SMC 5XX/10XX HW REFRESH PROGRAM Product Details
StealthWatch is the first and only flow-based solution to combine powerful network performance monitoring with behavior-based anomaly detection to deliver total network visibility, ensuring network security, performance and availability. This flowbased approach enables cost-effective protection of hosts and networks without requiring probes, agents or continuous signature updates.StealthWatch leverages existing network infrastructure investment by analyzing NetFlow and sFlow inherent in Cisco, Juniper, Foundry, Extreme or HP ProCurve network environments. As flows enter the StealthWatch System, flow collectors generate and track over 90 unique flow statistics to build a baseline of behavior exhibited by network hosts.Applying a series of over 130 proprietary behavioral algorithms to the flow statistics, StealthWatch generates an index or "point system" for suspicious network activity called the Concern Index. The patent-pending Concern Index prioritizes suspicious host behavior and allows for threshold-driven response and automated mitigation actions using existing routers, switches or firewalls to quarantine or remove hosts.Lancope's innovative user identity tracking technology integrates user identity and system awareness into the StealthWatch System, tying flow data, alarms, alerts and host behaviors directly to the actual user responsible for the activity. User identity tracking overcomes troublesome environments such as DHCP and VPN address pools. At the click of a mouse, StealthWatch operators can quickly reveal both which user and which system is logged into a network node or view a given user's network activity.