Ixia’s ThreatARMOR Improves Security Tool Efficiency of Large-Scale Enterprise Data Centers at 10Gb Network Speeds
June 2016 by Coline Magne
lxia announced the launch of ThreatARMOR 10G, which delivers IP address filtering at 10Gb network speeds with continually updated real-time threat intelligence that boosts the efficiency of next-generation firewalls and intrusion prevention systems.
According to a recent report by the Ponemon Institute1, the barrage of security events facing the modern enterprise means only 29 percent of alerts are investigated and 40 percent of those that are, turn out to be false positive. This means that the bulk of security events which would indicate an ongoing breach are never investigated, leading to an average of 170 days to detect an advanced attack. This enables an intruder to steal sensitive data and damage internal systems.
ThreatARMOR filters traffic from known-bad IP addresses, hijacked IPs, and untrusted countries greatly reducing the number of security alerts. By eliminating automated probes and scans, DDoS attacks from untrusted countries and hijacked IPs, and phishing and botnet connections, ThreatARMOR allows security teams to enable enhanced detection features on their existing security tools and focus on meaningful security alerts that indicate an active breach also improving the efficacy of SIEM tools.
ThreatARMOR 10G enables customers with large networks and data centers to:
– Filter traffic from known bad IP addresses at full 10Gb line speeds – helping to stop malware downloads, network reconnaissance, and other exploits from those known bad addresses
– Identify and prevent infected internal devices from communicating to known botnet C&C servers
– Remove traffic by geography from entire countries that likely have no valid reason to access the network
– Filter unused or unassigned IP addresses, and hijacked domains often used in DDoS attacks
ThreatARMOR saves customers the time and cost of reviewing the flood of unnecessary notifications generated by their security systems, which can overwhelm security teams and risk critical alerts being missed. Enterprises spend approximately 21,000 hours per year on average dealing with false positive cyber security alerts, according to a Ponemon Institute report2 published in 2015.
Ixia’s professional-grade Application and Threat Intelligence (ATI) Research Center has over a decade of experience providing threat intelligence to the world’s largest service providers and security equipment manufacturers for testing the efficacy of their cyber security products and systems.
Ixia’s ATI program develops the threat intelligence for ThreatARMOR and a detailed “Rap Sheet” that documents the malicious activity of each included IP address. Rap Sheets provide proof of malicious activity for all blocked sites, supported with on-screen evidence of the activity such as malware distribution or phishing, including date of the most recent confirmation and screen shots. With this clear reporting on blocking actions, customers can easily support IT compliance audits.