ThreatARMOR
Help Protect from Zero Day Malware Mutations
Block up to 80% of Malicious Traffic—Including Botnets and Ransomware
PROBLEM: PAYING THE PRICE FOR PROTECTION
IT security teams try to sift through the mountains of SIEM alerts, firewall logs, and IPS alarms to find and stop malware infections, ransomware, and data breaches before they wreak havoc—a time-intensive chore. But the Ponemon Institute has documented that the nonstop flood of alerts means that only 29% of security alerts are ever investigated. Vital clues are missed. Also, the average time to detect a breach is 170 days, which is more than enough time for sensitive data to be stolen or encrypted and held for ransom. With the cost of a data breach at $4M worldwide, it is critical to disrupt botnets and bring the mass of security alerts under control.
SOLUTION: STOP MALWARE. IMPROVE VISIBILITY
ThreatARMOR™ cuts straight to the core of the problem by automatically blocking much of the network communication that malware needs to download instructions or transmit sensitive data. It prevents network probes, phishing clicks, and all traffic to and from untrusted countries. This reduces the risk from attacks such as zero-day ransomware mutations along with up to 80% of the malicious connections that threaten the network and generate floods of security alerts. Ixia’s ATI Research Center provides an always-on stream of geolocation and threat intelligence for ThreatARMOR—individually validating every single blocked IP address, every single day. Detailed Rap Sheets provide clear, on-screen proof of malicious activity for all blocked sites to mitigate the risk of false positives.
Ixia’s range of Bypass switches can be combined with ThreatARMOR to enhance the effectiveness and availability of existing and new cyber defenses.
THREATARMOR IS UNIQUE
Next-gen firewalls are great at DPI and threat detection, but they are not optimized for massive-scale blocking of malicious, hijacked, and untrusted IP addresses. Even if they can import a threat intelligence feed, their performance suffers dramatically when trying to block the tens of millions of IP addresses in the Rap Sheet database. ThreatARMOR complements next-gen firewalls by offloading massive-scale blocking so that they can allocate more resources to content inspection, user policies, VPN termination, and other features while generating fewer security alerts.
FEATURES
As a standalone security appliance, Ixia ThreatARMOR can quickly and easily reduce a company’s overall attack surface, freeing its security tools to do more than ever before. The combination of Ixia ThreatARMOR with an overall visibility architecture or Inline Security Framework amplifies a company’s effectiveness and resilience in ways not previously possible. Together, they represent an ideal solution for companies looking to develop an architectural approach to ensuring end-to-end visibility and security.
- Reduces attack surface by eliminating known-bad traffic
- Stop traffic from unwanted countries
- Quickly identify compromised internal systems
- Stops connections, both inbound and outbound, involving known malware, botnet, and phishing sites
- No false positives – clear proof of criminal behavior for all blocked sites
- Dual redundant power supplies and integrated bypass for maximum reliability
- Available as 1GbE copper and 10GbE fiber speeds
- Provides resilient, failsafe inline operation
contact us to discuss your requirements
With Iris Networks, you’re in safe hands.
