In order to deliver advanced network visibility by intelligently optimizing traffic forwarded to network security tools, NetQuest Corporation, a global provider of advanced cyber intelligence solutions, has announced the launch of its new Network Security Broker (NSB) product line.
Fighting off more sophisticated cyberattacks is a huge problem for CISOs and their network security teams, stated NetQuest. This problem is made more difficult by the ongoing increase in traffic volume and the rising proportion of encrypted traffic. Therefore, despite an alarming rate of visibility drop, the cost to expand threat hunting infrastructure has grown significantly, the company added.
NetQuest’s Network Security Broker product line is a bump-in-the-wire between network taps and security tools that was specifically designed for network security teams in order to save overall expenses by only forwarding traffic that has been assessed as having high value and deserving of further inspection.
A ‘bump-in-the-wire’ solution is a type of network appliance that is inserted inline with the traffic flow in a network. It is often used to perform some kind of processing or analysis on the traffic as it passes through, such as security checks, traffic shaping, or monitoring. Such an appliance is usually placed at a strategic point in the network, such as at the border between a private network and the public internet, or between different segments of the network. The term ‘bump-in-the-wire’ refers to the fact that the appliance is literally a bump or obstruction in the flow of traffic, rather than being integrated into the network infrastructure.
“NetQuest has delivered optimized network traffic visibility at an extreme scale to support mission-critical cyber security challenges,” said Jesse Price, CEO and President at NetQuest Corporation. “Our Network Security Broker enables threat detection across the world’s largest networks, empowering security teams within carriers and government agencies to realize a return on investment in under 12 months.”
Traffic Backhaul, Packet Analysis, Packet Capture
NetQuest’s newly launched NSB offering uses a configurable traffic policy engine to intelligently pass, delete, or truncate individual packets, lowering the cost of network security solutions for traffic backhaul, packet analysis, and packet capture. To sum up, the solution would provide the following key features:
- Encrypted traffic classification allows conditional packet payload truncation to reduce data throughput.
- TLS and IETF QUIC handshake detection allows key flow setup information to be forwarded intact.
- Mass IP address prefix filtering allows identification of traffic to or from over 1 million IP prefixes.
- Process 5G mobile network and other tunneling protocols for subscriber-level traffic handling.
A customizable traffic policy engine can bring a number of security benefits to a data center or networking environment. Here are a few examples:
- Blocking threats – By defining rules that filter or block specific types of traffic, a traffic policy engine can help to prevent security threats such as malware, DDoS attacks, and unauthorized access. For example, administrators could use the engine to block all traffic from known malicious IP addresses or domains.
- Detecting anomalies – A traffic policy engine can be used to monitor traffic patterns and detect anomalies that may indicate a security threat. For example, if the engine detects a sudden surge in traffic from a particular IP address or a pattern of traffic that looks suspicious, it can alert administrators and take appropriate action, such as blocking the traffic or issuing a warning.
- Enforcing policies – A traffic policy engine can be used to enforce policies that ensure that only authorized traffic is allowed on the network. For example, administrators could use the engine to block traffic from unauthorized devices or enforce rules that prevent employees from accessing certain types of content.
- Protecting sensitive data – A traffic policy engine can be configured to protect sensitive data by encrypting traffic or blocking the transmission of certain types of data, such as credit card numbers or personal information.
