StealthWatch Xe shines a light on NetFlows

Shining a light in the dark often exposes nasty little critters that normally hide from view. Lancope’s newly released StealthWatch Xe IDS appliance can do the same thing for your network. Working in conjunction with network infrastructure products from Cisco Systems, Foundry Networks, Juniper Networks, and others, Xe collects and analyzes NetFlow data to provide a view into strange and threatening traffic running on network segments lacking IDS sensors.
We’ve been using Xe to analyze NetFlow data from Cisco Catalyst and Foundry BigIron switches, and we’ve found scary critters of every stripe -- worms, viruses, Trojans, keylogging spyware, you name it. Xe incorporates the same analytical engine deployed in the conventional StealthWatch appliance we tested last summer, but it enlists existing routers and switches to work as its sensors, drawing their NetFlow data from mirrored switch ports. Xe is not the first solution to leverage routers and switches this way, but the passive approach of the StealthWatch engine -- which does most of its analysis without inspecting packet payloads or hindering network traffic -- meshes especially well with spanned traffic monitoring.
Current StealthWatch users will be happy to know that the Xe interface closely matches its conventional StealthWatch cousin and seamlessly connects into the StealthWatch Management Console. Whether you use Xe to extend your existing StealthWatch deployment or as a point solution, it will bring powerful threat detection capabilities to opaque segments of your network. In June, Xe will be available as part of StealthWatch System 5.0. System 5.0 will integrate with other network devices to mitigate attacks, detect application traffic that violates network policies, and provide visualizations of worm outbreaks and network flows.
-- Victor R. Garza and Doug Dineley

StealthWatch Xe
Lancope
Cost: Starts at $9,995
Available: Now; StealthWatch System 5.0 due in June