Security Analytics Platform by Solera Blue Coat Advanced Threat Protection

soleranetworks.com Security Empowers Business

The ChallengeToday’s advanced malware and zero-day attacks fly under the radar of traditional security technologies. As a result, organizations are accepting the fact that at some point their networks will be breached. That is why a shift is now underway toward a more modern strategy—a comprehensive approach that provides the intelligence and real-time analysis needed to see, understand, respond to, and prevent advanced threats and targeted attacks.

This new approach requires the unification of sophisticated technologies, including, security visibility, Big Data security analytics and real-time threat intelligence for Advanced Threat Protection. In addition, as security landscapes continue to evolve, organizations and IT security teams will need adaptable and customized solutions that overcome the gaps in today’s signature-based tools and deliver 20/20 visibility of everything going in and out of the network—even in the face of rapid growth and huge volumes of network traffic. And to efficiently address the growing void in their security frameworks, organizations will also require simple, flexible and cost-effective security solutions.

Security Analytics closes the security gap and overcomes the major challenges of achieving advanced threat protection, including:

• Easily deploying a simple and flexible solution that works with current security ecosystem, processes and workflows

• Finding a solution that provides real-time threat intelligence while delivering a full record of all activity before, during and after an attack

• Scaling to meet organization growth, the need for centralized security management, and increasing network performance demands

The Solution Security Analytics Platform by Solera—an integral part of Blue Coat Advanced Threat Protection—gives security professionals clear and concise answers to the toughest security questions. This award-winning platform can be deployed on your hardware of choice, as pre-configured appliances or as a virtual appliance that records and classifies every packet of network traffic—from Layer 2 through Layer 7—while indexing and storing the data to provide comprehensive threat intelligence and post-breach analytics on any security event. The result is clear, actionable

SOLUTION DESCRIPTION

Security Analytics Platform delivers contextual awareness, visual insight and actionable intelligence for real-time detection and immediate response to advanced threats.

KEY FEATURES

• Industry’s only fully-featured, software-based security analytics solution

• Complete Layer 2-7 packet capture, indexing, classification and automated deep packet analysis

• Enterprise performance and scalability—up to 10 Gbps and 1.4 PB of storage capacity

• Integration with Blue Coat Global Intelligence Network

• Integrates with common, existing security controls such as NGFW, IPS, SIEM and more

• Centralized management and expandable storage options to accommodate growth

Powers Blue Coat ThreatBLADES and Malware Analysis Appliance

Solution BriefA BLUE COAT COMPANY

Security Analytics Platform Unifies Security Visibility, Big Data Security Analytics and Threat Intelligence for Advanced Threat Protection

Security AnalyticsP L A T F O R M by Solera

SECURITY IS ABOUT WHATYOU MAKE POSSIBLE

MailTh

reat

For more information, please call 877.449.0458, or email us at Sales@CorporateArmor.com.

Security Analytics Platform

Flexible Deployment – Security Analytics Platform provides flexibility that no other solution can deliver. The industry’s only solution for Big Data security analytics that is easily deployed on industry-standard hardware, as pre-configured appliances or as a virtual appliance for comprehensive security from branch offices to the enterprise data center.

Application Classification – Security Analytics Platform uncovers the true identity of any application trying to hide within your network. Comprehensive deep packet inspection (DPI) classifies over 1,200 applications and thousands of descriptive metadata details. This feature not only efficiently identifies applications, but also provides descriptive information about a network session including application, personal identity, intended actions, content types, file names and more.

Real-time Threat Intelligence – The platform integrates directly with Blue Coat ThreatBLADES to deliver a real security game changer. Leveraging the Blue Coat WebPulse Collaborative Defense Cloud and the “network effect” from more than 75

soleranetworks.com Security Empowers Business

evidence for real-time situational awareness, continuous monitoring, advanced malware detection, security incident response and resolution, data loss monitoring and analysis, organization policy compliance, and security assurance.

Security Analytics Platform is the only solution that is flexible, cost-effective and hardware independent—while integrating with multiple highly-reputable threat intelligence sources and unique sandboxing technology for comprehensive advanced threat protection. This solution delivers:

• Full security visibility across thousands of applications, dozens of file-transports, all flows and all packets, including encrypted traffic through tight integration with the Blue Coat SSL Visibility Appliance

• Automated ‘file broker’ detects, extracts, classifies and submits files to internal or external analysis systems, including PC and mobile malware analyzers, indexing engines and file repositories

• Integrates with Blue Coat Global Intelligence Network for up-to-the-minute defense and inoculation against zero-day threats, targeted attacks and advanced malware

• Flexible deployment options to optimize total cost of ownership (TCO) and minimize capital expenditures (CapEx)

• Certified 10 Gbps performance through a patented database supporting more than 2 million input/output operations per second (IOPS)

• Full security visibility, much like deploying a security camera on your network

• Seamless integration with the Blue Coat ThreatBLADES to provide real-time intelligence on threats originating from web and file-based activity or delivered via advanced, targeted and unknown malware

• Direct integration with best-of-breed intrusion prevention systems (IPS), data loss prevention (DLP), security information and event management (SIEM), log management, next-generation firewalls, malware analysis tools, and more

KEY BENEFITS

• Gain full security visibility before, during and after an attack, and 100% situational awareness of any network activity

• Add full context to any alert from leading security solutions and understand the how, what, why

• Protect existing investments in leading security ecosystem technologies

• Simplify procurement through flexible licensing options: perpetual, term, or enterprise-wide

• Optimized detection of advanced threats with built-in threat intelligence sources and a self-learning database

• Simplify and accelerate deployment and gain 20/20 visibility into all corners of the network

• Achieve faster time-to-action/response and greater ability to minimize/eliminate the impact of security breaches

Verizon Business, 2013

92% of breaches were perpetrated

by outsiders

78% of attacks took weeks, months or even years to

discover

84% of attacks took just seconds,

minutes or hours to compromise

the network

For more information, please call 877.449.0458, or email us at Sales@CorporateArmor.com.

million end points, the ThreatBLADES provide instant, actionable intelligence on web, email, or file-based threats. The Security Analytics Real Time Extractor also automatically extracts and inspects files to enable immediate, automatic identification of known threats and sandbox detonation of unknown threats.

Layer 2 to 7 Security Analytics – Security Analytics Platform provides a variety of Big Data analytics capabilities to strengthen security incident response with comprehensive and conclusive analysis. Key capabilities include full session reconstruction, real-time reputation look up, instant messaging (IM), email and image reconstruction, Root Cause Explorer, and delivery of complete artifacts, not just packets.

Context-aware security – Security Analytics Platform integrates with best-of-breed network security technologies to pivot directly from any alert or log and obtain full-payload detail of the event before, during, and after the alert. The open, web services REST API adds complete context to any security tool and lets you leverage leading technologies such as Dell SonicWALL™, FireEye™, HP ArcSight™, McAfee®, Palo Alto Networks™, Sourcefire®, Splunk®, and many other security applications.

Root Cause Explorer – Root Cause Explorer simplifies incident response. Using extracted network objects, the tool reconstructs a timeline of suspect web sessions, emails, and chat conversations. By automatically enumerating these events, Root Cause Explorer helps the analyst quickly identify the source of an infection or compromise and reduce time-to-resolution.

About Security Analytics by Solera

Security Analytics delivers the industry’s most advanced solution to give organizations 20/20 visibility into network traffic with actionable intelligence about security threats, and a flexible, cost-efficient way to expand enterprise security on demand. In addition to Security Analytics Software, deployed on industry-standard hardware of your choice, the platform is available through dedicated appliances or as an easy-to-deploy virtual appliance. Centralized management and expandable storage complete the platform to provide scalable options as the need grows.

Security Analytics Software is the revolutionary new software-only solution that un-boxes the power of security analytics, eliminating the need for costly, proprietary hardware and storage.

Security Analytics Appliances are turnkey, pre-integrated, pre-configured sensors that deliver high-performance analytics with lossless capture and indexing rates of up to 10 Gbps. These custom-built platforms are carrier-grade with highly-available, field-replaceable components.

Security Analytics Virtual Appliance is the industry’s first and only security analytics platform available as a virtual appliance. It includes the same award-winning Security Analytics Software as our physical appliances—without requiring the purchase, installation, and maintenance of custom hardware.

Security Analytics Central Manager provides centralized management for organizations that deploy multiple Security Analytics Appliances, Virtual Appliances or Software. The Central Manager enables enterprise-wide visibility with the capability of monitoring thousands of network segments.

Security Analytics Storage Modules connect to Security Analytics Appliances and Software deployments to provide additional storage capacity. This flexible option offers powerful scalability to meet network growth requirements and the increasing need of greater visibility.

Real-Time Threat Analysis

Security AnalyticsV I R T U A L A P P L I A N C E by Solera

Security AnalyticsS O F T W A R E by Solera

Security AnalyticsA P P L I A N C E by Solera

For more information, please call 877.449.0458, or email us at Sales@CorporateArmor.com.

Solera Networks Headquarters10713 South Jordan GatewaySuite 100South Jordan, Utah 84095

www.soleranetworks.cominfo@soleranetworks.com877-5SOLERA or 877-576-5372801-545-4100

ABOUT SOLERA NETWORKS, A BLUE COAT COMPANYSolera Networks, a Blue Coat Company, is the industry’s leading provider of big data security analytics for advanced threat protection. Its award-winning Security

Analytics Platform levels the battlefield against advanced targeted attacks and malware, and gives security professionals clear and concise answers to the toughest

security questions. The Security Analytics Platform is powered by next-generation deep-packet inspection and indexing technologies, full-packet capture, malware

analysis and real-time security intelligence and analytics capabilities. Global 2000 enterprises, cloud service providers and government agencies rely on Solera for

real-time situational awareness, continuous monitoring, security incident response, advanced malware detection, data loss monitoring and analysis, organization

policy compliance and security assurance—allowing them to respond quickly and intelligently to advanced threats and attacks, while protecting critical information

assets, minimizing exposure and loss, and reducing business liabilities.

© 2013 Blue Coat Systems, Inc. All rights reserved.  Blue Coat, the Blue Coat logos, ProxySG, PacketShaper, CacheFlow, IntelligenceCenter, CacheEOS, CachePulse, Crossbeam, K9, the K9 logo, DRTR, Mach5, Packetwise, Policycenter, ProxyAV, ProxyClient, SGOs, WebPulse, Solera Networks, the Solera Networks logos, DeepSee, “See everything. Know everything.”, “Security Empowers Business”, and BlueTouch are registered trademarks or trademarks of Blue Coat Systems, Inc. or its affiliates in the U.S. and certain other countries. This list may not be complete, and the absence of a trademark from this list does not mean it is not a trademark of Blue Coat or that Blue Coat has stopped using the trademark.  All other trademarks mentioned in this document owned by third parties are the property of their respective owners.  This document is for informational purposes only. BLUE COAT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.  BLUE COAT PRODUCTS, TECHNICAL SERVICES, AND ANY OTHER TECHNICAL DATA REFERENCED IN THIS DOCUMENT ARE SUBJECT TO U.S. EXPORT CONTROL AND SANCTIONS LAWS, REGULATIONS AND REQUIREMENTS, AND MAY BE SUBJECT TO EXPORT OR IMPORT REGULATIONS IN OTHER COUNTRIES. YOU AGREE TO COMPLY STRICTLY WITH THESE LAWS, REGULATIONS AND REQUIREMENTS, AND ACKNOWLEDGE THAT YOU HAVE THE RESPONSIBILITY TO OBTAIN ANY LICENSES, PERMITS OR OTHER APPROVALS THAT MAY BE REQUIRED IN ORDER TO EXPORT, RE-EXPORT, TRANSFER IN COUNTRY OR IMPORT AFTER DELIVERY TO YOU.

A BLUE COAT COMPANY

For more information, please call 877.449.0458, or email us at Sales@CorporateArmor.com.