PACKETVIPER NEXT GENERATION GEO-IP FILTER

PACKETVIPER PRESENTATION

GOALS

▸ Healthcare State of the Union

▸ PacketViper Internal LAN Use

▸ Challenges facing internal networks ▸ The importance ▸ Cause and Effect

▸ Volume effect on SIEM’s

AHN “STATE OF THE UNION”

UNDERSTANDING HEALTHCARE NEEDS

▸ Current and future challenges (threats, remediation, human resources)

▸ New technologies acquisitions

▸ Problems to solve

PACKETVIPER INTERNAL USE

INTERNAL CHALLENGES

▸ Traffic Volume

▸ Logging and Alerting

▸ Timely Management of Alerts

▸ Investigation and Remediation

▸ Human Network Resources

▸ Consistency and Vigilance

▸ Breakout risk and control

0102030405060708090

100

WEEK 1 WK1 WK2 WK3 WKK4 WK5 WK6 WK7 WK8 WK9 WK10 WK11 WK12

Excitement Alerting Fatigue Oversight

ALERTING, TIME. RISKS OVERSIGHT

Damballa’s State of Infections Report.Average enterprise network generate an aggregate average of 10,000 security events per day

The scope of work required to identify a genuine infection, or questionable connections from the deluge of security events hitting businesses every day. Security Fatigue is a very real thing and as time passes a convergence of the product (SIEM, Event Manager) excitement, alerting, and fatigue leads to a higher risk of oversight, .

"The sheer volume of alerts received and the limited timeframe available to investigate indicates that manual efforts are not enough"

InfoSecurty Magazine:

NETWORK LAN SECURITY

WHY AM I LOOKING AT A EGG?

▸Hard Shell

▸Soft centerVulnerable Soft

Center

INTERNAL NETWORK CHALLENGES

IDENTIFYING THREATS AND POTENTIAL BOTTLE NECKS

NETWORK PEAKS, VALLEYS, AND CONGESTION

▸ Identifying the peak traffic by setting baselines periodically

▸ Understanding the business flow and time frames of the peaks

▸ Understanding what is generating the traffic

▸ Who is receiving the traffic

▸ Limiting or Preventing connection

UNITED STATES - MEXICO BORDER

MANAGE INFORMATION OVERLOAD

‣ Reduce garbage in…garbage out.

‣Manage only essential network information within SIEM

‣ Provide traffic control on top of centralized management

‣ Faster operational decisions

PACKETVIPER SOLUTION

▸ Fast Implementation

▸ Controls threats and risky connections at the source network

▸ Limits breakouts, control floods

▸ Reduces information overload

▸ NOT costly to operate

▸ Improves Network and Security teams efficiency

▸ Does not generate additional network load

▸ Does not require agents

▸ Centralized security management

SIMPLIFY, LESSEN, AND CONTROL

STEP 1 STEP 2

PacketViper EM/SIEM

Take control of the connection

Lower logging

Lower false positives

Lower load

Improves Accuracy

Less Alerts

Lower usage

Less Rules

API

Improves

PACKETVIPER SIEM SYNERGY

W I L L PA C K E T V I P E R R E A L LY H E L P Y O U ?

Try our FREE 5*10*25 ProgramGoal: Prove complimentary internal use case

‣ Hardware evolution form ‣ Identify host network segment ‣ Determine inline or mirror

deployment ‣ Deploy PacketViper ‣ Baseline performance ‣ Review traffic and recommend

configuration ‣ Determine network scope

GET PACKETVIPER A SIEM WILL LOVE YOU FOR IT

END