White Paper. Intelligence Driven. Security Monitoring. v.2.1.1. nexusguard.com



Similar documents
Manage the unexpected

Bridging the gap between COTS tool alerting and raw data analysis

The F5 Intelligent DNS Scale Reference Architecture.

Serro Solutions Enables Managed Security Service Providers to Optimize Networking Performance and Cost

VERISIGN DDoS PROTECTION SERVICES CUSTOMER HANDBOOK

PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management

The Sumo Logic Solution: Security and Compliance

The Purview Solution Integration With Splunk

First Line of Defense to Protect Critical Infrastructure

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

Meeting the Challenge of Big Data Log Management: Sumo Logic s Real-Time Forensics and Push Analytics

NitroView Enterprise Security Manager (ESM), Enterprise Log Manager (ELM), & Receivers

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

Niara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning

Cloud Data Analytics - A Must For All Enterprise Growth Shapes

AlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide

August Investigating an Insider Threat. A Sensage TechNote highlighting the essential workflow involved in a potential insider breach

Website Security. End-to-End Application Security from the Cloud. Cloud-Based, Big Data Security Approach. Datasheet: What You Get. Why Incapsula?

First Line of Defense

Protecting Customer Experience Against Distributed Denial Of Service (DDoS)

Next Generation Wealth Management solutions for Insurance and Financial Professionals

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

CHECKLIST: ONLINE SECURITY STRATEGY KEY CONSIDERATIONS MELBOURNE IT ENTERPRISE SERVICES

Niara Security Intelligence. Overview. Threat Discovery and Incident Investigation Reimagined

Harnessing the Power of Big Data for Real-Time IT: Sumo Logic Log Management and Analytics Service

The SIEM Evaluator s Guide

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

whitepaper Network Traffic Analysis Using Cisco NetFlow Taking the Guesswork Out of Network Performance Management

The Application Delivery Controller Understanding Next-Generation Load Balancing Appliances

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

Securing business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security

AMPLIFYING SECURITY INTELLIGENCE

IBM QRadar Security Intelligence April 2013

Guide: Social Media Metrics in Government

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

CyberArk Privileged Threat Analytics. Solution Brief

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

How To Handle Big Data With A Data Scientist

Analyzing HTTP/HTTPS Traffic Logs

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

Adobe Insight, powered by Omniture

Cisco Cloud Web Security

Minder. simplifying IT. All-in-one solution to monitor Network, Server, Application & Log Data

High End Information Security Services

Log Analysis: Overall Issues p. 1 Introduction p. 2 IT Budgets and Results: Leveraging OSS Solutions at Little Cost p. 2 Reporting Security

White Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation

10 METRICS TO MONITOR IN THE LTE NETWORK. [ WhitePaper ]

white paper Big Data for Small Business Why small to medium enterprises need to know about Big Data and how to manage it Sponsored by:

Datacenter Transformation

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

APPLICATION PROGRAMMING INTERFACE

Converting Security & Log Data into Business Intelligence: Art or Science? Phone Conference

Generating analytics impact for a leading aircraft component manufacturer

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

First Line of Defense

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

DDoS DETECTING. DDoS ATTACKS WITH INFRASTRUCTURE MONITORING. [ Executive Brief ] Your data isn t safe. And neither is your website or your business.

THE 2014 THREAT DETECTION CHECKLIST. Six ways to tell a criminal from a customer.

STEALTHWATCH MANAGEMENT CONSOLE

Five keys to a more secure data environment

NSFOCUS Web Vulnerability Scanning System

Monitoring Best Practices for

GETTING MORE FOR LESS AS LOG MANAGEMENT AND SIEM CONVERGE

Big Data and Security: At the Edge of Prediction

pt360 FREE Tool Suite Networks are complicated. Network management doesn t have to be.

SANS Top 20 Critical Controls for Effective Cyber Defense

Availability Digest. Prolexic a DDoS Mitigation Service Provider April 2013

Log Management Solution for IT Big Data

Business Case for S/Gi Network Simplification

QUICK FACTS. Implementing a Big Data Solution on Behalf of a Media House TEKSYSTEMS GLOBAL SERVICES CUSTOMER SUCCESS STORIES

The server will respond to the client with a list of instances. One such attack was analyzed by an information security researcher in January 2015.

Do not forget the basics!!!!!

F5 Intelligent DNS Scale. Philippe Bogaerts Senior Field Systems Engineer mailto: Mob.:

IBM Security IBM Corporation IBM Corporation

Akamai Security Products

Differentiating Your Healthcare Institution While Improving Profitability // White Paper

Extreme Networks Security Analytics G2 Risk Manager

THE GENIUS OF DATA: MAKING INTELLIGENT SECURITY A REALITY

Increase insight. Reduce risk. Feel confident.

The Hillstone and Trend Micro Joint Solution

Transforming Big Data Into Smart Advertising Insights. Lessons Learned from Performance Marketing about Tracking Digital Spend

access convergence management performance security

Security Information Management (SIM)

Scalability in Log Management

IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst

Riverbed Stingray & Joyent Content Delivery Cloud

LogInspect 5 Product Features Robust. Dynamic. Unparalleled.

The Application Front End Understanding Next-Generation Load Balancing Appliances

White Paper. Optimizing Visibility, Control and Performance of Network Traffic

Cyber security tackling the risks with new solutions and co-operation Miikka Pönniö

Company Overview. Enterprise Cloud Solutions

Brocade Network Monitoring Service (NMS) Helps Maximize Network Uptime and Efficiency

Symantec Endpoint Protection

ADC Survey GLOBAL FINDINGS

ThreatSpike Dome: A New Approach To Security Monitoring

White paper: Unlocking the potential of load testing to maximise ROI and reduce risk.

Guideline on Auditing and Log Management

LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled.

Transcription:

White Paper 1 Intelligence Driven Security Monitoring v.2.1.1

Overview In today s hypercompetitive business environment, companies have to make swift and decisive decisions. Making the right judgment call depends on having accurate, real-time data that is easily translated into actionable business intelligence. While Big Data can provide tremendous insight, organizations with traditional architectures and software cannot compute terabytes upon terabytes of data. It simply takes too long to get answers. To gain true insight into what s really happening in an environment, organizations need to be able to visualize data in a meaningful representation that can deliver maximum returns. This paper focuses on the application of Big Data and Visual Analytics from a security perspective: How to secure an organization and its customers information within the context of Big Data and how to use proprietary technologies to analyze, and even predict, security incidents. Big data fuels intelligence-driven security Traditional security systems collect data from firewalls, routers, servers, and other infrastructure components and present it in a raw format. It is difficult to extract useful information from unprocessed data, let alone mitigate threats based on it. As attackers get better at circumventing security systems, organizations need to revamp their approach in order to address today s complex security issues. By combining, analyzing, and visualizing data from a whole range of IT systems a security monitoring service can, for example, display a map showing where attacks originate, which websites have been targeted, and the current status of the user experience. Such information enables a better response in the event of a cyber attack. 1

The role of visual analytics: Data visualization is an increasingly important component of not only analytics, but also of security modeling. There are three main challenges to effective data visualization: Understanding data Before visualization can be leveraged for useful and sensible data analysis, special domain expertise is required to organize the data in a suitable context. Understanding where the data comes from, its intended audience, and how that audience will interpret it are all questions that need to be answered when analyzing data. Displaying meaningful results Visually depicting data in a graph for analysis can be meaningful, but becomes difficult when dealing with extremely large or varied data sets. Transforming granular groups of data into a visually meaningful representation first requires effectively clustering and parsing large datasets into higher-level, yet insightful views. Abnormalities Visualizing data in a graphical representation helps identify trends and abnormalities faster than using traditional tables and spreadsheets. In the context of security, abnormalities reveal previously unseen and potentially critical insights. However, when working with massive amounts of data, finding abnormalities is difficult. Solutions that can quickly spot and highlight abnormalities for further analysis are a must-have. Nexusguard Security Monitoring: Our Philosophy Nexusguard maintains a robust cyber-defense infrastructure that secures many of today s leading enterprises from advanced Internet threats. Our holistic, cloud-based security platform harnesses the power of Big Data, visualization, and analytics to deliver meaningful business and security intelligence. Real-time data allows business leaders to make sound decisions with validated, actionable information. 2

Nexusguard Business Pulse Monitoring Conversion rate optimization (CRO) provides significant opportunities for businesses of all sizes, particularly those that generate the lion s share of their revenues through online activities. Optimizing websites to convert more visitors into customers demands a scientific approach. Since the success of CRO is measured in the real world, incorrect or less than optimal business decisions can lead to substantial losses. Business Pulse Monitoring is designed to help organizations enhance their CRO efforts. PAGEVIEWS 20 Live Data IP Address Country City PLT(ms) URL 242.187.5.174 105ms http://blog./are-you-collateral-damage-in-ddos-warfare/ 230.217.178.241 83ms http://blog./are-you-collateral-damage-in-ddos-warfare/ 61.26.166.142 Japan Yokosuka 293ms http://blog./are-you-collateral-damage-in-ddos-warfare/ 223.73.46.215 China 221ms http://blog./are-you-collateral-damage-in-ddos-warfare/ 90.75.27.94 France 57ms http://blog./are-you-collateral-damage-in-ddos-warfare/ Business Pulse is a statistics and analysis module that presents web traffic demographics, business trends, and most importantly, a user-centric view of the web services experience. Using this baseline, Nexusguard correlates information to provide a benchmark comparison of how a company s web traffic is performing under security threats, and enables the formulation of more effective protection policies based on the most up-to-date IP reputation databases. For example: Variation in visitor latency will indicate a change in service performance. The number of page views or even the number of online users may increase dramatically during an application-flooding attack. Through data analyses and visual representations, Nexusguard Business Pulse shows business trends over time and constantly measures a website s status to detect even the slightest fluctuations in its health. Visitors accessing a website from a common region will be rated safer than those coming from a region with which a business rarely interacts. 3

Nexusguard Protection Monitoring The Nexusguard Protection Module provides a real-time visualization of attacks as they originate via a live heat map. At a glance, businesses can see the source of an attack down to the main IP address behind the top threats. Real-time information empowers businesses to make critical decisions to enhance their threat responses and mitigation strategies. Armed with actionable intelligence, managers are enabled to comply immediately with reporting mandates regarding security breaches. THREATS Threats Source IPs IP Address Country Threat 242.187.5.174 230.217.178.241 61.26.166.142 223.73.46.215 90.75.27.94 Japan China France 1,234 5,678 1,234 5,678 1,234 Incorporating data from Business Pulse, an enterprise can identify attack trends to better understand their potential impact, and ultimately devise strategies that lead to quicker response and recovery times. A breakdown of threats is available in the threat analysis view, allowing managers to quickly grasp the number of threats, their type, and even the name of each attack. Such information can be used as forensic evidence to support post-event investigations. PROTECTION TRENDS Total Requests/Threats Bandwidth 12 hours 1 Day 7 Days 30 Days 4

THREATS ANALYTICS DDoS 184,300 Web Application Attacks 2,157 SQL Injection 159 Documnet 214 XXS Script 360 SQL Blend Injection 1,005 Forced Search Engine Request 96 Others 77 Nexusguard Website Performance Monitoring Harnessing distributed content delivery and dynamic caching via a globally distributed network, Nexusguard enhances the performance and scalability of web services many times over. Through Website Performance Monitoring, business can clearly see how their content is distributed globally and the service level of each distribution. The amount of content offloaded to Nexusguard can also be quantified through the monitoring service, which keeps managers informed about user performance and the amount of resources saved by using the Nexusguard network. SCRUBBING CENTERS The five dots at each scrubbing centers corresponds to its status in the past five days. Mouse-over each dot for a more detailed description. 68,291 12,305 8,064 1,821 London Scrubbing Centers Status 8/30 8/31 9/01 9/02 9/03 5,814 754 Online Degradation Maintenance Offline System is operating at peak performance. Performance is slower than normal. While we tune-up, traffic will be re-routed elsewhere. DNS is not resolving, websites are offline. 5

Big Data doesn t have to be a big challenge The era of Big Data is here to stay. But Big Data is useful only if your organization can interpret it in a meaningful way. To do that requires more than just the capability to capture and store information. With its massive log collection and retention capabilities, Nexusguard s cloud-based Intelligence-Driven Security Monitoring service can provide the knowledge you need to make winning business and security decisions and gain a competitive edge. And that can make all the difference you need to succeed in today s hyper-competitive business world. 6

Twitter twitter.com/nexusguard Facebook facebook.com/nxg.pr LinkedIn Page linkedin.com/company/nexusguard contact@ 20150309-EN-US

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information