Cisco Logo

New Cisco managed security services detects hackers, zero-day threats

Cisco announced a new managed threat detection service that collects real-time telemetry from a customer’s network, alerts the enterprise’s IT team when a threat has entered the network and offers guidance for remediation.

The new Cisco managed security services offering, Managed Threat Defense (MTD), begins with a Hadoop 2.0 cluster that enterprises deploy within their networks. The minimum footprint is a two-rack Cisco Unified Computing System comprised of 30 servers.

“The cluster is ingesting various forms of telemetry — like NetFlow — as well as full packets [captured at data center and Internet ingress and egress points],” said Pablo Salazar, manager within the Cisco Security Solutions organization. “[The cluster] ingests full packets and stores them for forensic purposes, as well as extracts metadata which we use for analytics.”

Metadata from the Hadoop cluster traverses a VPN link to Cisco’s 24-by-7 security operation centers (SOCs) where Cisco engineers detect threats by applying a variety of Cisco’s behavioral analysis and threat detection technologies, as well as using threat intelligence data collected and analyzed by Cisco’s Security Intelligence Operations.

“This operationalizes anomaly detection,” said Bryan Palma, senior vice president of Cisco Security Services. “We don’t tell customers an incident might have happened. We tell them when it happened, what it is and what they need to do to take remediation.”

Complete Story

Advertisements

Share your thoughts

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s