Go on Offence, Hunt for Attacks on Your Network in Real-Time with Arbor Networks Pravail® Security Analytics On-Premise Solution

Arbor Networks, a leading provider of DDoS and advanced threat protection solutions for enterprise and service provider networks, today introduced the Pravail^® Security Analytics appliance, an on-premise analytics solution that enables security teams to monitor and investigate threat activity as it occurs. Seeing attack data in real-time gives security teams the tools required to actively hunt threats lurking in their networks.

Pravail Security Analytics recognises that targeted attacks against today’s enterprises are rarely a singular event but a long running campaign that starts with a simple compromise and escalates into a larger incident involving unauthorised access and data theft. Pravail Security Analytics swiftly mines terabytes of data from the richest source of network information – full packet captures – to identify activity that indicates the system has been compromised. By monitoring network activity in real time, organisations can quickly identify attackers and track their movements within the network, showing definitively when and how long an attack occurred, as well as what systems were impacted. 

“The CISOs I talk to are frustrated by the status quo and are looking to break out of a model that is, by design, alert-driven and reactionary. Pravail Security Analytics gives power and control back to the security team – enabling them to proactively hunt for the attacks that are putting the business at risk versus simply investigating alerts. By focusing their efforts on the hunt, security teams are able to quickly identify and stop the most stealthy attacks, minimising damage to the business,” said Arbor Networks President Matthew Moynahan.

“Preventing the exfiltration of data is futile without the ability to detect before it’s too late. To be successful at hunting for an attacker, security teams need visibility, speed, accuracy and analysis across historical and real-time data. Pravail Security Analytics enables security teams to focus their attention where it matters most,” said IT Harvest founder Richard Stiennon.

Key Product Features

Real-Time Packet Capture and Analysis for Faster Threat Resolution

The Pravail Security Analytics appliances can capture and analyse data as it occurs. For security and incident response teams, this allows for immediate discovery and investigation of threats – speeding overall time to resolution. Attacks can be filtered in real-time to allow security teams to focus on a single attacker or attack in amongst billions of packets.

Data Looping for Enhanced Forensics

Whenever Pravail Security Analytics security intelligence is updated or custom rules are created, stored packet captures of older traffic can be looped through the system to uncover previously undetected threats. By uncovering existing compromise, security and forensic teams have a clearer picture of when an attack may have started. This is essential for building attack timelines as part of forensic and/or incident response investigations, as well as for identifying – and remediating – vulnerable hosts in the network, which strengthens the organisation’s overall security posture. 

Maximum Data Control for Custom Visibility

Interact with your data like never before. Zoom from years to minutes, move forward and backward in time to follow threats. View data from different perspectives such as Attacking Source, Target, Attack Type or Location of the Attack.

Comprehensive Availability and Threat Detection

Arbor Networks’ ATLAS^® Intelligence Feed is Arbor’s research-based security intelligence service. These policies are developed using a combination of real attack data pulled from multiple sources including ATLAS, the Red Sky Alliance and other partners. This attack data is analysed by Arbor’s expert research team and turned into security policies that are used by Pravail Security Analytics for both DDoS and advanced threat detection.

The ATLAS Intelligence Feed works in tandem with other threat intelligence feeds to provide the most comprehensive detection available for the enterprise. In addition, Pravail Security Analytics includes a custom signature engine that enables organizations to upload their own unique policies.

Cloud Trial and On-Premise Assessments available

Arbor offers multiple options for experiencing the network traffic analytics and attack visualisations provide by Pravail Security Analytics.

On-Premise Attack Discovery and Assessment: In this multi-week trial, organisations will deploy Pravail Security Analytics appliances to capture and analyse network traffic in real time. At the end of the trial period, organisations will have a clear understanding of what attacks are active on their networks, with details on how to begin remediation.

Cloud Trial:  For the cloud trial, organisations can upload captured network traffic to the Pravail Security Analytics Cloud for analysis. The cloud trial license gives organisations 30 days to analyse 1Gbps of captured network traffic. At the end of the trial period, organisations can know where attacks exist and start building timelines of when the compromise may have started.

For both trial options, Arbor has identified several activities that will help prospective customers get the most out of the experience. Visit Pravail.com to learn about which trial option is right for you and to get started evaluating your network. 

Flexible Deployment Options

The addition of the Pravail Security Analytics appliance expands customers’ deployment options. With cloud-only, on-premise or a hybrid approach of cloud with on-premise appliances, customers can select the deployment model to fit with their internal structure as well as regulatory guidelines. For the Cloud SaaS option, customers upload and store data to be analysed using an account created at http://pravail.com. The cloud-only delivery offers organisations an easy-to-use approach for investigating activities and events occurring inside the network.

Supporting Materials:

• Download this white paper to learn more about how Pravail Security Analytics helps the hunted to become the hunter

• Attend this webinar: The Hunted Becomes the Hunter; December 11, 2pm ET; Speakers include securitycurrent’s Mike Saurbaugh and Richard Stiennon alongside Arbor Networks’ Arabella Hallawell

• Review this blog post and infographicfor a snapshot into how Pravail Security Analytics puts security teams on the offensive when it comes to hunting for cyber threats lurking in the network. 

About Arbor Networks
Arbor Networks, Inc. helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor’s advanced threat solutions deliver comprehensive network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and help reduce the risk to their business.

To learn more about Arbor products and services, please visit our website at arbornetworks.com. Arbor’s research, analysis and insight, together with data from the ATLAS^® global threat intelligence system, can be found at the ATLAS Threat Portal.

Trademark Notice: Arbor Networks, the Arbor Networks logo, Peakflow, ArbOS, Pravail, Cloud Signaling, Arbor Cloud, ATLAS, We see things others can’t.^TM and Arbor Networks. Smart. Available. Secure. are all trademarks of Arbor Networks, Inc. All other brands may be the trademarks of their respective owners.