Tier-3 has launched Huntsman 5 which provides complete enterprise wide threat management, real time compliance and operational risk management capabilities.Ã‚Â Huntsman’s patented data analysis engine provides a real-time ability to monitor, analyse and understand each transaction on the enterprise as it happens and flags up when unacceptable event whether known or unknown occurs. Ã‚Â Huntsman collects and consolidates all information in real time from every network, server, application, end point device and security appliance in an organisation to provide a total view of all activity and then through one simple yet powerful console enables the state of all security technology to be escalated to provide an appropriate response to any threat.Ã‚Â
Version 5 Huntsman includes the Network Agent, which is a passive technology that unobtrusively resides in a customer environment and provides a real time view into the occurrence and behaviour of all assets the instant they connect to the network, even if for only a split second, instead of relying on the device to be turned on and available before a scan is run.
Forensic Audit Trail
The Network agent provides a forensically sound audit trail of every single network communication so enabling administrators to reconstruct a network flow over a historical time frame.
Asset Inventory & Detection Engine
The Network agent together with the asset inventory and detection agent will reveal attacks such as:
” Targeted zero day Trojans sending keystroke information to an internet site which had bypassed existing anti virus and content filtering counter measures.
” A user leaking data by tunnelling Secure shell traffic over HTTPS.
” A windows based machine rebooting as a Linux system.
” Unauthorised devices being plugged into a network.
Distributed File watch
Huntsman data collectors now feature the capability to monitor and detect modifications to important files across an organisation.Ã‚Â Important files may include those such as critical system files, passwords, executable and libraries which are useful to detect root kits and other malware installations as well as tracking business sensitive documents which may include trade secrets, employee information, commercial proposals and the like.