TMCnet News
Ixia’s ThreatARMOR Improves Security Tool Efficiency of Large-Scale Enterprise Data Centers at 10Gb Network Speedslxia (Nasdaq:XXIA), a leading provider of network testing, visibility and security solutions, today announced the launch of ThreatARMOR 10G, which delivers IP address filtering at 10Gb network speeds with continually updated real-time threat intelligence that boosts the efficiency of next-generation firewalls and intrusion prevention systems. According to a recent report by the Ponemon Institute1, the barrage of security events facing the modern enterprise means only 29 percent of alerts are investigated and 40 percent of those that are, turn out to be false positive. This means that the bulk of security events which would indicate an ongoing breach are never investigated, leading to an average of 170 days to detect an advanced attack. This enables an intruder to steal sensitive data and damage internal systems. “The reality today is that exfiltration tools have become powerful enough that even small delays in detection can lead to catastrophic breach losses,” said Eric Hanselman, Chief Analyst, 451 Research. “Attackers already know that overwhelmed security teams and infrastructure are prime targets to infiltrate without detection. The ability to eliminate the noise of known threats is essential to enabling security teams and their analysis tools to focus on quickly identifying real threats.” ThreatARMOR filters traffic from known-bad IP addresses, hijacked IPs, and untrusted countries greatly reducing the number of security alerts. By eliminating automated probes and scans, DDoS attacks from untrusted countries and hijacked IPs, and phishing and botnet connections, ThreatARMOR allows security teams to enable enhanced detection features on their existing security tools and focus on meaningful security alerts that indicate an active breach also improving the efficacy of SIEM tools. ThreatARMOR 10G enables customers with large networks and data centers to: • Filter traffic from known bad IP addresses at full 10Gb line speeds – helping to stop malware downloads, network reconnaissance, and other exploits from those known bad addresses • Identify and prevent infected internal devices from communicating to known botnet C&C servers • Remove traffic by geography from entire countries that likely have no valid reason to access the network • Filter unused or unassigned IP addresses, and hijacked domains often used in DDoS attacks ThreatARMOR saves customers the time and cost of reviewing the flood of unnecessary notifications generated by their security systems, which can overwhelm security teams and risk critical alerts being missed. Enterprises spend approximately 21,000 hours per year on average dealing with false positive cyber security alerts, according to a Ponemon Institute report2 published in 2015. “DDoS and malware attacks continue to grow in frequency and volume, which means enterprises are being overwhelmed by security alerts. This makes it almost impossible to identify the critical early signs of a targeted attack on an organization’s network,” said Scott Register, Vice President of Product Management at Ixia. “ThreatARMOR delivers a future-proofed platform that pre-filters known-bad and unwanted IP addresses from impacting the security infrastructure for the most demanding high-end enterprise and data center networks, improving the efficiency of security tools and helping teams find breaches faster.” Ixia’s professional-grade Application and Threat Intelligence (ATI) Research Center has over a decade of experience providing threat intelligence to the world’s largest service providers and security equipment manufacturers for testing the efficacy of their cyber security products and systems. Ixia’s ATI program develops the threat intelligence for ThreatARMOR and a detailed “Rap Sheet” that documents the malicious activity of each included IP address. Rap Sheets provide proof of malicious activity for all blocked sites, supported with on-screen evidence of the activity such as malware distribution or phishing, including date of the most recent confirmation and screen shots. With this clear reporting on blocking actions, customers can easily support IT compliance audits. As a community-building service, TMCnet allows user submitted content which is not always proofed by TMCnet editors. If you feel this entry is of inferior quality or wish to report it for some reason, please forward the URL to "webedit [AT] tmcnet [DOT] com" with your comments. |