The new patent extends the original patent issued in February 2007 for Lancope's flow-based technology using statistical analysis of sampled packets to detect network intrusions. Flow analysis processes network traffic from routers and switches to identify suspicious behaviors without using signatures. Lancope's application of flow-based detection technology helps unify real-time network visibility, performance monitoring and anomaly detection at network speeds up to 10 Gbps, and also improves accuracy and reliability.
Lancope's StealthWatch System uses a flow-based approach to detect intrusions in computer communication networks. Data packets representing communications between hosts in a computer-to-computer communication network are processed and assigned to various client/server flows. Statistics are collected for each flow. Then, the flow statistics are analyzed to determine if the flow appears to be legitimate traffic or suspicious activity. A concern index value is assigned to each flow that appears suspicious. By assigning a value to each flow that appears suspicious and adding that value to the total concern index of the responsible host, it is possible to identify hosts that are engaged in intrusion activity. When the concern index value of a host exceeds a preset alarm value, an alert is issued and appropriate action can be taken.
"With our fourth U.S. patent for flow-based network intrusion detection, Lancope and StealthWatch are again recognized for pioneering technology that streamlines network, security and virtual monitoring into once process, and reduces the time and cost of network security and network operations management," said Harland LaVigne, president and CEO of Lancope. "Our patented technology and innovation derive from meeting our customers' demands for accuracy, speed and reliability in network protection and optimization."
StealthWatch is the first and only flow-based solution to combine network performance monitoring with real-time behavior-based anomaly detection. As a result, enterprises gain network visibility along with improved security and performance. Unlike traditional perimeter-based security technologies that require probes, agents and continuous signature updates, StealthWatch patented flow-based technology leverages flow information from existing routers and switches to lower the cost of monitoring and protecting the network. StealthWatch can stop attacks that other IDS/IPS devices routinely miss without requiring attack signatures, without creating performance bottlenecks on internal network segments and without the need for intricate policy coordination across dozens of IDS/IPS devices.
Lancope(R), Inc. is the provider of the StealthWatch(R) System, the most widely used network behavior analysis (NBA) solution that combines flow-based anomaly detection and network performance monitoring.
Delivering unified visibility across physical and virtual networks, StealthWatch eliminates network blind spots and reduces total network and security management costs. StealthWatch streamlines security, network and virtual monitoring into one process, reduces time and resources, and eliminates the costs and complexity associated with non-integrated point products. Both OPSEC and Common Criteria-certified, StealthWatch received the 2008 and 2007 Global Excellence Award in NBA. Defending the networks of Global 2000 organizations, academic institutions and government entities, StealthWatch protects hundreds of enterprise customers worldwide, more than all direct competitors combined. Lancope also partners with fellow best-of-breed solution providers through its Technology Alliance Program, which includes Cisco Systems, Brocade, Blue Coat, VMware, IBM Tivoli, Check Point, TippingPoint, ArcSight and A10 Networks. Lancope is a privately held, venture-backed company headquartered in Atlanta, Georgia. For more information, visit www.lancope.com.
(C)2009 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners. StealthWatch is covered by U.S. Patent Nos. 7,290,283; 7,185,368; 7,475,426; 7,512,980 and other U.S. and foreign patents pending.