Enterasys Networks, the secure networks company, has introduced powerful new features and capabilities for its Dynamic Intrusion Response (DIR) solution, including version 7.0 of its Dragon Intrusion Defense System.
DIR enhancements
These significant releases extend the abilities of Enterasys Secure Networks to offer enterprise customers comprehensive security capabilities designed to protect networks from a wide variety of business-damaging threats.
DIR is the industry`s first solution that actively reacts in real-time to incoming threats to the enterprise network. It is integral to Enterasys` vision of embedding security directly into the network infrastructure where it can provide enterprises the shortest window to assess, detect, locate, respond and correct security threats in real-time, with single-action enterprise policy enforcement.
A key enhancement to the DIR solution is NetSight Atlas Automated Security Manager (ASM).
ASM version 1.1 includes a new advanced search mode that enables it to locate threats even faster. This increased performance is critical as mitigation can occur almost immediately, with minimal or no disruption to business activities.
Enterasys originally designed DIR for optimal performance in policy-based Enterasys Secure Networks. The latest release significantly improves the security of heterogeneous network environments with equipment from multiple manufacturers. The DIR solution fully interoperates with an enterprise`s existing security infrastructure, such as third-party firewalls, switches and routers. This extends Enterasys` industry-leading integration of powerful security capability directly into the network infrastructure.
This release of the DIR solution also expands threat identification and remediation from the edge of the network inward to cover the entire enterprise. For example, the new DIR Data Centre Solution enables enterprises to protect highly sensitive data centres by implementing automated granular policies that quickly and effectively address a specific offending user - even across high-bandwidth links supporting thousands of users - with no decline in quality of service.
With threats today that can shut down a large distributed network in minutes, it`s unrealistic to expect a solution that requires manual intervention to work.
Enterasys` DIR not only determines and locates a threat in seconds, but can also automatically enforce policies that will isolate specific users or devices from the rest of the network.
Dragon 7.0
The other key component of Enterasys` complete Dynamic Intrusion Response solution is the Dragon Intrusion Defense System. The Dragon Enterprise Manager Server (EMS), first introduced in version 6.3, now features easily configurable wizards for establishing the rules for passing prioritised events to ASM for determining the physical location of a threat and for taking automated action. With this new release, Dragon`s host sensors deliver DIR`s Security Event Gateway functionality by collecting threat data from third-party routers, firewalls, and security systems and funnelling this data to the Dragon EMS.
"Enterprise networks are the backbone for real-time business activities, communications and customer service, which makes them an irresistible target for a growing range of threats and attacks that compromise proprietary information and cripple business productivity," said John Roese, chief technology officer of Enterasys Networks.
"Dragon 7.0 raises the bar for enterprise network security by offering the industry`s most robust intrusion-defence capabilities. Its unique threat-detection technology discovers threats, network misuse, system exploits and a wide array of other malicious activities that can disrupt business continuity and cost enterprises time and money and impact their ability to meet customers` needs."
Beyond enhancing DIR functionality, Dragon 7.0 marks a major revision to the product family. The four key areas of enhancement to Dragon include:
* Next-generation management--User-friendly interface with role-based access designed for scalability to meet the needs of enterprises and managed security service providers. A new GUI built on a Java framework in a client-server architecture delivers ease of use, simplified configuration and centralised management of all Dragon elements.
* High-performance architecture--A new multi-threaded architecture enables true Gigabit-per-second performance network sensors. The multifaceted engine provides threat-detection using advanced signature-based pattern analysis, anomaly detection and protocol decoding.
* Virtual sensors--Allows a single sensor to operate as multiple unique sensors with unique policies and configurations; thereby, limiting a customer`s need to purchase multiple network IDS appliances.
* Web server intrusion prevention - Enterasys` first intrusion-prevention technology is designed to protect enterprise Web servers. The Dragon Web Intrusion Prevention technology is the most comprehensive and flexible Web server protection product on the market. It monitors more aspects within http communications than any other product and supports multiple response capabilities once an attack is discovered.
"With its latest release of Dragon IDS, Enterasys has further strengthened its Secure Networks solutions portfolio," said Charles Kolodgy, research director of Security Products at IDC. "Built on a scalable client-server architecture, Dragon offers multiple threat prevention and response mechanisms today, while providing an upgrade path to future functionality, including in-line intrusion prevention. Dragon offers strong standalone IDS capabilities, but enterprises can extract additional financial, operational and compliance benefits by deploying it as part of Secure Networks Dynamic Intrusion Response solution."
Share
Editorial contacts