Addison, Texas, July 26, 2011 – Global DataGuard®, the premier provider of network behavior analysis-based (NBA) Unified Enterprise Security™(UES), today announced a new Signature Selection feature that enables customers to automatically fine tune signatures within their unique network environment. Configurable through the unified management console’s (MCU)™ tools menu, this advanced signature selection capability utilizes Global DataGuard’s Vulnerability Scanning Module™ (VSM) in conjunction with the Detection+Prevention Module™DPM) to automatically match signatures to vulnerabilities and then load IDS/IPS detection rules that specifically look for network attacks on customer resources that they may be vulnerable to.
According to IDC, ‘the security landscape has been seeing new threats growing explosively in number and complexity – attacks that exploit the vulnerabilities of applications, insider sabotages, identity fraud and unauthorized access to corporate systems and networks. Regulatory compliance requirements are also a significant driver for security solutions’. Based on the continuing growth of sophisticated threats, analysts believe that companies are turning to security and vulnerability management products to establish a security management framework for various compliance requirements such as policy compliance, log archiving and auditing.
There are far too many signatures available today to be loaded on any intrusion detection system at one time without risking performance degradation, stated Scott Paly, chief executive officer for Global DataGuard. The Signature Selection software enhancement ensures optimal protection for a customer’s network ecosystem by providing surgically precise targeting of signature rule sets to help customers achieve greater IT security monitoring and control of vulnerabilities within whatever mix of physical and virtual infrastructure their network utilizes.
Fine Tuning Signatures to Match Unique Network Requirements
A passive intrusion detection and prevention device, the Detection+Prevention Module hosts a signature intrusion detection engine and an intelligent packet inspection and capture system that can analyze raw network packet data, then select and transfer suspicious packets to the Behavioral Correlation Module (BCM) for further behavior analysis. The DPM monitors and provides protection for network and customer-defined threats, potentially suspicious employee activity, evidence of malware, infections, and security policy and compliance violations.
With the new Signature Selection feature, any customer using a Global DataGuard Vulnerability Scanning Module has the ability to load IDS/IPS detection rules that specifically look for network attacks on potentially vulnerable resources. When a network vulnerability scan occurs and vulnerabilities are found on any scanned system, those vulnerabilities are automatically matched to existing Common Vulnerabilities and Exposures-based (CVE) signature rule sets for those exploits and then loaded into the Detection+Prevention Module. It can also exclude any given signature rule set, as needed, if it relates to activity that a customer’s application requires in order to function. This unique capability enables customers to efficiently load and unload signature rule sets for customization of each network that is monitored.
Unified Enterprise Security
All of Global DataGuard’s industrial-strength security applications are architecture-based, so they work together by sharing and correlating information to provide a deeper context to threats and attack reconnaissance. Further, the company’s comprehensive unified security system can:
- adapt to evolving networks, track network resources, and detect stealth, reconnaissance or previously unknown threats;
- perform intrusion detection and prevention, including customizable signatures for DLP and compliance;
- perform sophisticated analysis, correlation and alerting on logs and store the raw logs and alerts for over a year;
- provision on-demand, unlimited license vulnerability scanning and real-time correlation of scans with other alerts;
- monitor network access and policies for use of critical assets;
- offer an easy-to-use, instant view of prioritized network, global, vendor and vulnerability threats and the underlying data that created them via a portal that provides unified administration and monitoring;
- ensure zero network latency via 100% passive deployment; and
- provide unparalleled price/performance in an easy-to-install system that can be up and running in hours as opposed to days and weeks for any size business.
Every product is backed by 24/7 Managed Security and Professional Services, allowing businesses to maximize their IT security staffing and/managed-security/index.php/productsandservices/unified-enterprise-security/on-demand-srm-managed-security-services-mss provide real-time visibility, control and oversight of their organization’s entire network ecosystem. With unified administration, monitor/managed-security/index.php/productsandservices/unified-enterprise-security/on-demand-srm-managed-security-services-mssing and reporting, an integrated network security ticketing system and world-class managed services, Global DataGuard’s holistic approach to security provides for the earliest warnings of threats, dramatically reduces false positives, and enables unparalleled management of a company’s total information security environment. Global DataGuard Managed Security Services can be purchased with or without a contract and typically cost less than one full-time employee.
The Detection+Prevention Module is available immediately in seven models that are designed for premise-based and virtual (private and public cloud) network environments. The DPM is a fully integrated component within Global DataGuard’s Unified Enterprise Security and Unified Enterprise Cloud Security™(UECS) portfolio. Custom configurations can be designed and priced based on an organization’s unique network requirements. In addition, Global DataGuard’s customizable security suite and managed security services are available through a 30-day free product and services evaluation to qualified organizations. Companies interested in this no-cost trial offer may request additional information by contacting UES@masergy.com.