Blue Coat Systems and NetApp are working together to provide high-density storage solutions that enable extended network forensic analysis.
The combination of NetApp's high-density storage and Blue Coat's Security Analytics incident response and forensics solution provides customers a storage solution that expands the capture window from weeks to months within the same physical footprint, according to the companies.
On top of this, customers can retain more evidence that can help to limit exposure in the event of a breach, and replay and reconstruct exactly how the attacker compromised the system and what was extracted.
With the advent of sophisticated targeted attacks, organisations are facing a growing demand for more scalable storage as they work to protect, detect and remediate network attacks, Blue Coat says.
Blue Coat Security Analytics works to provide proactive incident response by constantly detecting malicious activity and enriching the retained data to pin point potential issues. The ability to retain data can reduce the time it takes to discover a breach from weeks to hours, according to the company.
Robert Westervelt, IDC research manager security products, says, “A strong analytics platform gives organisations the ability to modernise the existing investments they've made in their security infrastructure to gain visibility over the increasingly distributed nature of the corporate environment.
“This visibility requires analysis of real-time events and must incorporate historical analysis to identify threats. The evolving nature of the threat landscape and attacker determination to take advantage of the complexities associated with cloud consumption, a mobile workforce and decentralised nature of digital assets demand that organisations support rapid response using this approach. Organisations must improve their ability to contain threats before any widespread damage takes place.
Blue Coat has provided its high-performance, 10G Security Analytics network forensics appliance in a compact 1U form factor. This is capable of capturing, indexing, classifying and replaying all network traffic at speeds up to 10Gbps in a single appliance, incident response.
Combined with NetApp's E-Series system, 240TB of storage can be delivered in only 4U of rack space, expandable to 720TB of storage per Security Analytics appliance. Blue Coat's Security Analytics solution now supports NetApp and the joint solution is available through Blue Coat's resellers.
“Security professionals rely on an unprecedented volume of data that they must be able to swiftly capture, control and analyse,” says Maria Olson, NetApp vice president global and strategic alliances.
“At NetApp, we ensure that security professionals have the freedom and mobility to access the data and insights they need and support key data security and compliance initiatives.
“Customers deploying Blue Coat Security Analytics paired with our E-Series system will be able to store, analyse and retrieve crucial data in a timely and cost effective manner.
“At a time where organisations are being bombarded by security incidents, one of the most critical aspects of an enterprise security solution is to understand exactly what's happening in the network,” says Peter Doggart, Blue Coat vice president business development.
“By integrating our security analytics solution with high-density storage from NetApp, Blue Coat is enabling our customers to conduct much faster analysis and resolution of potential attacks and breaches, even in the largest, most demanding networks.