NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT), a leading provider of service assurance, security, and business analytics, today introduced NETSCOUT Arbor Edge Defence (AED), a new security solution that redefines the perimeter cybersecurity stack and serves as the first and last line of defence against multiple types of inbound and outbound threats.
“Data centre and network architectures are becoming increasingly distributed, straining traditional perimeter enforcement points. At the same time, targeted campaigns are now backed by internet-scale intrusions like NotPetya. The unique combination of stateless filtering, rigorous curation of threat intelligence, and ingestion of third party feeds, allows NETSCOUT to block outbound threats with the same level of confidence as the inbound DDoS attacks they’ve been blocking for years,” said Jeff Wilson, IHS Markit research director for cybersecurity.
Bringing Stateless Security to the Edge NETSCOUT AED is an always-on, in-line solution which can be deployed as a physical appliance or virtual network function. It sits outside the firewall, between the enterprise or data centre and the internet. A unique stateless packet processing engine provides efficient blocking of malicious traffic matching Indicators of Compromise (IoCs) without tracking any session state. As a result, NETSCOUT AED can make other perimeter defences more effective by protecting them from DDoS attacks, and offloading the overhead associated with applying millions of IoCs to traffic streams.
NETSCOUT AED leverages the Company’s proven market-leading DDoS technology that is already trusted by thousands of enterprises worldwide. As a result, it provides advanced packet-based protections against complex application-specific DDoS attacks and state-exhaustion techniques; as well as defenses against internet scale threats, neutralising the malware families that make up the global botnet threat. Armed with millions of reputation-based IoCs, NETSCOUT’s stateless packet processing engine can also detect and block outbound communication from internal compromised hosts that have been missed by other devices in the security stack; helping to stop further proliferation of malware and other tactics used within crimeware and advanced threat campaigns.
Operationalising Threat Intelligence NETSCOUT has the unprecedented ability to enable security and network teams to connect and correlate unique intelligence on emerging internet threats and trends, with visibility into what is happening across their entire internal organisation from a threat perspective. NETSCOUT’s Active Threat Level Analysis System (ATLAS®), collects, prioritises, and disseminates data on emerging threats based on our unique visibility into over one-third of all internet traffic. The ATLAS Security Engineering & Response Team (ASERT) is continuously and automatically delivering high fidelity threat intelligence via the ATLAS Intelligence Feed, enabling customers to not only block threats in real-time but enhance their defences over time.
NETSCOUT believes that effective threat intelligence not only identifies attacks but also provides context to understand and catalogue attack infrastructure, methods, related indicators to enable faster security decisions can be taken with greater confidence. NETSCOUT AED supports standards such as STIX/TAXII for ingestion of third-party threat intelligence and provides a robust REST API to integrate threat detection and blocking telemetry, and contextual threat intelligence into existing SOC workflows and management tools.
“NETSCOUT AED provides a scalable, high-efficiency means of detecting and blocking traffic matching threat intelligence. Using both our own ATLAS Intelligence Feed (AIF) and third-party IoCs ingested via STIX/TAXII, we can detect and block many of today’s threats while feeding information into other elements of the security stack via a robust set of APIs,” said Darren Anstee, NETSCOUT’s chief technology officer for security.
Why nation-state attacks are everyone’s problem
Hear from Invictus Games Sydney 2019 CEO, Patrick Kidd OBE and Head of Technology, @James-d-smith -share their insights on how they partnered with Unisys to protect critical data over an open, public WiFi solution.
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.
An interview with CSO's David Braue and Ian Yip, Chief Technology Officer, McAffee.
According to new research conducted by the Ponemon Institute, Australia and New Zealand have the highest levels of data breaches out of the nine countries investigated. This was linked to heavy investment in security detection and an under-investment in security and vulnerability response capabilities