Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.
  • 24 October 2018 11:09


New NETSCOUT Arbor Edge Defense Solution is the First and Last Line of Defense with Automated Detection and Blocking of Inbound and Outbound Threats

NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT), a leading provider of service assurance, security, and business analytics, today introduced NETSCOUT Arbor Edge Defence (AED), a new security solution that redefines the perimeter cybersecurity stack and serves as the first and last line of defence against multiple types of inbound and outbound threats.

“Data centre and network architectures are becoming increasingly distributed, straining traditional perimeter enforcement points. At the same time, targeted campaigns are now backed by internet-scale intrusions like NotPetya. The unique combination of stateless filtering, rigorous curation of threat intelligence, and ingestion of third party feeds, allows NETSCOUT to block outbound threats with the same level of confidence as the inbound DDoS attacks they’ve been blocking for years,” said Jeff Wilson, IHS Markit research director for cybersecurity.

Bringing Stateless Security to the Edge NETSCOUT AED is an always-on, in-line solution which can be deployed as a physical appliance or virtual network function. It sits outside the firewall, between the enterprise or data centre and the internet. A unique stateless packet processing engine provides efficient blocking of malicious traffic matching Indicators of Compromise (IoCs) without tracking any session state. As a result, NETSCOUT AED can make other perimeter defences more effective by protecting them from DDoS attacks, and offloading the overhead associated with applying millions of IoCs to traffic streams.

NETSCOUT AED leverages the Company’s proven market-leading DDoS technology that is already trusted by thousands of enterprises worldwide. As a result, it provides advanced packet-based protections against complex application-specific DDoS attacks and state-exhaustion techniques; as well as defenses against internet scale threats, neutralising the malware families that make up the global botnet threat. Armed with millions of reputation-based IoCs, NETSCOUT’s stateless packet processing engine can also detect and block outbound communication from internal compromised hosts that have been missed by other devices in the security stack; helping to stop further proliferation of malware and other tactics used within crimeware and advanced threat campaigns.

Operationalising Threat Intelligence NETSCOUT has the unprecedented ability to enable security and network teams to connect and correlate unique intelligence on emerging internet threats and trends, with visibility into what is happening across their entire internal organisation from a threat perspective. NETSCOUT’s Active Threat Level Analysis System (ATLAS®), collects, prioritises, and disseminates data on emerging threats based on our unique visibility into over one-third of all internet traffic. The ATLAS Security Engineering & Response Team (ASERT) is continuously and automatically delivering high fidelity threat intelligence via the ATLAS Intelligence Feed, enabling customers to not only block threats in real-time but enhance their defences over time.

NETSCOUT believes that effective threat intelligence not only identifies attacks but also provides context to understand and catalogue attack infrastructure, methods, related indicators to enable faster security decisions can be taken with greater confidence. NETSCOUT AED supports standards such as STIX/TAXII for ingestion of third-party threat intelligence and provides a robust REST API to integrate threat detection and blocking telemetry, and contextual threat intelligence into existing SOC workflows and management tools.

“NETSCOUT AED provides a scalable, high-efficiency means of detecting and blocking traffic matching threat intelligence. Using both our own ATLAS Intelligence Feed (AIF) and third-party IoCs ingested via STIX/TAXII, we can detect and block many of today’s threats while feeding information into other elements of the security stack via a robust set of APIs,” said Darren Anstee, NETSCOUT’s chief technology officer for security.

Submit a media release

Editor's Recommendations

Solution Centres


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release