registration required)
View StealthWatch Demo
StealthWatch Architecture
StealthWatch™ System Brochure
Security Implications of MPLS
Network Visibility Brief
How To Buy
White Paper: Role of Network Behavior Analysis (NBA) and Response Systems in the Enterprise
(registration required)

INDUSTRY HONORS

View All Awards