(Ping! Zine Web Hosting Magazine) – Lancope, Inc., a leader in network visibility and security intelligence, today unveiled its new ProxyWatch™ solution for enhanced security context at RSA Conference 2015. A key component of the StealthWatch® System 6.7 release, the ProxyWatch solution extends network visibility and provides more in-depth insight for enhanced threat detection, incident response and forensics.
“Traditionally, traffic on either side of a web proxy is not tied together, and communications that traverse a proxy server appear as two separate conversations,” said Kerry Armistead, vice president of product management for Lancope. “This hinders network and security troubleshooting by associating an incident with the proxy address instead of the actual address causing the issue. In our continuous efforts to improve the way enterprises visualise and defend their networks, Lancope’s new ProxyWatch solution provides a key new layer of security awareness for faster, more precise threat protection.”
When deployed with the StealthWatch System, the ProxyWatch solution enables organisations to see the translated address associated with the other side of a proxy conversation, enhancing organisations’ ability to effectively pinpoint the source of threats and expedite Mean Time to Know (MTTK). The solution ingests proxy records and associates them with flow records, delivering the user, application and URL information for each flow to enable powerful, context-aware security analytics.
With the ProxyWatch solution, security analysts can see exactly who within their organisation went to a specific web site, and can also evaluate the URL data against Lancope’s StealthWatch Labs Intelligence Center (SLIC) Threat Feed to determine whether the site was malicious. ProxyWatch users can also see when a session began and ended and how much data was transferred between the host and destination address.
“Network visibility is a critical piece of the security puzzle, but it is even more effective when combined with contextual data,” added Armistead. “By providing visibility into proxy conversations, and also delivering important details such as user data, the ProxyWatch solution can greatly enhance an organisation’s ability to thwart sophisticated attacks and avoid damaging data breaches.”
Lancope has long been dedicated to providing in-depth network insight and security intelligence for large, distributed networks. Hundreds of enterprises around the world rely on Lancope and the StealthWatch System to collect and analyse massive amounts of security data for faster, more informed threat detection and investigation. By continuously monitoring communications inside the network, Lancope can detect both sophisticated external attacks that bypass perimeter defenses as well as stealthy insider threats.
The Lancope ProxyWatch solution will be available in May 2015 for Blue Coat, Squid, Cisco and McAfee proxy servers as part of the StealthWatch System 6.7 release.* Lancope is showcasing the solution this week at RSA Conference Booth #N4211. Those interested should stop by the booth or contact [email protected] for further details. Additional information on the ProxyWatch solution can also be found at https://www.lancope.com/resources/data-sheets/extend-network-visibility-and-security-context.
*Additional charges apply for the ProxyWatch solution. Please contact [email protected] for pricing.
Lancope, Inc. is a leading provider of network visibility and security intelligence to protect enterprises against today’s top threats. By analyzing NetFlow, IPFIX and other types of network telemetry, Lancope’s StealthWatch® System delivers Context-Aware Security Analytics to quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Combining continuous lateral monitoring across enterprise networks with user, device and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. For more information, visit www.lancope.com.