ADVANCED THREAT PROTECTION
The challenge of protecting the organization from today’s Advanced Persistent Threat (APT) is a primary focus in every industry. As we see from numerous high-profile data breaches that illustrate, to stop 100% of malware is unrealistic. But we will need to ensure data movement is monitored, malware is prevented signature-less, so that we can reduce or in most cases, prevent advanced threats and data loss from happening.
Enterprises that implement advanced threat protection are better able to detect threats early and more quickly formulate a response to minimize damage and recover should an attack occur
Advanced Threat Protection and More
Intrusion detection and prevention (IDPS) – Works in real time to protect against intrusions, malware, and viruses, providing full event detail. Includes visual rule creation and editing, as well as category-based malware rules.
Ultimate data hijacking protection – Includes automatic containment of infectious malware to prevent data exfiltration across all ports and protocols, including TCP and UDP ports. Enables data flow restrictions by country, organization, or subnet. Provides simple configuration with out-of-the-box policy templates, or the ability to define customized rules.
Network baselining for anomaly detection – Establishes normal network traffic behavior over all channels, with continuous monitoring of packets, bytes, and connections. Anomaly behavior is automatically detected and stopped before loss occurs. Includes real-time alerts and drill-down forensics for anomalous traffic.
Bandwidth optimization – Enforces intelligent policies to shape traffic only when needed. Contains 50 predefined categories for easy identification and shaping of traffic, and a real-time, dynamic bandwidth dashboard and plotter for better visibility and control
Signature-based malware prevention and breach detection – Combines a proprietary malware registry with best-of-breed industry signature databases.
Command and Control (CnC) callback monitoring – Thwarts cyber-attacks such as network probes and port scans. Also includes geolocation to identify callback origination across all ports and protocols, and the ability to scan for threats using DNS, IP, SSH, IMAP, POP, and many other protocols.
Infected machine auto-locking and SDN integration – Blocks Internet communication and quarantines internal outbreaks.
Global cloud threat intelligence – Analyzes and predicts threat behavior with crowd-sourced threat intelligence for signatures and samples.
Time-saving Incident Response Center – Delivers real-time malware detection for prioritized response, with reduced noise and deep forensic analysis to minimize false positives. Shortens time to remediation and saves IT resources by delivering focused results that correlate alert information to directory user/machine name, along with a snapshot of global historical outbreaks.