Arbor unveils big data threat protection solution
Pravail covers analytics, advanced threat detection, incident response, forensics
Security firm Arbor Networks Inc today introduced Pravail Security Analytics for advanced threat detection, incident response and security forensics.
The technology behind the solution was developed by Packetloop, a big data security analytics specialist based in Sydney, Australia that was acquired by Arbor in September 2013.
"Arbor is able to offer enterprise security teams the richest set of data regarding the activities happening on their network," said Matthew Moynahan, president Arbor Networks.
"Pravail Security Analytics is a powerful solution that will allow our customers to see attacks on their global networks faster and in more detail than seen before. We're focused on bringing meaningful context to massive amounts of data so that security teams can focus on the critical few, react faster and identify the threats lurking within their network environment before they impact the business."
The attack intelligence within Pravail comes from Arbor's Active Threat Level Analysis System (ATLAS). According to Arbor, ATLAS is collaborative initiative involving nearly 300 service providers who share anonymous data with the security company. The pool is said to be up to 70TB/sec of global Internet traffic and is analysed by Arbor's security research team, which then develops detection methodologies and creates fingerprints that identify threats and malicious activity occurring within the enterprise.
"Today's breed of attacker is not looking to be a short-term and visible nuisance," Arbor said in a statement. "They use stealthy and sophisticated methods to penetrate an organisation's perimeter and the indicators of compromise are often impossible to identify before it's too late."
In order to properly understand subtle, advanced targeted attacks, enterprises need a complete record of all network traffic, Arbor argues. By designing Pravail to analyse data very quickly, Arbor is aiming the tool at supporting real-time attack response decisions. Additionally, because the data is stored for future review, it can be looped to identify previously undetected attacks using the latest threat intelligence.
Pravail Security Analytics uses big data technologies intended to lower the barrier to entry for organisations that want to deploy and operate enterprise-class security analytics. An organisation can securely upload packet captures to Pravail in the cloud and be analysing their data within minutes of a threat being identified, according to Arbor. For organisations that cannot upload their packet captures for compliance or regulatory reasons, Pravail can also be deployed as an on-premise solution using distributed Collector appliances. The Collector appliances can be used to scale out storage or processing capabilities for high-speed capture points, or for deployment into multiple locations to provide distributed coverage.
General availability of the Pravail Security Analytics on-premise Collector solution is planned for April 30, 2014.