Story image

Ixia: Protecting enterprises from cyber attacks with new offering

14 Oct 2015

Looking to protect enterprises from cyber attacks, Ixia has added ThreatAmor to its visibility architecture portfolio.

ThreatArmor is a natural complement to an existing security infrastructure, says Ixia, and helps an organisation to decrease the volume of security alerts generated, freeing up resources to focus on critical issues.

A network attack surface is the sum of every access avenue an individual can use to gain access to an enterprise network.

Enterprise security tools inspect all traffic, including that which should not be on the network in the first place - such as traffic from known malicious IPs, hijacked IPs, and unassigned or unused IP space/addresses.

Ixia says ThreatArmor blocks this bad traffic, thus reducing a network attack surface and reducing the burden on the existing security infrastructure.

According to Ixia, ThreatArmor enables enterprise customers to:

  • Block traffic from known bad IP addresses at line-rate speeds onsite without sending traffic outside the private network for inspection
  • Add malicious IP addresses for blocking, either manually or automatically from SIEM tools
  • Identify and stop infected internal devices from communicating to known botnet C&C servers
  • Block traffic by geography from entire countries that have no valid reason to access the network
  • Block unused IP space/unassigned IP addresses and hijacked domains from the network

“What’s killing security is not technology, it’s operations,” says Jon Oltsik, ESG senior principal analyst and the founder of the firm’s cybersecurity service.

“Companies are looking for ways to reduce their overall operations requirements and need easy to use, high performance solutions, like ThreatArmor, to help them do that,” he says.

According to a Ponemon Institute report published earlier this year, enterprises spend approximately 21,000 hours per year on average dealing with false positive cyber security alerts.

In order to address this, ThreatArmor eliminates unwanted traffic before it can impact an existing enterprise security infrastructure and reduces alert fatigue on security teams.

“As many recent breaches demonstrate, indications of intrusions and data exfiltration attempts are usually flagged through internal security alerts long before the intrusion is actually discovered.

“But determining the critical alerts is like trying to find a needle in a haystack, given the sheer number of security alerts that must be analysed daily,” says Dennis Cox, Ixia chief product officer.

“ThreatArmor delivers a new level of visibility and security by blocking unwanted traffic before many of these unnecessary security events are ever generated.

“And its protection is always up to date thanks to our Application and Threat Intelligence programme," Cox says.

The new offering is also backed by Ixia’s application and threat intelligence (ATI) research centre.

The ATI programme has provided threat intelligence to service providers and security equipment manufacturers for more than a decade, helping them to test the efficacy of their cyber security products and systems.

When it comes to ThreatArmor, the ATI programme develops threat intelligence and provides a detailed ‘Rap Sheet’ - which documents the malicious activity of each included IP address.

Rap Sheets provide proof of malicious activity for all blocked sites, supported with on-screen evidence of the activity such as malware distribution or phishing, and includes the date of the most recent confirmation along with screen shots, Ixia says.

With this reporting on blocking actions, customers can support IT compliance audits. Threat intelligence and Rap Sheet updates are pushed continuously to all ThreatArmor devices for ongoing and consistent threat protection, says Ixia.

 “ThreatArmor allows organisations of all sizes to elegantly deflect potential threats on a global scale and basis,” says Christian Pfalz, Dimension Data sales manager.

“By using ongoing threat intelligence to deflect unwanted traffic before it accesses the network, this new element stands to reduce the strain and improve ROI on businesses’ existing security resources quite dramatically," he says.

DDN completes Nexenta acquisition
DDN holds a suite of products, solutions, and services that aim to enable AI and multi-cloud.
Veeam joins the ranks of $1bil-revenue software companies
It’s also marked a milestone of 350,000 customers and outlined how it will begin the next stage of its growth.
Veeam enables secondary storage solutions with technology partner program
Veeam has worked with its strategic technology alliance partners to provide flexible deployment options for customers that have continually led to tighter levels of integration.
Veeam Availability Orchestrator update aims to democratise DR
The ability to automatically test, document and reliably recover entire sites, as well as individual workloads from backups in a completely orchestrated way lowers the total cost of ownership (TCO) of DR.
Nuix eyes legal sector as eDiscovery demand skyrockets
eDiscovery must encompass so much more than email and documents. If you haven’t looked at text messages and online chats, digital images, mobile devices, data in the cloud and social media, you’re not getting the whole story.
New ACS report reveals challenges ahead for blockchain
“Blockchain has some way to go before it becomes a mainstream technology."
Gen Z confidence in the economy is on the decline
Businesses need to work hard to improve their reputations.
Dell EMC launches interactive AI Experience Zones
The AI Experience Zones are designed to educate visitors about how to start, identify, and implement an AI project.