Breaking News - Security:
Protego Ships Threat Mitigation Appliance For SMBs
Protego Networks Inc, a provider of enterprise threat mitigation appliances,
announced the industry's first threat mitigation appliance at a total cost of
ownership (TCO) attractive to small-to-medium sized businesses (SMB) and
distributed enterprises. The PN MARS-20 appliance enables network
administrators and security operators to identify and investigate valid
incidents, streamline auditing processes, as well as prevent and stop attacks
-- at the press of a button. Protego exceeds where all other security
information management (SIM) vendors fall short of meeting customer
expectations.
"First generation SIM products have failed to live up to customer
expectations," said Imin Lee, CEO and founder of Protego. "They fall short on
performance, have exorbitant up front costs and long term TCO, require heavy
server and database administration, and they're too complex and difficult to
deploy for the majority of the mid-tier market. With our MARS 20, distributed
enterprises, SMBs and consultants serving these markets now have a powerful,
low cost and easily deployed security management solution."
"Our credit union is committed to maintaining the confidentiality and
protection of financial transactions and personal information," said Michael
Murrock, vice president of operations at ACCESS Federal Credit Union. "We
regularly examine processes and available products that can fortify our
ongoing security measures. Protego offers unique threat mitigation
capabilities that complement our security portfolio. The MARS appliance is a
turnkey solution that enables us to quickly discover and prioritize threats,
pinpoint root cause and effect, and respond. It supports our compliance
efforts by centrally consolidating and managing a significant volume of
network and security data."
"Zero-day attacks, blended threats, system breaches, and audit concerns don't
play 'favorites' -- they impact both the Fortune 1000 as well as smaller
organizations without impunity," said Peter Lindstrom, research director at
security analyst firm Spire Security. "Protego has delivered a distinctive
solution converging network intelligence, security management, incident
visualization and mitigation response. By offering this appliance in an
affordable, channel-friendly package, Protego will help a broader market to
address threat mitigation and compliance issues."
About PN MARS 20
PN MARS is a complete threat mitigation appliance utilizing patent-pending
Protego technology to transform raw network and security data into actionable
network intelligence critical to subvert real security incidents and maintain
compliance requirements. These patents cover:
- ContextCorrelation -- Groups multiple events and network behavior across
NAT boundaries in a session. System and user-defined correlation rules are
then applied to multiple sessions to identify valid incidents. This
significantly reduces raw event data and facilitates response prioritization.
- SureVector analysis -- Processes incidents to determine if threats are
valid or have been countered by assessing the end-to-end attack path
components. The result eliminates false positives and resolved threats, and
enables full path drill-down visualization and investigation.
- AutoMitigate -- Identifies available choke point devices along the attack
path and allows the user to automate appropriate device commands that can
mitigate the threat. The result responsively and accurately prevents or
contains an attack by leveraging the infrastructure.
"We examined several of the leading Security Information Management platforms
and were disappointed to learn that none excelled at the correlation,
consolidation, and identification of attacks," said Mike Polce, president of
M. A. Polce Consulting, a network security consultancy based in Rome, N.Y. "We
were also shocked by the overall cost of ownership, limited capabilities and
poor performance. We recommend Protego's appliances based on their superior
performance, correlation, consolidation and visualization features, and for
their ability to stop attacks. The product's superior functionality,
competitive price point, simple appliance license model, usability and ease of
installation make it a safe and reliable decision for our clients."
The MARS appliance consists of an Intel 1U rack mountable platform utilizing a
web-based user interface, hardened OS, embedded Oracle database, proprietary
logic and scalable architecture. The release offers advanced SIM features,
such as:
- Event correlation and data consolidation supporting an array of popular
network and security devices, applications, operating systems, and Netflow.
- Predefined rules, complex rules and support for rule customization and
free-form query.
- Real-time, drill-down attack path visualization and investigation with
complete rule, MAC address, and raw event details.
- Predefined, customizable and scheduled reports for audit, compliance and
trending.
- Dashboard with asset grouping and naming to facilita te management by
business relevance.
- Roles-based administration with intuitive workflow supporting case-centric
investigations, annotations and reports.
- Universal device support integrating any application syslog feed into the
appliance.
- Full replay and rapid investigation of both real-time and dated incidents.
- Continuous archive of consolidated events to common NAS storage.
PN-MARS allows organizations to efficiently manage security information
overload, counter sophisticated attacks and zero-day threat outbreaks,
coordinate incident response and improve security operation costs, as well as
adhere to mounting audit and compliance requirements.
|
