Malware detection solutions provide actionable guidance, but action may be difficult with traditional defenses.
The fundamental challenge is illustrated by this excerpt from a NetCitadel (now owned by ProofPoint) case study: Responding to an incident frequently required coordinating with the network operations team through the use of a ticketing system. This hand-off delayed the response by hours, days and sometimes even weeks depending on the load of the network team and their availability, especially given that many of the serious attacks were discovered outside of normal business hours.
Delays enable malware to exfiltrate more data.
A simple API enables malware sensors to request automatic blocking of the most urgent threats, such as confirmed addresses or URLs of malware command and control servers. Security analysts use the NetDefender graphical user interface (GUI) to deploy critical blocking rules that require review.
The security architect needs to deploy innovative new network solutions. Some require inline deployment, which can conflict with the network architect’s uptime requirements. And the network architect faces expensive and complex traffic delivery solutions for detectors deployed off the data path.
NetDefender appliances provide a single network access point that delivers traffic to multiple instances of existing and evolving malware sensors. NetDefender fulfills network architects’ uptime requirements with the single, foundational inline presence, and fulfills security architect network defense needs with inline threat blocking and enabling new sensor deployment with a simple configuration change.
The LookingGlass CS-4000E Deep Packet Processing Platform is a converged network application and computing solution enabling flexible and rapid responses to emerging threats and changing network conditions.
The LookingGlass CS-4000 Secure Deep Packet Processing platform is a key component of a cybersecurity defense solution holding the U.S. Director of Central Intelligence Directive (DCID) 6/3 Protection Level Five (PL5) accreditation.