Lancope's StealthWatch System is aimed at both network and security administrators – with an integrated platform that leverages network intelligence for both parties. Leveraging NetFlow, sFlow and packet capture, StealthWatch unifies and optimizes behavior-based anomaly detection and network operations to protect critical information assets and ensure network performance by preventing costly downtime, repair and loss of reputation.
The StealthWatch architecture delivers the six critical components necessary to optimize network performance and streamline security operations:
* Monitor –leverages the network infrastructure to actively detect network problems, security threats and internal employee misuse in real time
* Baseline – discovers assets and inventory and baselines normal network traffic to establish policy and analyze network behavior
* Secure – detects and prioritizes network performance issues, insider misuse and zero-day worms that impact network health and host integrity
* Respond – enables automatic mitigation to stop malicious activity and fix network problems to streamline network optimization and security operations
* Optimize – improves network performance, provides root cause determination and closes the loop on network and security process
* Report – audits and reports of all network communications, host configurations, user identity and behavior for policy and regulatory compliance