Cisco’s Hadoop-Based Security Tool

Tuesday, April 22, 2014 @ 04:04 PM gHale

A managed threat defense service will utilize an analytics approach based on an on-premise Hadoop infrastructure to monitor network traffic.

By doing this, it should better protect corporate networks against attacks from malware and intruders trying to steal sensitive data, said Cisco officials who just released the service.

Attackers Use a Malware Potpourri
PowerShell Used for Power Malware
Email Trojan Malware Within Malware
Attacks Continue from Compromised Sites

The networking giant said its Managed Threat Defense uses Hadoop 2.0 to apply predictive analytics to network traffic in order to create a unique profile of the network and monitor it against up-to-date intelligence from Cisco and other users, and employs heuristics designed to spot anomalous traffic patterns.

This approach, combined with traditional methods, enables the platform to defend against known intrusions, Zero Day attacks and advanced persistent threats, Cisco said.

Organizations are struggling with the challenges of a dynamic threat landscape and fragmentation of security solutions, and this new platform should be able to address those issues, said Cisco’s Vice President of Security Solutions Bryan Palma on the Cisco security blog.

“You do not have to worry about assessing the best technology options, retaining the right number of security experts, and constantly staying current with the changing threat landscape. Instead, you can partner with a trusted advisor in a simple cost-effective way,” he said.

Managed Threat Defense is an on-premise solution, composed of hardware, software, and analytics. This includes Cisco Advanced Malware Protection (AMP), Sourcefire FirePOWER, and Cisco Cloud Web Security, as well as Hadoop analytics.

The service is currently available in North America and the Asia Pacific region.

Leave a Reply

You must be logged in to post a comment.