Cyber attacks are getting increasingly sophisticated, making the traditional security solutions inadequate. We need to continuously identify different types of new unknown threats and adapt the level of our security tools accordingly. One of the solutions for advanced securing of your infrastructure is Cisco Stealthwatch. The original product was developed in the US Secret Service environment and it is still being used to detect potential and ongoing IT infrastructure attacks.
GAIN VISIBILITY OF YOUR NETWORK
The solution provides network traffic behavior analysis based on the advanced Netflow protocol. What it means is that Cisco Stealthwatch tracks changes in user behavior across the network. Based on collected data, it can evaluate irregular behavior and alert you of any potential security threat in advance.
Cisco Stealthwatch alerts you to:
- Suspicious user or system behavior
- Atypical user communication (sending too many emails, …)
- Transfer of abnormal amounts of data
- Infected websites or downloading of suspicious files
- Revealing resources in your network targeted by scans or other dangerous attacks from the outside or inside of your organization
- Attacker identification
- Network policy violation
- Recognizing communication to “undesirable” targets
WHY CISCO STEALTHWATCH?
CONTINUOUS NETWORK MONITORING
Nonstop monitoring of devices, applications and users across all your distributed networks.
By deploying StealthWatch you increase overall visibility of the network communication of individual devices and employees in your company. It will become easier for you to identify suspicious activities that were previously hard to detect.
One of the unique features is information deduplication. Data is merged into a single data set, making it easier to interpret. Stored as bi-directional records, the data can also be complemented from other sources (firewall logs, proxies, …).
A huge advantage is its integration with your existing network infrastructure and other Cisco products. You have more valuable information available making your security reports more specific.
HIGH QUALITY DETECTION
Stealthwatch collects data from your network on a daily, weekly and monthly basis. It remembers statistical samples for much longer and uses it as reference guaranteeing better quality outputs.
SPEED UP THREAT DETECTION
Alarms prioritised by threat severity alert you of any suspicious behavior. Based on that you know which issue is the most critical allowing you to respond more quickly to the potential malicious activity.