Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

10/16/2012
03:59 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Arbor Networks Introduces Pravail Network Security Intelligence (NSI) Solution For Advanced And Insider Threats

Pravail NSI helps close security gaps left by firewalls and intrusion prevention systems

Chelmsford, MA, October 15, 2012 – Arbor Networks, Inc., a leading provider of network security and management solutions for enterprise and service provider networks, today introduced a new solution in its Pravail portfolio for enterprise and government network operators. Pravail Network Security Intelligence (NSI) monitors network traffic data and uses advanced analytics to help organizations close the security gaps left by firewalls and intrusion prevention systems (IPS). It looks inside the network and delivers the situational awareness required to identify advanced threats, internal network misuse or abuse, and also infected mobile devices connected to the network.

With the release of Pravail NSI, Arbor has created a platform for delivering actionable security intelligence that is critical for identifying and stopping attacks. Arbor's Pravail family also includes the Availability Protection System (APS), which looks out from the network perimeter to detect and mitigate, in real-time, application layer DDoS attacks. These stealthy attacks are the primary threat to security infrastructure solutions today which, if compromised, can threaten the very availability of networks themselves.

"Pravail NSI leverages Arbor's threat detection technology which has been deployed in enterprise networks since 2003. The threat landscape has changed dramatically in the past two or three years, let alone over the past decade. Pravail NSI extends those capabilities to address an acute concern for businesses today, the damage to the bottom line and brand integrity that can come from an undetected advanced or insider threat," said Arbor Networks President Colin Doherty.

According to Gartner analyst John Pescatore in a report titled Strategies for Dealing with Advanced Targeted Threats, "Targeted attacks are penetrating standard levels of security controls and causing significant business damage to enterprises that do not evolve their security controls. Gartner estimates that, for the average enterprise, 4% to 8% of executables that pass through antivirus and other defenses are malicious. Enterprises need to focus on reducing vulnerabilities and increasing monitoring capabilities to deter or more quickly react to evolving threats, and not focus on what country the attacks are coming from."

Pravail NSI offers a comprehensive view of all activities occurring in, on and around the network including Bring Your Own Devices (BYOD) that are accessing corporate resources, botnet communication and application misuse. Using Pravail NSI, IT teams have the ability to:

· Identify and address misuse of corporate resources and servers

· Detect and defend against advanced threats including malware and botnets

· Monitor critical services and systems and alert to suspicious activities that put data at risk

· Remove infected hosts on the network

· Monitor network activity of trusted users and identify suspicious activity; associate user ID to all network activity

· Identify new devices on the network

· Leverage detailed intelligence from inside the network into users, applications, services, domains and URLs

The ATLAS® Advantage: Global Intelligence, Automated Threat Protection

Arbor's Peakflow® traffic management and network security platform is pervasively deployed in Tier 1 and Tier 2 service provider networks globally. In conjunction with more than 230 ISP customers, Arbor has developed the one of a kind ATLAS® Internet threat monitoring system. With more than 35Tbps of Internet traffic intelligence, Arbor is able to develop a unique, globally-scoped view of malicious traffic traversing backbone networks that form the Internet's core.

Active Threat Feed (ATF)

Arbor's world-class security research team, ASERT, uses information from ATLAS and other sources to develop 'fingerprints' or profiles of attacks in the wild. Pravail NSI relies on ASERT's Active Threat Feed (ATF) to stay up-to-date against the latest attacks. ATF is Arbor's subscription service for distributing attack fingerprints, as well as detailed information and mitigation strategies. It is the industry's only global, 24x7 subscription-based activity-based fingerprint service. Using ATF information, Pravail NSI inspects, analyzes and then categorizes network traffic into a composite threat, enabling security administrators to identify worms, botnets and malware at a glance. Many IT teams are stretched thin and struggling to manage their complex network security infrastructure. ATLAS and the ATF simplify security by automatically updating the Arbor products deployed in customer networks with the latest threat signatures, saving IT teams significant time and effort by eliminating the need for manual security updates.

Supporting Resources:

· Pravail&trade NSI data sheet

· Pravail&trade NSI Application Intelligence data sheet

· Pravail&trade NSI Enterprise-Wide Controller data sheet

· Advanced Threats: Why You Have to See It to Protect it {blog post}

About Arbor Networks

Arbor Networks, Inc. is a leading provider of network security and management solutions for enterprise and service provider networks, including the vast majority of the world's Internet service providers and many of the largest enterprise networks in use today. Arbor's proven network security and management solutions help grow and protect customer networks, businesses and brands. Through its unparalleled, privileged relationships with worldwide service providers and global network operators, Arbor provides unequalled insight into and perspective on Internet security and traffic trends via the ATLAS® Active Threat Level Analysis System. Representing a unique collaborative effort with 230+ network operators across the globe, ATLAS enables the sharing of real-time security, traffic and routing information that informs numerous business decisions.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
The Data-Centric Path to Zero Trust
Altaz Valani, Director of Insights Research, Security Compass,  1/13/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).