Turn-key threat intelligence gateway filters traffic from malicious IP addresses at line speed, boosting efficiency and performance of security and visibility tools
CALABASAS, Calif.--(BUSINESS WIRE)--Jun. 7, 2016-- Ixia (Nasdaq:XXIA), a leading provider of network testing, visibility, and security solutions, today announced the launch of ThreatARMOR 10G, which delivers IP address filtering at 10Gb network speeds with continually updated real-time threat intelligence that boosts the efficiency of next-generation firewalls and intrusion prevention systems.
According to a recent report by the Ponemon Institute1, the barrage of security events facing the modern enterprise means only 29 percent of alerts are investigated and 40 percent of those that are, turn out to be false positives. This means that the bulk of security events which would indicate an ongoing breach are never investigated, leading to an average of 170 days to detect an advanced attack. This enables an intruder to steal sensitive data and damage internal systems.
“The reality today is that exfiltration tools have become powerful enough that even small delays in detection can lead to catastrophic breach losses,” said Eric Hanselman, Chief Analyst, 451 Research. “Attackers already know that overwhelmed security teams and infrastructure are prime targets to infiltrate without detection. The ability to eliminate the noise of known threats is essential to enabling security teams and their analysis tools to focus on quickly identifying real threats.”
ThreatARMOR filters traffic from known-bad IP addresses, hijacked IPs, and untrusted countries, greatly reducing the number of security alerts. By eliminating automated probes and scans, DDoS attacks from untrusted countries and hijacked IPs, and phishing and botnet connections, ThreatARMOR allows security teams to enable enhanced detection features on their existing security tools and focus on meaningful security alerts that indicate an active breach, also improving the efficacy of SIEM tools.
ThreatARMOR 10G enables customers with large networks and data centers to:
- Filter traffic from known bad IP addresses at full 10Gb line speeds – helping to stop malware downloads, network reconnaissance, and other exploits from those known bad addresses
- Identify and prevent infected internal devices from communicating to known botnet C&C servers
- Remove traffic by geography from entire countries that likely have no valid reason to access the network
- Filter unused and unassigned IP addresses, and hijacked domains often used in DDoS attacks
ThreatARMOR saves customers the time and cost of reviewing the flood of unnecessary notifications generated by their security systems, which can overwhelm security teams and risk critical alerts being missed. Enterprises spend approximately 21,000 hours per year on average dealing with false positive cyber security alerts, according to a Ponemon Institute report2 published in 2015.
“DDoS and malware attacks continue to grow in frequency and volume, which means enterprises are being overwhelmed by security alerts. This makes it almost impossible to identify the critical early signs of a targeted attack on an organization’s network,” said Scott Register, Vice President of Product Management at Ixia. “ThreatARMOR delivers a future-proofed platform that pre-filters known-bad and unwanted IP addresses from impacting the security infrastructure for the most demanding high-end enterprise and data center networks, improving the efficiency of security tools and helping teams find breaches faster.”
Ixia’s professional-grade Application and Threat Intelligence (ATI) Research Center has over a decade of experience providing threat intelligence to the world’s largest service providers and security equipment manufacturers for testing the efficacy of their cyber security products and systems.
Ixia’s ATI program develops the threat intelligence for ThreatARMOR and a detailed “Rap Sheet” that documents the malicious activity of each included IP address. Rap Sheets provide proof of malicious activity for all blocked sites, supported with on-screen evidence of the activity such as malware distribution or phishing, including date of the most recent confirmation and screen shots. With this clear reporting on blocking actions, customers can easily support IT compliance audits.
Ixia at Interop Tokyo 2016
In addition to demonstrating ThreatARMOR 10G at the Ixia booth during the event, ThreatARMOR 10G is also a key component of the Interop Tokyo 2016 ‘ShowNet.’ The ShowNet is the network deployed to connect from the venue to the Internet. ThreatARMOR 10G will be deployed as part of the ShowNet Security Orchestration process to block known bad traffic, as well as potential threats detected by other security devices.
Yuji Sekiya, a Generalist from the Interop Tokyo 2016 ShowNet, commented, “ThreatARMOR removes unnecessary traffic in advance by using Ixia’s professional grade ATI. We expect that ThreatARMOR will reduce the number of security alerts generated by ShowNet security devices, so we can focus on any real potential threats.”
Security Orchestration performs automated network, system, and application changes based on data driven security analysis, replacing slow, manual intervention and threat response with machine-speed decision making and response. The Interop Tokyo 2016 ShowNet Security Orchestration uses “NIRVANA Kai” by the National Institute of Information and Communications Technology to interface among security devices.
Kazuya Okada, head of the Interop Tokyo 2016 ShowNet Security NOC, stated, “It is very important for security devices to work in collaboration to maximize protection from sophisticated cyberattacks. ThreatARMOR enables REST API to remotely manage its filtering features and is an ideal security infrastructure device since it can operate inline and maintain line rate performance.”
Ixia (Nasdaq: XXIA) provides testing, visibility, and security solutions, strengthening applications across physical and virtual networks for enterprises, service providers, and network equipment manufacturers. Ixia offers companies trusted environments in which to develop, deploy, and operate. Customers worldwide rely on Ixia to verify their designs, optimize their performance, and ensure protection of their networks to make their applications stronger. Learn more at www.ixiacom.com.
1 The State of Malware Detection & Prevention, issued by The Ponemon Institute, March 2016
2 The Cost of Malware Containment, issued by The Ponemon Institute, January 2015
Connect with Ixia
Ixia, the Ixia logo, ThreatARMOR, Application and Threat Intelligence, and ATI are trademarks or registered trademarks of Ixia in the United States and other jurisdictions. All other trademarks used herein are the property of their respective owners.
View source version on businesswire.com: http://www.businesswire.com/news/home/20160607005658/en/
Ixia Media Contact:
Denise Idone, Senior Corporate Communications Manager
Office: (631) 849-3500
Mobile: (516) 659-7049