The Need for A New ApproAch

The top concern today for most security

organizations is how to combat advanced

and targeted malware. Nearly every

investigated case of data leakage, financial

loss, APT, or other network breach involves

some form of undetected malicious

executable (e.g., customizable commercial

malware or “designer malware”) that has

been used to maintain a foothold into

compromised networks. Obfuscation

techniques are evolving at an increasing

rate and traditional security tools cannot

keep up. The current threat environment

demands a fresh, agile approach to the

identification of malware.

NeTwiTNess specTrum™ – A revoluTioNAry ApproAch

Spectrum revolutionizes malware

identification, prioritization and workflow.

Built upon the award-winning NetWitness®

network monitoring platform, Spectrum

has the unique advantage of pervasive

enterprise-wide visibility and complete

knowledge of all network activity. Spectrum

identifies executable content wherever it

exists, and can answer any question about

the behavior of files within the full context of

your organization’s network. And because

Spectrum is able to consider the history of

your entire network’s interaction with each

threat vector on the Internet, and adjust the

levels of scrutiny accordingly, it’s like having

an HD video camera attached to every file

crossing the wire.

For each piece of executable content

found on the network, Spectrum will ask

thousands of questions concerning the file.

At a high level, Spectrum:

» Mimics the techniques of leading malware

analysts by asking thousands of questions

about a file and all of its related network

behavior, without requiring a signature or

a known “bad” action.

» Leverages NetWitness Live™ by fusing

and triangulating information from leading

threat intelligence and reputation services

to assess, score, and prioritize risks.

» Utilizes NetWitness NextGen’s

pervasive network monitoring

capability for full network visibility and

extraction of all content — executable

and metadata — across all protocols

and applications.

Zero-day and targeted malware is successfully compromising your network and

evading existing security technologies. Why? Modern malware is designed to behave

like legitimate traffic and communicate undetected. NetWitness developed Spectrum in

response to demand from security professionals for precise and pervasive identification

and prioritization of the broad range malware-related threats.

NetWitness

Spectrum™

» Inspects all network sessions, regardless of protocol, for suspicious activity or files. Detects and flags both suspicious network activity and files

» Imports a file or a session or a file and session to be processed

» Integrates bi-directionally with NetWitness Investigator™ and Visualize™ for in depth analysis

» Risk-based scoring methodology with all context behind a score exposed to help prioritize remediation efforts

» Leverages NetWitness Live* for list-based content and context, including NetWitness Profilers (indicators, parsers, reports and rules)

» Provides anonymous submission of files via Live to the security community for analysis, including white list/black lists, reputation services, dynamic/static analysis services and others

» Integrates with Identity via NetWitness Live to associate users with activity

» Integrates with both on-premise and cloud-based sandboxes

» Flexible Dashboard, Chart and Summary displays for a unified view

» Web-based user interface with multi-lingual support

» Supports SNMP, syslog, and SMTP data push for integration in SIEM

» Full role-based access controls

» Stand alone and NextGen-integrated product options available

FeatureS

NetWitness Corporation | 500 Grove Street, Suite 300 | Herndon, VA 20170 | T: 703.889.8950 | F: 703.651.3126 | sales@netwitness.com

» Provides transparency and improves

efficiency by delivering complete answers

to security professionals, including a

wealth of detailed supporting data,

such as: intelligence fusion, sandboxing,

correlation, and scoring options that are

designed for diverse environments and

rapidly evolving threats.

When combining these distinct analytic

and scoring methods with the unique

benefits obtained from pervasive visibility

into content and behavior, NetWitness

Spectrum provides an unmatched

capability to detect and identify zero-day,

targeted and advanced malware.

Spectrum offers the first analytical

workflow combined with a complete

rendering of network traffic for ubiquitous,

automated malware analysis, delivering

the most comprehensive identification,

investigation and risk-based prioritization

of malicious content activity directly into

the hands of security teams. Security

operations teams can effectively and

efficiently determine proactive remediation

efforts based on the most critical results.

NeTwiTNess SpectruM

AbouT NeTwiTNess

NetWitness® is a revolutionary network monitoring platform that provides enterprises a precise and actionable understanding of everything happening on the network. NetWitness solves a wide range of tough information security problems including: insider threats, zero-day exploits and targeted malware, advanced persistent threats, fraud, espionage, data leakage, and continuous monitoring of security controls. NetWitness customers include enterprises across the Global 1000 in financial services, power and energy, social media, telecommunications, retail, and high-tech, as well as government agencies around the world in defense, homeland security, law enforcement, and intelligence. To learn how your security team can Know Everything and Answer Anything, visit www.netwitness.com.

* NetWitness Live: Spectrum edition subscription is required.

appliaNce ModelS

sKu NWa200-N-32M NWa2400-N-64M

model 200 series 1200 series

processor dual intel Xeon e5620 Quad core, 2.4GHz

dual intel Xeon X5650 Hex core, 2.66GHz

rAm 32GB 64GB

interfaces (2) 100/1000 copper (6) 100/1000 copper

storage 8tB 24tB

power redundant Max 700W redundant Max 800W

form factor 1u, Half-depth 2u, Full-depth

maximum weight 45 lbs 65 lbs