• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • Contact Us

iHash

News and How to's

  • Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162

    Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162
  • Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249

    Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249
  • Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59

    Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59
  • DNS FireWall: Lifetime Subscription for $59

    DNS FireWall: Lifetime Subscription for $59
  • KeepSolid SmartDNS: Lifetime Subscription for $59

    KeepSolid SmartDNS: Lifetime Subscription for $59
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

Visualize and validate policy, increase remote worker telemetry, and embrace zero trust with Network Analytics Release 7.3.1

Feb 9, 2021 by iHash Leave a Comment


We have heard it before. Securing your organization isn’t getting any easier. The remote workforce is expanding the attack surface. We need context from users and endpoints to control proper access, and IT teams need to ensure our data stores are resilient and always available to gain the telemetry they need to reduce risk. Yes, zero trust is a great approach, but network segmentation in the workplace is hard, and it can shut down critical business functions if not deployed correctly.

To answer these challenges, we are excited to announce new features in Cisco Secure Network Analytics (formerly Stealthwatch). In 7.3.1, we are introducing TrustSec-based visualizations that allow network operations and security teams to instantly validate the intent of policies. This is a big jump that provides organizations the visibility required to confidently embrace network segmentation, a critical component of the zero-trust workplace.

To answer the remote work challenge, the Cisco Secure Network Analytics team has simplified how customers obtain user and endpoint context from AnyConnect. And to ensure the expanded attack surface doesn’t increase risk, Secure Network Analytics has advanced its integration with Cisco Talos, one of the largest threat intelligence teams in the world. But there is more; read on to learn how we virtualized the Data Store to simplify how organizations big and small ensure resiliency and manage the growing volumes of data required to stay a step ahead in the arms race that is network security.

Table of Contents

  • TrustSec Analytics reports offer new ways to visualize group communications between SGTs
  • Streamline policy violation investigations with TrustSec Policy Analytics reports
  • Increased Remote Worker Telemetry
  • Introducing the Secure Network Analytics Virtual Data Store!
  • Enhanced security analytics

TrustSec Analytics reports offer new ways to visualize group communications between SGTs

Secure Network Analytics’ TrustSec Analytics reporting capability leverages the Report Builder application and its integration with Cisco Identity Services Engine (ISE) to automatically generate reports that map communications between Security Group Tags (SGTs) to provide users with unprecedented visibility into all communications across different groups within their environment. For security teams that want to adopt a group-based policy management program to build network segmentation but lack the resources to pursue one, TrustSec Analytics reporting lowers the entry point to doing so. Now any Secure Network Analytics user can effortlessly visualize, analyze, drill down into any inter-group communication, adopt the right policies, and adapt them to their environment’s needs.

TrustSec Analytics Report
Figure 1. A TrustSec Analytics report generated in Secure Network Analytics that displays volumetric communications between different SGTs that have been assigned and pulled directly from ISE.

Streamline policy violation investigations with TrustSec Policy Analytics reports

TrustSec Policy Analytics reports can also be generated to assess whether policies are being violated. By clicking on any cell in the report, users can gain insights into the volume of data being sent between any two groups, how that data is being distributed, the protocols being used, what ports they are operating on, and more.

Additionally, when it comes to the typically lengthy processes associated with determining a policy violation’s root cause, the capabilities offered by the TrustSec Policy Analytics report quite literally enable users to find the proverbial ‘offending-flow needles’ in their vast ‘network haystacks’. Rather than performing hours of cumbersome tasks such as conducting manual searches and cross-references across different datasets, users can get granular by drilling down into policy violations to view all associated IPs and related flows, associated endpoints, ISE-registered usernames, and events with timestamps on single pane. This effectively enables users to streamline their root cause analysis efforts and expedite their ability to diagnose why a policy violation occurred.

TrustSec Policy Analysis
Figure 2. A TrustSec Policy Analytics report generated in Secure Network Analytics with intuitive color-coded cells and labels that indicate whether communications between different SGTs are violating a policy and require further investigation.

Increased Remote Worker Telemetry

Amidst the recent explosion of people working from home, organizations face new challenges related to monitoring and securing their remote workforces as they connect back to the network from anywhere and on anything.

Secure Network Analytics has made endpoint Network Visibility Module (NVM) data the primary telemetry source to meet these challenges, effectively eliminating the need for NetFlow to gain user and device context. Customers are gaining the following benefits:

  • Simplified remote worker monitoring with endpoint NVM data becoming a primary telemetry source
  • More efficient remote worker telemetry monitoring by collecting and storing on-network NVM endpoint records without the need for NetFlow
  • Increased Endpoint Concentrator ingestion bandwidth to support up to 60K FPS
  • NVM driven custom alerting and endpoint flow context
NVM driven custom alerting
Figure 3. Examples of NVM driven custom alerting and endpoint flow context within the Secure Network Analytics Manager.

Introducing the Secure Network Analytics Virtual Data Store!

The Secure Network Analytics Data Store is now supported as a virtual appliance offering. Similar to the Data Store that was introduced in 7.3.0, the virtual Data Store offers a new and improved database architecture design for Secure Network Analytics that enables new ways of storing and interacting with data more efficiently. A virtual Data Store supports a 3-node database cluster with flow ingest from virtual Flow Collectors.  This new architecture decouples ingest from data storage to offer the following benefits:

  • Query and reporting response times improved by a significant (10x faster!) magnitude
  • Scalable and long-term telemetry storage capabilities with no need for additional Flow Collectors
  • Enterprise-class data resiliency to allow for seamless data availability during virtual machine failures
  • Increased data ingest capacity of up to 220K flows per second (FPS)
  • Flexible deployment options – as a fully virtualized appliance, the Virtual Data Store does not require additional rack space and can be rapidly deployed using your existing infrastructure

Enhanced security analytics

As threats continue to evolve, so do the analytical capabilities of Secure Network Analytics to deliver fast and high-fidelity threat detections. The cloud-based machine learning engine has been updated to include:

  • System alarms have been ported to appear as notifications in the Web UI
  • Brand new confirmed threat detections related to ransomware, remote access trojans (RAT) and malware distribution
New confirmed ransomware
Figure 4. New confirmed ransomware, remote access trojan (RAT) and malware distribution-related threat detections.

To learn more about this release, check out the Release 7.3.1 Release Notes.

Don’t have Secure Network Analytics? Learn more by visiting https://www.cisco.com/go/secure-network-analytics or try the solution out for yourself today with a free visibility assessment.

 

Share:



Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: Analytics, embrace, Increase, Network, Policy, release, remote, telemetry, Trust, validate, Visualize, Worker

Special Offers

  • Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162

    Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162
  • Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249

    Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249
  • Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59

    Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59
  • DNS FireWall: Lifetime Subscription for $59

    DNS FireWall: Lifetime Subscription for $59
  • KeepSolid SmartDNS: Lifetime Subscription for $59

    KeepSolid SmartDNS: Lifetime Subscription for $59

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

Dell OptiPlex 5040 (RGB) Desktop Quad Core Intel i5 (3.2GHz) 16GB DDR3 RAM 500GB SSD Windows 10 Pro (Refurbished) for $249

Jun 6, 2023 By iHash

The Importance of Data Quality in Benefits

Jun 6, 2023 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news cybersecurity Cyber Security cyber security news cyber security news today cyber security updates cyber threats cyber updates data data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS 7 iOS 8 iPhone Malware microsoft network security ransomware ransomware malware risk management Secure security security breaches security vulnerabilities software vulnerability the hacker news Threat update video web applications

Latest

Dell OptiPlex 7010 RGB Desktop Quad Core Intel i5 (3.2GHz) 8GB DDR3 RAM 250GB SSD Windows 10 Pro (Refurbished) for $162

Expires January 20, 2123 00:37 PST Buy now and get 62% off KEY FEATURES A reliable desktop for both home and office use. Dell OptiPlex 7010 Desktop is powered by an Intel Quad-Core i5-3450 processor running at 3.2GHz making it perfect for built for professional-grade multitasking, high-speed web browsing, multimedia applications like streaming, or even […]

Apple announces winners of the 2023 Apple Design Awards

June 5, 2023 UPDATE Apple announces winners of the 2023 Apple Design Awards At WWDC23, winners are recognized for excellence in innovation, ingenuity, and technical achievement in app and game design Today, Apple proudly unveiled the winners of its annual Apple Design Awards, celebrating 12 best-in-class apps and games. This year’s winners, spanning development teams around […]

Zerrio: The Ultimate All-In-One Business Management Toolkit (Lifetime Subscription) for $59

Expires June 06, 2123 23:59 PST Buy now and get 93% off KEY FEATURES Zerrio is more than just a business management tool — it’s a partner that supports your success every step of the way! With over 60+ business tools, Zerrio is your one-stop business management hub. For one low monthly fee, you can […]

Dotan Horovits

From Spotify to Open Source: The Backstory of Backstage

Technology juggernauts–despite their larger staffs and budgets–still face the “cognitive load” for DevOps that many organizations deal with day-to-day. That’s what led Spotify to build Backstage, which supports DevOps and platform engineering practices for the creation of developer portals. Eventually, Spotify made the decision to open source Backstage and donate it to the Cloud Native […]

Passwarden PW Manager Lifetime Subscription for $79

Expires June 04, 2024 23:59 PST Buy now and get 60% off KEY FEATURES Safe password manager for those who value security! Passwarden is a secure password manager that simplifies and strengthens your digital life by securely storing and managing all your passwords in one place. It utilizes strong AES-256 encryption algorithms to protect your […]

Heard on the Street – 6/5/2023

Welcome to insideBIGDATA’s “Heard on the Street” round-up column! In this regular feature, we highlight thought-leadership commentaries from members of the big data ecosystem. Each edition covers the trends of the day with compelling perspectives that can provide important insights to give you a competitive advantage in the marketplace. We invite submissions with a focus […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2023
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT