In addition to being deployed internally at Cisco, StealthWatch has been utilized in CSIRT’s mobile monitoring solution in the past to cover industry events such as FIRST and Cisco Live. We are honored that Cisco is now taking us to an event as prestigious as the Olympics!

With so many high-profile executives expected to connect to the Cisco House network during the Games, tight security is critical – especially since many of these professionals will be connecting with their personal devices in a BYOD-type fashion. CSIRT’s mobile monitoring solution has enabled Cisco to swiftly identify and locate infected user devices at previous events, minimizing the damage to other attendees, and it will play a key role in ensuring the success of the Cisco House.

Click here for more details from CSIRT. For further information on the Lancope StealthWatch System, go to: http://www.lancope.com/solutions/. 
 

Image from Jim Linwood.

Unfortunately, today’s dynamic environments are rendering traditional security and network monitoring tools far less effective and way too costly to sustain. Many organizations are therefore turning to NetFlow and IPFIX as a source of visibility to the edge of the network. Lancope’s customers rely on our StealthWatch System for flow-based monitoring to fill in the gaps, and as a result, are obtaining more comprehensive network visibility and protection at a lower cost. In fact, Gartner believes that NetFlow provides 80% of the needed network visibility. The analyst firm also stated that “as the importance and usability of flow-based data increases, the need for probes will be reduced but never eliminated.”¹

Lancope has recently completed a report on the ROI that can be achieved through StealthWatch. With the system:

• The Naval Postgraduate School increased visibility into its internal network traffic ten-fold from 90MB per minute to 900MB per minute.
• Dartmouth College reduced its network threats by 90%.
• Aurora Health Care reduced its incident investigation timeframe by more than half.
• The Puget Sound Blood Center is now retaining the $22,680 it was previously losing for each hour of downtime.
• Grafisch Lyceum Rotterdam experienced a 75% hardware, software and maintenance cost savings compared to other internal monitoring technologies.

These are just a few of the highlights from the study, demonstrating how StealthWatch helps companies improve network and security operations while experiencing resource savings and preventing costly damages. Please click here for the full report.

1 - Gartner, “When Is NetFlow 'Good Enough'?”, Report #G00218112, http://www.gartner.com/id=1971021

Image by Egahen.

With most malware outbreaks historically only targeting Windows machines, Apple has been criticized over the past few years for the slow pace at which it releases critical security patches. As the market share for Macs continues to increase, end users, corporations and Apple itself must all be prepared for a subsequent rise in attacks targeting Apple’s Mac OS X.

In today’s fast-paced computing era where convenience, mobility and IT consumerization reign, it is becoming increasingly difficult for IT administrators to keep track of and properly secure all of the devices – including laptops – that enter the corporate environment. Employees are increasingly expecting to work with whichever device they prefer – even if that device is their personal Mac. Often times, they will access the corporate network using their device of choice, and will even circumvent security policies in order to do so.

So how can administrators prevent malware like the Flashback trojan from spreading across their corporate networks without being able to control which devices users bring to the office? And without being able to dictate what types of security measures users install on their own devices?

The only viable solution to this BYOD challenge is NetFlow. Already inherent in routers and switches, NetFlow can provide in-depth insight into every activity happening across the network. Through flow-based monitoring, organizations can obtain a comprehensive, cost-effective view into each and every device accessing the corporate network – without having to install software on the devices or deploy expensive probes.  

By collecting valuable intelligence on users’ personal devices – including device type, user identity, security posture, which resources the device is accessing, where the device is physically located, etc. – Lancope’s StealthWatch flow-based monitoring solution can effectively ensure that personal devices are not downloading confidential, restricted data or spreading malware to other assets. This way, organizations can maintain network security and integrity in spite of the latest malware outbreak – no matter which platform it is targeting.  

Click here for more information on how flow-based monitoring can boost BYOD security.

Image by wwarby. 

As businesses become more global, fast-paced and dynamic, technology trends are evolving to support this shift. Trends such as virtualization, user mobility and bring-your-own-device (BYOD) environments are enabling today’s enterprises to operate more efficiently and cost-effectively, but are also leading to new network management and security concerns.

StealthWatch 6.2 has been designed to allow customers to take advantage of new technology trends without sacrificing the network visibility and integrity that are core to our solution.

Key new features include:

1. New virtual offerings for the StealthWatch Management Console and FlowCollector, enabling users to embrace the many benefits of virtualized infrastructure including lower costs, recovered data center floor space and optimized server capacity.

2. Integration with the Cisco Identity Services Engine (ISE) to incorporate additional identity and device data into StealthWatch for combating advanced threats.

Cisco’s ISE is a powerful and flexible access control solution that provides customized access to corporate resources based on user/endpoint identity. This integration marks a key milestone in Lancope’s continued partnership with Cisco to offer unprecedented levels of visibility and security from the core to the edge of the network. The image below reflects the new identity and device data fields available via StealthWatch as a result of the integration. 

3. Enhanced mobile device visibility to help enterprises address BYOD challenges. StealthWatch now correlates issues stemming from any device – including personal smartphones, tablets or laptops – with Identity and Device information from the Cisco ISE. Check out this video for more details.

4. Advanced application awareness through URL data for expedited troubleshooting and forensic investigations (shown below). Previously unavailable from most flow sources, URL data enables administrators to differentiate between web applications to more easily determine which ones are causing performance or security problems.

Other features include support for IPFIX, enabling users to embrace next-generation flow protocols, FIPS 140-2 support, helping government entities preserve the confidentiality and integrity of data collected and analyzed by StealthWatch, and support for flow data from Palo Alto Networks’ Next-Generation Enterprise Firewalls, enabling integrated internal and external monitoring for greater contextual awareness.

StealthWatch 6.2 is currently available and shipping. Please see our recent announcement and new data sheet for further details. Lancope and Cisco will also host a complimentary webinar on Thursday to discuss how solutions from the two companies can be used together to obtain end-to-end network visibility.

Atlanta and Cisco Live Melbourne, March 19, 2012 – Lancope, Inc., a leader in flow-based security and network performance monitoring, today announced the general availability of its StealthWatch^® System 6.2, including advanced capabilities for achieving end-to-end network visibility, as well as new virtual deployment options. Lancope will showcase its new StealthWatch System for improved network and security operations at Cisco Live Melbourne, taking place March 20-23 in Australia.

“Featuring new capabilities for more advanced application, identity and mobile device awareness, StealthWatch 6.2 is being released at an opportune time for enterprise organizations with increasingly complex networks,” said Mike Potts, president and CEO of Lancope. “Today’s enterprises are striving to maintain the integrity and security of their networks amidst trends such as user mobility and bring-your-own-device (BYOD) environments, and the latest version of our StealthWatch platform is designed to help them succeed in these efforts.”  

By harnessing the power of NetFlow and other flow data from existing infrastructure, StealthWatchenables organizations to cost-effectively uncover the full spectrum of issues facing today’s network environments – from performance problems to zero-day cyber attacks and internal security threats.  

New StealthWatch 6.2 features include:

• Virtualized deployment options for the StealthWatch Management Console and StealthWatch FlowCollector
• Integration with the Cisco Identity Services Engine (ISE) for enhanced identity and device awareness to combat advanced threats (More information can be found at:http://www.lancope.com/resource-center/partner-integration-briefs/cisco-ise-integration/.)
• Enhanced mobile device security for addressing BYOD challenges
• New levels of application awareness through the use of advanced URL data for expedited troubleshooting and forensic investigations
• Support for IPFIX, enabling users to embrace next-generation flow protocols
• FIPS 140-2 support through RSA BSAFE Crypto-J for enhanced compliance
• Support for flow data from Palo Alto Networks’ Next-Generation Enterprise Firewalls,enabling integrated internal and external monitoring 

Lancope continues to evolve the StealthWatch platform to enable seamless network security and high levels of performance amidst a constantly-evolving technology and threat environment. StealthWatch 6.2 is currently available with entry level system pricing beginning at U.S. domestic $54,995. Further details on version 6.2 can be found at http://www.lancope.com/news-events/press-releases/virtualized-solution-contextual-awareness/.   

Lancope will exhibit StealthWatch 6.2 at Cisco Live Melbourne Booth #WEP06. More information on Cisco Live, Cisco’s annual marquee event, can be found at: http://www.cisco.com/web/ANZ/cisco-live/index.html. 

Lancope and Cisco will also host a complimentary webinar on March 22 focused on obtaining end-to-end network visibility. To register, go to: http://www.lancope.com/news-events/webinars/network-visibility/.

About Lancope
Lancope^®, Inc. is a leading provider of flow-based monitoring solutions to ensure high-performing and secure networks for global enterprises. Unifying critical network performance and security information for borderless network visibility, Lancope provides actionable insight that reduces the time between problem identification and resolution. Enterprise customers worldwide, including healthcare, financial services, government and higher education institutions, rely on Lancope to make better network decisions, respond faster to network problem areas and avoid costly outages and downtime — at a fraction of the cost of conventional network monitoring solutions. With Lancope, you can know your network and run your business better. Privately held and venture-backed, Lancope is headquartered in Atlanta, Georgia. For more information, visitwww.lancope.com.

# # #

©2012 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.

Media Contacts:

Jody Ma Kissling 
770-225-6513
jma@lancope.com

Bill Keeler/Lesley Sullivan
Schwartz MSL
781-684-0770
lancope@schwartzmsl.com

ATLANTA, March 12, 2012 – Lancope, Inc., a leader in flow-based security and network performance monitoring, today announced that its StealthWatch^® System now integrates with the Cisco Identity Services Engine (ISE). Now, mutual customers can expand upon the Cisco identity-aware security framework by obtaining internal monitoring that delivers complete visibility across the core, distribution and access layers of the network. Additionally, to help mutual customers with contextual awareness for advanced cyber threats, the StealthWatch platform will access feeds on identity and device data from the Cisco ISE. 

“Alongside Borderless Networks and a seamless user experience, Cisco is committed to delivering intelligent security solutions that are embedded into network infrastructure for optimal efficacy and efficiency,” said Russell Rice, director of Security Product Management at Cisco. “Combining the unique line-rate Cisco NetFlow telemetry capabilities from Cisco infrastructure devices with the analysis capabilities of Lancope’s StealthWatch System enables enhanced threat visibility in the network interior where threat defense deployments are often minimal. We work with many developers, like Lancope, to help today’s enterprises achieve enhanced levels of network security and performance.” 

The Cisco ISE is a powerful and flexible attribute-based access control solution that enables customized access to corporate resources based on user/endpoint identity. As a key element of Cisco’s SecureX context-based security architecture and the Cisco TrustSec solution for intelligent access control, it enables tight security and consistent policy enforcement no matter when, where or how a host is connecting to the network. The ISE authenticates and authorizes user and device access to corporate resources based on a wide range of identifying features including user role, device type, security posture, location, and a variety of other context. 

Sold separately from the Cisco ISE, Lancope’s StealthWatch System extends powerful security measures to the internal network by continuously monitoring host behavior – no matter which device is being used. By collecting and analyzing unsampled NetFlow and other flow data from Cisco infrastructure, StealthWatch delivers end-to-end situational awareness for dramatically improved network troubleshooting and risk posture. Through sophisticated behavioral analysis, the system identifies both externally-launched attacks such as advanced persistent threats, as well as insider risks including network misuse, policy violations and data leakage. 

“In today’s environment of IT consumerization and user mobility, traditional, reactive security measures can no longer be relied upon to preserve enterprise network integrity and safety,” said Mike Potts, president and CEO of Lancope. “Lancope and Cisco are delivering advanced, proactive security solutions that offer better, more cost-effective protection both now and for the future.” 

The combination of StealthWatch and Cisco ISE enables customers to aggregate user, workstation, location, device type and other identity data with network and security intelligence from flow-enabled devices, offering a thorough view of network activity. This complete visibility across all layers of the network assures strengthened security postures even amidst emerging network challenges such as bring-your-own-device (BYOD) environments, and provides numerous additional benefits including improved network performance, forensics and regulatory compliance.

The Cisco Developer Network unites Cisco with third-party developers of hardware and software to deliver tested interoperable solutions to joint customers. As a Registered Developer, Lancope offers a complementary product offering and has started to collaborate with Cisco to meet the needs of joint customers. With offerings such as the StealthWatch System, customers can more quickly deploy a broad range of Cisco Compatible business applications, devices or services that can enhance the capabilities, performance and management of their Cisco network. For more information on StealthWatch^® System interoperability with the Cisco Identity Services Engine (ISE) go to: http://developer.cisco.com/web/partner/search?p_p_col_pos=1&accountId=0014000000VJVKiAAP

About Lancope
Lancope®, Inc. is a leading provider of flow-based monitoring solutions to ensure high-performing and secure networks for global enterprises. Unifying critical network performance and security information for borderless network visibility, Lancope provides actionable insight that reduces the time between problem identification and resolution. Enterprise customers worldwide, including healthcare, financial services, government and higher education institutions, rely on Lancope to make better network decisions, respond faster to network problem areas and avoid costly outages and downtime — at a fraction of the cost of conventional network monitoring solutions. With Lancope, you can know your network and run your business better. Privately held and venture-backed, Lancope is headquartered in Atlanta, Georgia. For more information, visit www.lancope.com.

* Interoperability testing is designed to simulate typical customer configurations, and does not replace the need for on-site testing in conjunction with actual implementation.

# # #

©2012 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.

Media Contacts:

Jody Ma Kissling

770-225-6513

jma@lancope.com

Bill Keeler/Lesley Sullivan

Schwartz MSL

781-684-0770

lancope@schwartzmsl.com

What does this mean for security professionals at these companies? Most of us would agree that personal devices pose a greater risk than company provided hardware. At the same time, the idea behind allowing these devices on the network is to increase productivity and worker happiness, so restricting their access is generally counterproductive. If we have to give them access to the same resources, we should at least make sure they are protected as well as company provided systems, but because the systems are employee owned, users have administrative rights and can undo anything IT puts in place. Worse yet, employees are often resistant to installing anti-virus packages and the like because they decrease system performance. So what is the security professional to do? We need to give them access to the resources that make them productive, but the machines frequently will be more vulnerable (unpatched, no AV, etc…) than what we’ve traditionally accepted in terms of risk.

If you’re a fan of the Zero Trust model Forrester espouses, hopefully you already have a number of the components needed to monitor these networks. All devices whether employee provided or not need to be audited, inspected, and monitored. In many instances a network-based approach is more cost effective than client side packages on every device, but in the case of BYOD environments network based tools are often the only way. As such, the network monitoring should be as close to the devices as we can get. Flow data happens to be a very cost effective way to perform this task because it is present through so much of the infrastructure. Its like a lightweight sniffer trace on almost every port in the network without the ridiculous data storage requirements and cost. Layering this data into an expert system like StealthWatch to perform Behavioral Analysis takes it from an audit and forensics tool, into an operational response engine capable of detection and even mitigation.

For more information on Securing BYOD environments with Flow data, check out our Mobile Device Webinar tomorrow. 

Image by Tim Wilson.

ATLANTA, Feb. 13, 2012 – Lancope, Inc., a leader in flow-based security and network performance monitoring, will host a complimentary webinar on mobile device security on Wednesday, February 22 at 11:00 a.m. ET / 8:00 a.m. PT. Participants will learn how flow collection and analysis can seamlessly extend network visibility and security to users’ personal smartphones, tablets and laptops to address the growing bring-your-own-device (BYOD) trend. To register for the webinar, go to: http://www.lancope.com/news-events/webinars/mobile-device/.  

As an increasing number of mobile devices make their way onto corporate networks, enterprises require a more comprehensive security solution for adequately protecting their infrastructure. Unfortunately, mobile users often circumvent corporate security policies and safeguards, and it is too cumbersome – and often impossible – to install and manage security software on every new device. With NetFlow and other types of flow data, organizations can cost-effectively gain the situational awareness needed to maintain high levels of security and performance amidst a constantly-evolving network and mobile environment.

Join this webinar and learn how to address BYOD and IT consumerization on your network without having to install additional software or deploy expensive probes:

WHO:             Joe Yeager, Director of Product Management, Lancope

WHAT:          “Securing Mobile Devices for BYOD Environments”

WHEN:          Wednesday, February 22 at 11:00 a.m. ET / 8:00 a.m. PT

REGISTER:  http://www.lancope.com/news-events/webinars/mobile-device/

Attendees will learn how to:

• gain complete network visibility across all devices
• detect anomalous behavior originating from users’ personal smartphones, tablets or laptops
• quickly and easily uncover externally-launched, zero-day attacks, and internal threats – regardless of the device being used
• ensure high levels of performance for mobile users by quickly assessing issues that may be causing a slowdown 

Seventy-five percent of companies currently allow employee-owned mobile devices to be used at work, and mobile devices will exceed PCs in both shipments and spending in 2012. Now is the time for organizations to update their security framework to embrace the influx of mobile devices onto corporate networks. By analyzing mobile device information collected from existing network infrastructure, Lancope’s StealthWatch^® System proactively detects issues stemming from any device. 

To register for the webinar, go to: http://www.lancope.com/news-events/webinars/mobile-device/. For more information on StealthWatch, please visit: http://www.lancope.com/products/.

About Lancope
Lancope^®, Inc. is a leading provider of flow-based monitoring solutions to ensure high-performing and secure networks for global enterprises. Unifying critical network performance and security information for borderless network visibility, Lancope provides actionable insight that reduces the time between problem identification and resolution. Enterprise customers worldwide, including healthcare, financial services, government and higher education institutions, rely on Lancope to make better network decisions, respond faster to network problem areas and avoid costly outages and downtime — at a fraction of the cost of conventional network monitoring solutions. With Lancope, you can know your network and run your business better. Privately held and venture-backed, Lancope is headquartered in Atlanta, Georgia. For more information, visit www.lancope.com. 

# # #

©2012 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.

Media Contacts:

Jody Ma Kissling 

770-225-6513

jma@lancope.com

Bill Keeler/Lesley Sullivan

Schwartz MSL

781-684-0770

lancope@schwartzmsl.com

*Photo by MIKI Yoshihito

ATLANTA, Feb. 13, 2012 – Lancope, Inc., a leader in flow-based security and network performance monitoring, will host a complimentary webinar on mobile device security on Wednesday, February 22 at 11:00 a.m. ET / 8:00 a.m. PT. Participants will learn how flow collection and analysis can seamlessly extend network visibility and security to users’ personal smartphones, tablets and laptops to address the growing bring-your-own-device (BYOD) trend. To register for the webinar, go to: http://www.lancope.com/news-events/webinars/mobile-device/.  

As an increasing number of mobile devices make their way onto corporate networks, enterprises require a more comprehensive security solution for adequately protecting their infrastructure. Unfortunately, mobile users often circumvent corporate security policies and safeguards, and it is too cumbersome – and often impossible – to install and manage security software on every new device. With NetFlow and other types of flow data, organizations can cost-effectively gain the situational awareness needed to maintain high levels of security and performance amidst a constantly-evolving network and mobile environment.

Join this webinar and learn how to address BYOD and IT consumerization on your network without having to install additional software or deploy expensive probes:

WHO:             Joe Yeager, Director of Product Management, Lancope

WHAT:          “Securing Mobile Devices for BYOD Environments”

WHEN:          Wednesday, February 22 at 11:00 a.m. ET / 8:00 a.m. PT

REGISTER:  http://www.lancope.com/news-events/webinars/mobile-device/

Attendees will learn how to:

• gain complete network visibility across all devices
• detect anomalous behavior originating from users’ personal smartphones, tablets or laptops
• quickly and easily uncover externally-launched, zero-day attacks, and internal threats – regardless of the device being used
• ensure high levels of performance for mobile users by quickly assessing issues that may be causing a slowdown 

Seventy-five percent of companies currently allow employee-owned mobile devices to be used at work, and mobile devices will exceed PCs in both shipments and spending in 2012. Now is the time for organizations to update their security framework to embrace the influx of mobile devices onto corporate networks. By analyzing mobile device information collected from existing network infrastructure, Lancope’s StealthWatch^® System proactively detects issues stemming from any device. 

To register for the webinar, go to: http://www.lancope.com/news-events/webinars/mobile-device/. For more information on StealthWatch, please visit: http://www.lancope.com/products/.

About Lancope
Lancope^®, Inc. is a leading provider of flow-based monitoring solutions to ensure high-performing and secure networks for global enterprises. Unifying critical network performance and security information for borderless network visibility, Lancope provides actionable insight that reduces the time between problem identification and resolution. Enterprise customers worldwide, including healthcare, financial services, government and higher education institutions, rely on Lancope to make better network decisions, respond faster to network problem areas and avoid costly outages and downtime — at a fraction of the cost of conventional network monitoring solutions. With Lancope, you can know your network and run your business better. Privately held and venture-backed, Lancope is headquartered in Atlanta, Georgia. For more information, visit www.lancope.com. 

# # #

©2012 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.

Media Contacts:

Jody Ma Kissling 

770-225-6513

jma@lancope.com

Bill Keeler/Lesley Sullivan

Schwartz MSL

781-684-0770

lancope@schwartzmsl.com

*Photo by MIKI Yoshihito

• FierceMobileIT: Lancope unveils offering to tame the BYOD beast
• Help Net Security: Security for IT consumerization