Lancope® enhances network visibility and strengthens security analytics

Lancope, Inc., has unveiled the latest version of its context-aware security analytics platform, StealthWatch® System 6.6. With new security algorithms, enhanced network visualization, and more operationalized threat intelligence, the new platform enables enterprises to more quickly and effectively detect and respond to advanced threats.

“Many enterprises have come to realise that if they cannot quickly view the entirety of what is going on within their network, they stand little chance of fending off today’s more sophisticated attackers,” said Javvad Malik, senior analyst for the Enterprise Security Practice at 451 Research. “Eliminating blind spots in enterprise infrastructure, gaining an in-depth look at network activity, and applying advanced analytics that enable users to more easily pinpoint suspicious behaviors indicative of an attack are key capabilities needed.”

StealthWatch System 6.6 extends Lancope’s already-robust network visibility and security intelligence offerings with several key new capabilities. New feature highlights include:

Expanded Cisco Technology Support and Mitigation with Cisco ISE
Lancope is leveraging the latest Cisco ISE 1.3 platform to deliver even more extensive network visibility and new mitigation capabilities to joint customers. Through the integration, Lancope’s StealthWatch System delivers in-depth identity/device awareness, and users can also take quarantine actions directly from the StealthWatch Management Console (SMC) by using Cisco ISE’s dynamic network control capabilities. Additionally, new support for Cisco UCS Blade Servers provides greater visibility within enterprise data centers, and support for Cisco NBAR2 improves application performance monitoring and root cause analysis.

New Security Algorithms for More Precise Analytics
In version 6.6, Lancope has added a set of new security algorithms that provide increased defense against increasingly prominent attack behaviors, such as machines communicating with phantom hosts, applications traveling over non-standard ports, brute force login attempts and suspect quiet long flows, just to name a few. These security algorithms set the StealthWatch System apart from other technologies, allowing for more precise analytics and actionable alarming on today’s top threats.

Enhanced Visualization and More Operationalized Security Intelligence
More operationalized security intelligence and an actionable Host Report enable users to more quickly extract and visualize the exact data they need to solve problems. New alarm categories have been added to the main StealthWatch Security Insight Dashboard for faster threat investigation, while the StealthWatch Host Report has been completely revamped to display more dynamic and visual analysis of host data.

Additional advancements in StealthWatch System 6.6 include:

Extended system scalability to 6 million flows per second with the introduction of the new FlowCollector 5000
Increased capacity for cloud deployments with new FlowCollector™ Virtual Editions (VE) 2000 and 4000
Assisted Network Classification (ANC) to help with background discovery and segmentation of new network assets
Faster, more streamlined querying with job management enhancements

“The main goal of the StealthWatch System is to dramatically improve threat detection and incident response for governments and enterprises,” said Kerry Armistead, vice president of product management at Lancope. “Through the latest version of our platform, we are providing many value-added tools that make the system more intuitive and flexible, delivering actionable data to make network defense a fluid, continuous and efficient process.”