2 minutes reading time (372 words)

Ixia Threat Armor Integration with Flowmon ADS

An easy way to relieve your security teams and strengthen overall enterprise security.

The evergrowing number of threats and attacks starts to represent an issue to overall enterprise security. Various tools are deployed to provide multi-layered security and protect business assets. To not overwhelm security teams with thousands of alerts, a script-based integration between Ixia and Flowmon has been created. Using a Threat Intelligence Gateway, known malicious communications are handled with Ixia Threat Armor by blocking them even before they hit your perimeter. Flowmon ADS provides additional threat information and detection of malicious communication which are not detected by traditional and signature-based security solutions. Joining both solutions lowers load on security tools, strengthen enterprise security and makes security team's life easier.

Ixia Threat Armor

Ixia Threat Armor provides front line defense by removing threats and malicious traffic before it hits your infrastructure. The appliance is deployed outside the perimeter and blocks communications with IP addresses in the Rap Sheet database (blacklists). Cloud based ATI (Application Threat Intelligence) service updates threat data (the database) every 5 minutes. The main benefit is lowering load on enterprise firewalls by blocking known malicious traffic and thus negating the need for a possible firewall upgrade.

Flowmon ADS

Flowmon ADS is network security tools which complements traditional security solutions with signature-less anomaly detection. Using Network Behavior Analysis technology, the ADS is able to detect threats which bypasses security solutions deployed on perimeter, end-points as well as signature-based solutions. Flowmon ADS is also fed with Threat Intelligence information to extend its capabilities with detection of malicious communications.

Integration Details

The integration is made using Flowmon ADS capability to report detected events via script and Ixia Threat Armor API, which allows to add entries to its database. Upon detection of malicious communication, the Flowmon ADS triggers a script created by Emitec AG. The script uses Ixia Threat Armor API to add malicious IP address to the block list. After that, Ixia Threat Armor blocks the communications with malicious IP address. Using parameter in script it is possible to define expiration date for the IP address added to the block list.
How to Bypass 5 Major Security Risks
Rogers launches Wireless Private Networks for larg...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Saturday, 15 May 2021

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://telnetnetworks.ca/

Contact Us

Address:

Telnet Networks Inc.
740 Augusta Dr.
Suite 202
Kingston, ON  K7P 0R5
Canada

Phone:

(800) 561-4019

Fax:

613-498-0075

For More Information about Telnet Networks, our products, or our services, or to request a quote please feel free to contact us directly.

Latest Blog Posts

Latest Blog Posts