Identity, app and mobile device monitoring
Lancope unveiled the latest version of its StealthWatch System, which harnesses the power of NetFlow and other flow data from existing infrastructure to cost-effectively deliver end-to-end visibility for vastly improved network and security operations.
Version 6.2 introduces new virtualized appliances, as well as enhanced capabilities for identity, application and mobile device monitoring.
It includes a wide range of new features designed to help customers embrace next-generation technologies, combat sophisticated cyber attacks, and address trends such as virtualization and bring-your-own-device (BYOD) environments.
Key capabilities include:
- New virtualized deployment options, enabling users to experience many benefits including lower hardware, maintenance and energy costs, recovered data center floor space, higher availability, reduced disaster recovery expenses, faster server deployments and optimized server capacity.
- Integration with the Cisco Identity Services Engine (ISE), a powerful and flexible attribute-based access control solution that provides customized access to corporate resources based on user/endpoint identity. The ISE adds to the identity data available for analysis through StealthWatch, including valuable information on the types of devices being used, their security posture, and where they are physically located.
- Comprehensive mobile device security as it passively monitors network traffic and detects issues stemming from any device – including personal smartphones, tablets or laptops – without having to install additional software on the device or deploy expensive probes. The system now aggregates additional device and identity data into its overall view of network activity to further enhance mobile security and protect critical resources.
- Advanced application awareness – version 6.2 adds URL data to the flow records generated by the StealthWatch FlowSensor. Previously unavailable from most flow sources, URL data enables administrators to differentiate between web applications to more easily determine which ones are causing performance or security problems. Users can now identify both the hostname of the server, as well as any error messages within the flow, to further aid network troubleshooting and forensic investigations.
Additional enhancements include:
- The ability to consume flow data from Palo Alto Networks’ Next-Generation Enterprise Firewalls,
- Support for IPFIX, and
- FIPS 140-2 support through the RSA BSAFE Crypto-J cryptographic module.