01/15/2007

Lancope, Inc., the provider of StealthWatch™, a widely used network behavior analysis (NBA) and response solution, today announced that its StealthWatch System now integrates with TippingPoint’s Intrusion Prevention System (IPS) quarantine capability for in-line policy enforcement and attack control to protect endpoints from internal and external threats.

ebizQ received the following details:

This interoperability extends StealthWatch’s powerful behavior-based network performance monitoring and anomaly detection with TippingPoint’s ability to quarantine and isolate infected endpoints for remediation.

As the leading flow-based solution that delivers cost effective, end-to-end network visibility, StealthWatch leverages the existing network infrastructure by aggregating NetFlow and sFlow data from Cisco, Foundry, Extreme, Juniper, and HP ProCurve routers and switches as well as native flow capture to detect malicious behavior across geographically dispersed enterprises. Once identified by StealthWatch, infected devices can be contained for remediation through TippingPoint’s quarantine capability, which works with TippingPoint systems and existing network switches or management systems to block malicious traffic, and contain infected end points for remediation of infected devices.

Through this interoperability, StealthWatch users can utilize TippingPoint’s broad and flexible set of enforcement capabilities, which include displaying a remediation Web page, blocking a port, or redirecting the infected end point to a secure VLAN based on administrator policy. By ensuring any device can be contained for remediation, businesses maintain a healthy network and block the internal spread of attacks, significantly reducing technical support calls and costs.

“This is an important step in the evolution of enterprise security,” said Neal Hartsell, vice president of marketing for TippingPoint. “Security is getting more complex to administer and manage. One way to alleviate complexity is to extend the power of our IPS’s traffic classification and policy enforcement strength to network behavior analysis tools – enabling customers to maximize their existing security investments, automate end point security, and reduce the cost and complexity of overall security policy enforcement.”

“This integration brings together best of breed NBA and IPS technologies to enhance security postures and improve network health, while reducing the total cost of security management,” said Harland LaVigne, president and CEO of Lancope. “By partnering with TippingPoint, we are furthering our commitment to provide our customers with the most expedient and effective means to mitigate risks to the network and eliminate threats.”