Cisco Secure Network Analytics provides enterprise-wide network visibility to detect and respond to threats in real time. The solution continuously analyzes network activities to create a baseline of normal network behavior. It then uses this baseline, along with non - signature-based advanced analytics that include behavioral modeling and machine learning algorithms, as well as global threat intelligence to identify anomalies and detect and respond to threats in real time. Secure Network Analytics can quickly and with high confidence detect threats such as Command-and-Control (C&C) attacks, ransomware, Distributed-Denial-of-Service (DDoS) attacks, illicit cryptomining, unknown malware, and insider threats. With an agentless solution, you get comprehensive threat monitoring across the entire network traffic, even if it's encrypted.
Organizations have already invested a lot into their IT infrastructure and security. Yet, threats continue to find ways to get through. Moreover, it often takes months or even years to detect breaches. This lack of visibility is a function of continuously growing network complexity and constantly evolving threats. Security teams with limited resources and disjointed tools can only do so much. Practically all organizations have security solutions, such as firewalls, but how do they know whether these tools are working, managed, and configured correctly? How do they know that these tools are doing the job that they need them to do?
Cisco decided to turn the problem on its head - why not enlist your existing investment, the network, to secure your organization? The network telemetry is a rich data source that can provide valuable insights about who is connecting to the organization and what they are up to. Everything touches the network, so this visibility extends from the HQ to the branch, data center, roaming users, smart devices extending to private and public clouds. Analyzing this data can help detect threats that may have found a way to bypass your existing controls before they are able to have a major impact.
The solution is Secure Network Analytics, which enlists the network to provide end-to-end visibility of traffic, on- premises as well as in private and public clouds. This visibility includes knowing every host and seeing who is accessing which information at any given point. From there, it's important to understand what is normal behavior for a particular user or "host" and establish a baseline from which you can be alerted to any change in the user's behavior the instant it happens. |
-
No more blind spots
Secure Network Analytics is the only security analytics solution that can provide comprehensive visibility across the private network and into the public cloud without deploying sensors everywhere. It is also the first solution to detect malware in encrypted traffic without any decryption.
-
Focus on incidents, not noise
By using the power of behavioral modeling, multilayered machine learning, and global threat intelligence, Secure Network Analytics significantly reduces false positives and alarms on critical threats affecting your environment.
-
Catch them in the act
Secure Network Analytics constantly monitors the network to detect advanced threats in real time. Stealthy attacks are commonly preceded by activities such as port scanning, constant pinging, and reconnaissance tactics. The solution recognizes these early warning signs and alarms on them to stop attackers early on. Once threats are identified, users can also conduct forensic investigations to pinpoint their source and determine where else it may have propagated.
-
Make the most of your investment
With an agentless solution, you are using the rich telemetry generated by your existing network infrastructure to improve your security posture.
-
Scale security with business growth
Now there's no need to compromise on security as the business needs to change. Whether you are adding a new branch or a data center, moving workloads to the cloud, or simply adding more devices, any Secure Network Analytics deployment can easily provide coverage by scaling to the needs of your network. It can be deployed on-premises or in the cloud, can be consumed as a SaaS-based or license-based solution, and provides automatic role classification capabilities to automatically classify new devices as they are added to the network.
-
Integrate your security ecosystem with SecureX
The solution comes with the SecureX platform built-in to offer extended threat investigation and response capabilities. Secure Network Analytics integrates with SecureX to unify visibility, simplify threat response and enable automation across every threat vector and access point.
|
