Highway Into the Gravity Zone: Advanced Security for All Organizations—Part Two
By CMD Technology Group
3 min read
Chances are, you’ve heard the expression, “loose lips sink ships.” Coined by the American War Advertising Council, the warning referenced careless talk that could undermine the war effort. Today, in the battle against cyber threats, IT staff are at war in protecting their networks against constant attacks. Knowing who your endpoints are talking to and what they are sharing is hugely critical. Careless communication damages system administration. Clearly not a wordsmith, moving on with the blog!
It cannot be stated enough how resilient and adaptable network security needs to be today, and it’s not hard to see why, when you consider the volume of new threats developed every day. Added to that, many of you probably deal with increased regulations and scrutiny to ensure the privacy of sensitive data. Today, users expect more connectivity through their apps and devices to accomplish their tasks; this, in turn, has led to the proliferation of IoT devices. If it has an IP address, you need to know who it’s talking to, yes, even the coffee maker in the break room.
Don’t let unmonitored network communications sink your system
Bitdefender Network Security Analyzer
To address these challenges, reduce blind spots, and modernize network security, Bitdefender recently released Network Security Analyzer (NTSA) and Probe as a solution to these challenges (available as hardware appliance and virtual machine). Built for enterprise security, NTSA monitors all network traffic and detects advanced attacks in real-time. NTSA monitoring has little to no impact on network performance and provides simple management through a single pane of glass for all endpoints. Now, you can quickly see who your endpoints are talking to, whether they are security cameras or even that coffee maker in the break room!
“It’s 10 PM, do you know where your children are?”
Many of you will remember that line from the long-running PSA that aired in the US. In many ways, that reminder is appropriate for network admins and their endpoints. Even relatively “small” organizations have an exponentially higher number of endpoints to monitor, thanks to the adoption of BYOD, remote workers, and IoT. Knowing what payloads are being delivered and where is a valuable insight to guard against malware.
So how is this done exactly? As mentioned earlier, Bitdefender NTSA is comprised of two components, the analyzer, and a probe. Working in parallel to your network infrastructure, Bitdefender Probe monitors network traffic using SPAN data or Mirror traffic without impacting your network performance. The probe takes this data and converts it into IPFIX metadata then analyzes it for malware. The great thing about this technique is that information does not need to be decrypted for the analysis to take place. NTSA never looks at confidential data, maintaining strict privacy of your data. If you’re in a heavily regulated industry or work with government contracts, this is a huge plus!
Keep your payloads out of bad neighborhoods with zero impact on network performance and total privacy.
Simply put, NTSA gives you visibility. Knowing exactly what is going on in the network gives you the needed insight to effectively handle security situations swiftly before a situation becomes catastrophic. But NTSA takes matters a step further by helping to remediate situations when they occur. An automated alert triage called IntelliTriage was recently added to help improve incident response and alleviate alert fatigue.
Part of the security juggling act is remaining vigilant when receiving high volume of alerts and false positives. Too many alerts can be like the boy who cried wolf, which leads to complacency and inaction when a real threat emerges. Addressing this challenge, IntelliTriage leverages the same machine learning and behavior analytics found in all Gravity Zone bundles (discussed in part one).
IntelliTriage’s detailed forensics is based on massive amounts of data collected through the largest sensor network in use today. The behavior analytics takes threat insight beyond malware signatures, detecting new threats based on behavior. Once a genuine threat is identified and located, NTSA will recommend remediation suggestions. Moving forward, Bitdefender is looking at automating remediation steps, so expect to see new features as they continue to develop the technology.
Visibility &
Real-Time Awareness
To complement your existing security tools.
Is Bitdefender NTSA right for you?
To determine whether NTSA is right for you, it’s important to remember that Bitdefender NTSA is purpose-built as an enterprise solution. It’s recommended that you have someone dedicated to security. Otherwise, the alerts and reports generated can become overwhelming and be counter-productive. In some cases, small organizations have found success by partnering with an MSP or MSSP to handle tasks.
Bitdefender offers a wide variety of solutions for businesses and organizations facing many different risk factors. So if NTSA isn’t a good fit now, checkout their other security solutions. You can see a comparison of their bundles here. If you would like to know more about Bitdefender NTSA, you can request a demo here or reach out to us if you have any questions about NTSA or any other Bitdefender solutions.
afernandez@cmdtg.com | (407) 442-0265
Virtual Machine Requirements
Bitdefender’s network traffic security solution is comprised of two components:
VMware Software:
Minimum: VMware ESXi 5.1 & higher
Recommended: VMware ESXi 5.1 & higher
Minimum: 140 GB
Recommended: 140 GB
CPU Cores:
Minimum: 4
Recommended: 8
Memory:
Minimum: 8
Recommended: 8
VMware Software:
Minimum: VMware ESXi 4.1 & higher
Recommended: VMware ESXi 4.1 & higher
Minimum: 15 GB
Recommended: 15 GB
CPU Cores:
Minimum: 2
Recommended: 4
Memory:
Minimum: 4
Recommended: 8
If you have a question about any of our solutions or any feedback you’d like to share, contact us. We would love to hear from you!
afernandez@cmdtg.com | (407) 442-0265