Security Analytics Virtual Appliance by Solera Blue Coat Advanced Threat Protection soleranetworks.com Security Empowers Business THE CHALLENGE There is a major drive in nearly every industry to virtualize IT assets and infrastructure. Enterprises are virtualizing their data centers, applications and mission-critical systems. Virtualization has reduced capital expenses and IT footprint, resulting in great savings—but not without a cost. Unfortunately, advanced malware and targeted attacks have evolved to target data centers, branches, and remote offices, and now infiltrate virtual environments, threatening mission-critical systems wherever they reside. IT organizations must gain complete enterprise-wide visibility to monitor, detect and analyze these advanced threats, even within virtual environments. To mitigate the risks advanced threats pose to virtual environments, organizations must implement advanced threat protection solutions that fit into their existing virtual IT infrastructure. IT organizations need to see into their physical enterprise network as well as the activity within the virtual infrastructure, thereby achieving full security visibility and situational awareness into advanced malware and attacks. Big Data security analytics solutions can provide these capabilities, allowing enterprises to detect advanced threats and enable swift incident response and mitigation. However, enterprises must also find a solution that: • Is easily deployed in remote or branch offices and any existing virtual environment, without compromising complete security visibility • Works with both physical and virtual network environments • Integrates with existing security tools to deliver greater context and leverage security processes, workflow, and available security alerts and threat intelligence • Scales with continued growth in virtual data centers, servers, applications and network traffic THE SOLUTION Security Analytics Virtual Appliance by Solera is the industry’s first and only Big Data security analytics platform available as a virtual appliance. It includes the same advanced security analytics technology found in the high performance, pre-configured Solera Security Analytics Appliances, but also provides complete visibility into virtual networks and private and hosted clouds. As a virtual appliance, SOLUTION DESCRIPTION The first and only virtual appliance for Big Data security analytics, delivering unprecedented visibility and threat detection for any virtual environment. KEY FEATURES • Fully featured Big Data security analytics solution in a flexible virtual appliance • Complete network capture (Layers 2-7), indexing, classification, storage and replay • Performance and scalability to support any cloud or virtual network infrastructure • Virtualized central management to gain enterprise-wide visibility • Support for all leading enterprise virtual environments and infrastructures • Seamless integration with Blue Coat ThreatBLADES • Integration with industry’s leading network security tools Datasheet A BLUE COAT COMPANY Security Analytics Virtual Appliance Big Data Security Analytics in any Virtual Envrionment SECURITY IS ABOUT WHAT YOU MAKE POSSIBLE Security Analytics VIRTUAL APPLIANCE by Solera
3
Embed
SOLUTION DESCRIPTION › datasheets › Blue-Coat_Security_Analytics... · 2015-08-12 · delivering unprecedented visibility and threat detection for any virtual environment. KEY
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Security Analytics Virtual Appliance by Solera Blue Coat Advanced Threat Protection
soleranetworks.com Security Empowers Business
THE CHALLENGEThere is a major drive in nearly every industry to virtualize IT assets and infrastructure. Enterprises are virtualizing their data centers, applications and mission-critical systems. Virtualization has reduced capital expenses and IT footprint, resulting in great savings—but not without a cost. Unfortunately, advanced malware and targeted attacks have evolved to target data centers, branches, and remote offices, and now infiltrate virtual environments, threatening mission-critical systems wherever they reside. IT organizations must gain complete enterprise-wide visibility to monitor, detect and analyze these advanced threats, even within virtual environments.
To mitigate the risks advanced threats pose to virtual environments, organizations must implement advanced threat protection solutions that fit into their existing virtual IT infrastructure. IT organizations need to see into their physical enterprise network as well as the activity within the virtual infrastructure, thereby achieving full security visibility and situational awareness into advanced malware and attacks. Big Data security analytics solutions can provide these capabilities, allowing enterprises to detect advanced threats and enable swift incident response and mitigation. However, enterprises must also find a solution that:
• Is easily deployed in remote or branch offices and any existing virtual environment, without compromising complete security visibility
• Works with both physical and virtual network environments
• Integrates with existing security tools to deliver greater context and leverage security processes, workflow, and available security alerts and threat intelligence
• Scales with continued growth in virtual data centers, servers, applications and network traffic
THE SOLUTIONSecurity Analytics Virtual Appliance by Solera is the industry’s first and only Big Data security analytics platform available as a virtual appliance. It includes the same advanced security analytics technology found in the high performance, pre-configured Solera Security Analytics Appliances, but also provides complete visibility into virtual networks and private and hosted clouds. As a virtual appliance,
SOLUTION DESCRIPTION
The first and only virtual appliance for Big Data security analytics, delivering unprecedented visibility and threat detection for any virtual environment.
KEY FEATURES
•Fully featured Big Data security analytics solution in a flexible virtual appliance
•Complete network capture (Layers 2-7), indexing, classification, storage and replay
•Performance and scalability to support any cloud or virtual network infrastructure
•Virtualized central management to gain enterprise-wide visibility
•Support for all leading enterprise virtual environments and infrastructures
•Seamless integration with Blue Coat ThreatBLADES
• Integration with industry’s leading network security tools
DatasheetA BLUE COAT COMPANY
Security Analytics Virtual Appliance Big Data Security Analytics in any Virtual Envrionment
SECURITY IS ABOUT WHATYOU MAKE POSSIBLE
Security AnalyticsV I R T U A L A P P L I A N C E by Solera
soleranetworks.com Security Empowers Business
this solution delivers a cost-effective option for branch, small and medium enterprise deployments.
Security Analytics Virtual Appliance provides complete visibility into all network traffic, including traffic between applications running in the virtual network. It delivers the world’s most flexible and cost-effective solution for unified Big Data security analytics, threat intelligence, and security visibility—enabling superior advanced threat protection.
Combined with all-new Blue Coat ThreatBLADES, the Security Analytics Virtual Appliance levels the battlefield against advanced threats and targeted malware attacks, giving security professionals clear and concise insights with answers to the toughest security questions. The virtual appliance leverages the award-winning Solera Security Analytics Software, which records and classifies every packet of network traffic—from Layer 2 through Layer 7—while indexing and storing the data to provide comprehensive intelligence and analytics. The result is clear, actionable evidence for real-time situational awareness, continuous monitoring, advanced malware detection, incident response and resolution, data loss monitoring and analysis, organization policy compliance, and security assurance.
Security Analytics Virtual Appliance
Flexible Deployment – Security Analytics Virtual Appliance offers the easiest way to implement and deploy Big Data security analytics. It can be deployed on a laptop, desktop, or enterprise server anywhere in an enterprise network—from branch office to data center.
Application Classification – Comprehensive deep-packet inspection (DPI) classifies more than 1,200 applications and supplies thousands of descriptive metadata details. This feature efficiently identifies applications and also provides descriptive information about a network session, including application, identity, geographic location and more.
Real-time Threat Intelligence – Blue Coat ThreatBLADES integrate directly with the Security Analytics Virtual Appliance. ThreatBLADES leverage the Blue Coat WebPulse Collaborative Defense Cloud and the “network effect” from more than 75 million end points, providing instant, actionable intelligence on threats delivered via web, file or e-mail. Additionally, the Solera Threat Profiler is a security game-changer in detecting advanced threats. This innovative technology automatically extracts and analyzes any file—including the most prevalent and malicious file types—which enables immediate, automatic identification and alerting of advanced and zero-day threats.
Layer 2 to 7 Analytics – Security Analytics Software—pre-installed on the Security Analytics Virtual Appliance—provides a variety of analytics to strengthen incident response and resolution with comprehensive and conclusive analysis. Key analytic capabilities include full session reconstruction; real-time reputation look up; IM, email, and image reconstruction; Root Cause Explorer; and delivery of complete artifacts, not just packets.
Context-aware security – The Security Analytics Virtual Appliance integrates with best-of-breed network security technologies to pivot directly from any alert or log
KEY BENEFITS
•Gain full security visibility into threats and 100% situational awareness of any network activity
•Capture and port all virtual traffic to physical security tools for comprehensive analysis
•Reduce IT footprint and save valuable resources with minimal capital expenditure
•Easily deploy and manage in stand-alone or distributed networks
•Remotely deploy anywhere in the network for on-demand incident response
•Add full context to any alert from leading security solutions
Solera Networks Headquarters10713 South Jordan GatewaySuite 100South Jordan, Utah 84095
ABOUT SOLERA NETWORKS, A BLUE COAT COMPANYSolera Networks, a Blue Coat Company, is the industry’s leading provider of big data security analytics for advanced threat protection. Its award-winning Solera
Platform levels the battlefield against advanced targeted attacks and malware, and gives security professionals clear and concise answers to the toughest security
questions. The Solera Platform is powered by next-generation deep-packet inspection and indexing technologies, full-packet capture, malware analysis and real-
time security intelligence and analytics capabilities. Global 2000 enterprises, cloud service providers and government agencies rely on Solera for real-time situational
awareness, continuous monitoring, security incident response, advanced malware detection, data loss monitoring and analysis, organization policy compliance
and security assurance—allowing them to respond quickly and intelligently to advanced threats and attacks, while protecting critical information assets, minimizing
exposure and loss, and reducing business liabilities.
Security AnalyticsV I R T U A L A P P L I A N C E by Solera
Security AnalyticsS O F T W A R E by Solera
Security AnalyticsA P P L I A N C E by Solera
Interfaces Capacity Minimum CPU & RAM Virtual Environments
1—Virtual Management Interface3—Virtual Capture or Replay Interfaces
500GB, 2TB, 5TB or 10TB of usable storage
2-Core CPU with8 GB RAM
VMware ESXservers, and VMware Workstation
and obtain full-payload detail of the event before, during and after the alert. The open, web services REST API adds complete context to any security tool and lets you leverage leading technologies such as Dell SonicWALL™, FireEye™, HP ArcSight™, McAfee®, Palo Alto Networks™, Sourcefire®, Splunk®, and many other security applications.
Root Cause Explorer – Using extracted network objects, this tool reconstructs a timeline of suspect web sessions, emails, and chat conversations. By automatically enumerating these events, Root Cause Explorer helps the analyst quickly identify the source of an infection or compromise and reduce time-to-resolution.
Root Cause Explorer: Quickly determine the root source of any threat