COUNTERSNIPE

Transcription

1 COUNTERSNIPE

2 COUNTERSNIPE SYSTEMS LLC RELEASE 7.0 CounterSnipe s version 7.0 is their next major release and includes a completely new IDS/IPS leveraging high performance scalability of the Ubuntu (LTS) OS, a Suricata engine and the incorporation of the Emerging Threats ET Pro Ruleset. This new development takes CounterSnipe to the fore front of Next Generation IDS/IPS technology to address ongoing protection required by customers against Advanced Persistent Threats and Malware. Release 7.0 provides the latest research & technology required to combat the most current cyber security threats. CounterSnipe Systems LLC. All rights reserved. SURICATA Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Suricata s multi-threaded architecture can support high performance multi-core and multi-processor systems. The major benefits of a multi-threaded design is that it offers increased speed and efficiency in network traffic analysis and can also help divide up the IDS/IPS workload based on where the processing needs are. The engine is built to utilize the increased processing power offered by the latest multi-core CPU chip sets. Suricata is Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). ETPRO RULESET Emerging Threats developed comprehensive IDS/IPS rules to combat Advanced persistent Threats & Malware. The ETPro Ruleset Research Team pushes ruleset updates daily, not weekly or less like most vendors to CounterSnipe engines. Daily Updates with ETPro Ruleset averaging 20 to 30 new malware and vulnerability rules each day gives customers more than twenty times the rules each week than any other vendor. ETPro and the ET design are trademarks of Emerging Threats Pro, LLC.

3 PRODUCT SET IDS/IPS CounterSnipe is Intrusion Detection and Prevention Software (IDS/IPS) with a number of additional network security management features. Once the software has been installed the CounterSnipe implementation results in a powerful multimode IDS/IPS system that can be used either in tap mode (listening passively to network traffic) or in in-line mode just like a firewall (as a gateway through which all traffic must pass). There are 3 possible software installations: 1) Standalone Active Protection System (APS) 2) Active Protection Device (APD) 3) Threat Management Console (TMC) CounterSnipe Systems LLC. All rights reserved. APS The Active Protection System (APS) offers Enterprises a combination of Asset Management, Intrusion Prevention (IDS/IPS), Network Access Control (NAC) and always-on threat protection. The integration and correlation of all of these various modules meets various security, accountability and compliance requirements. APS is a cost effective solution for organizations of all sizes as its modular approach, flexible licensing and ease of upgrading eliminates huge costs associated with dedicated appliances. Various modules from APS may be installed to create one of the desired solutions. All modules communicate with the central Management Console TMC Threat Management Center (TMC) is the GUI front end CounterSnipe Systems use to drive all the administration and configuration functions. In a multiple device deployment TMC is used to manage all of the remote devices (APDs) Active Protection Device. The actual working components of the CounterSnipe suite. In a multiple device deployment refers to remotely managed IDS/IPS devices. In a standalone single hardware system both the TMC and APD are installed on the same appliance. The workings of the system are exactly same as if the two were installed on two separate pieces of hardware.

4 TECHNOLOGY UBUNTU LTS The Ubuntu Linux distribution is the CounterSnipe Systems OS of choice. Ubuntu LTS is a long-term support release. It has continuous server hardware support improvements as well as guaranteed security and support updates until April SURICATA The Suricata engine offers increased speed and efficiency in network traffic analysis. In addition to hardware acceleration (within hardware and network card limitations), the engine is built to utilise the increased processing power offered by the latest multi-core CPU chip sets. EMERGING THREATS The ETPro Ruleset Research Team pushes ruleset updates daily, not weekly or less like most vendors. Daily Updates with ETPro Ruleset averaging 20 to 30 new malware and vulnerability rules each day gives the Countersnipe IPS more than twenty times the rules each week than any other vendor.

5 PRODUCT HISTORY Three consistent years of IDS/IPS innovation: H Version Suricata based IDS Engine introduced H OS update to Ubuntu LTS H Always on Adaptive Alert Management H Version SNORT based IDS Engine updates H Dual licensing; always on scanning; one click host based blocking H Version Active Protection Software (APS) released CounterSnipe Systems LLC. All rights reserved.

6 NEXT GENERATION IPS ROADMAP CounterSnipe has consistently developed their IPS product set since 2003 Release 7 takes their IPS technology to the next level with a Suricata based IPS engine, replacing SNORT, to deliver leading edge security capability. Exploits Ubuntu LTS OS to deliver higher IPS throughput at NIC speed without packet drops Run multiple signature engines for the most demanding network implementations Active Customer Engagement to add new features and provide security management they want in shorter timeframes than any competitor CounterSnipe Systems LLC. All rights reserved.

7 PRODUCT SUPPORT & SOFTWARE MANAGEMENT CounterSnipe Systems LLC provides all customers with premium 24*7*365 online and support from their SOC (Security Operations Centre) as standard Daily signature updates from Emerging Threats ET Pro as standard Premium 24*7*365 risk data and product updates Training workshops & onsite / in-house get to know the product sessions Consultancy / Professional Services for in-depth low level policy tuning CounterSnipe Systems LLC. All rights reserved.

8 DEMO S & EVALUATION How about a live demo? Register for a CounterSnipe webinar? Why not download the software and evaluate? Or contact us directly sales@countersnipe.com CounterSnipe Systems LLC. All rights reserved.

9 Q & A What more can we tell you about the CounterSnipe Systems LLC product set? CounterSnipe Systems LLC. All rights reserved.