In a growing enterprise network with changing applications, and growing access to networks from remote employees and 3rd-parties, understanding real usage and user behaviors is essential to operations and maintenance of network management. Moreover, the number of DoS / DDoS, worms and insider threats attacking critical internal resources are on the rise, making enterprises more vulnerable than ever.
Entire Enterprise Network Profiling
Agent-based solutions are expensive to deploy on an entire enterprise basis, and the complexity inherent in deploying and managing hundreds or thousands of devices is a major challenge.
Receiving IP flow packets from existing network devices in place, GenieATM provides simple, cost-effective means to profile the entire enterprise network traffic, and offers network- wide continuous and real-time session or transaction visibility, even on high speed, highly segmented internal networks. GenieATM maintains network health through pervasive visibility and traffic flow analysis. With built-in network topology models and accelerated flow processing algorithm, GenieATM provides abundant traffic monitoring and high-performance customizable analysis on different offices, business units, server farms, data centers and services. It also enables cost-center analysis on traffic as well as network performance monitoring and planning.
Security Beyond Perimeter Firewall and IDS/IDP
While conventional security products such as firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs) and anti-virus gateways have helped with known-signature attacks from the network perimeter, they have limitations on recognizing and eliminating unknown threats or attacks launched by internal users. Some DoS/DDoS attacks even aim for firewalls thus leaving the enterprise networks unshielded. Therefore, finding new ways to detect traffic attacks and mitigate possible damages has become an important issue to all enterprise networks.
For enterprises seeking measures to ensure internal security against unknown attacks and insider threats with a scalable and enterprise-wide solution, GenieATM is embedded with Network Behavior Analysis based Detection (NBAD) engine and is the perfect solution. GenieATM instantly detects threats that originate inside the network perimeter and the presence of policy-violated internal network connections. With its NBAD-engine, GenieATM detects zero-day attacks, worms as well as other traffic abuse effectively.