SECURITY’S NEW FRONT LINE OF DEFENSE

Introducing ThreatAMOUR

Today’s ever-increasing attack surface taxes the company’s security systems—firewalls, intrusion prevention systems, Security Information and Event Management (SIEM) systems, and the team that has to review and react to relentless alerts. Reducing the attack surface by deflecting unwanted traffic before it burdens these resources improves efficiency, ROI, and the company’s overall security posture.

Why not make your job easier? Ixia ThreatARMOR security appliance provides a new front line of defense, blocking known-bad traffic and botnet communications to free up bandwidth and security tools, and reduce “alert fatigue”.

ThreatARMOR uses data from Ixia’s Application and Threat Intelligence (ATI) research center to automatically block confirmed threats, hijacked IPs and even entire countries in bulk.

ThreatARMOR is a Threat Intelligence Gateway that automatically blocks traffic to and from criminal and illegitimate sites such as botnet controllers, ransomware and phishing sites, hijacked IP addresses, and untrusted countries. It prevents network probes, phishing clicks, and the C&C connections malware needs to download instructions or leak data. This reduces the risk from attacks such as Zero-day ransomware mutation along with up to 80% of the malicious connections that threaten the network and generate floods. Ixia’s ATI Research Center provides an always-on stream of geolocation and threat intelligence for ThreatARMOR-individually validating every single blocked IP address, every single day. Detailed Rap Sheets provide clear, on-screen proof of malicious activity for all blocked sites to mitigate the risk of false positives.

Features:

• Reduces attack surface by eliminating known-bad traffic
• Stop traffic from unwanted countries
• Quickly identify compromised internal systems
• Stops connections, both inbound and outbound, involving known malware, botnet, and phishing sites
• No false positives – clear proof of criminal behavior for all blocked sites
• Always-on cloud update service from Ixia’s ATI Research Center
• Dual redundant power supplies and integrated bypass for maximum reliability
• Available as 1GbE copper and 10GbE fiber speeds
• Provides resilient, failsafe inline operation
• Easily installs in less than 30 minutes

Block up to 80% of Malicious Traffic—Including Botnets and Ransomware

Ixia empowers ThreatARMOR with the intelligence required to protect your network and users by reducing the attack surface

As the complexity and intensity of Internet threats has evolved, the range of security technologies needed to secure the network has increased rapidly.

New layers have been added to the perimeter to deal with these emerging threats, fortifying the existing firewalls and IPS/IDS systems with threat detection, malware inspection, content security, DLP, DDoS mitigation, and more – at great expense.

ThreatARMOR™ establishes a new front line of defense in your network, removing threats from your network and improving your security ROI by eliminating unwanted traffic before it hits your existing security infrastructure.

ThreatARMOR doesn’t use signatures and there are no false positives. Any blocked sites are supported with clear on-screen proof of malicious activity such as malware distribution or phishing, including date of most recent confirmation and even screen shots. The site list is kept constantly up to date by Ixia’s Application and Threat Intelligence (ATI) Research Center that individually validates every site and provides a cloud-based update every 5 minutes.

Using the ATI application feed, this product solves one of the biggest challenges facing network administrators – complete network visibility that extends past layer 4 information. Many applications today run over HTTP within your network or cloud infrastructure, and thus can be obscured. The ATI Processor provides expanded visibility that gives you deep knowledge of your network, including application bandwidth, handset and browser type, and geo-location of application traffic. The ATI Processor has patent pending ability to dynamically detect new applications without signatures. It also provides mobile device identifier and browser information.

Ixia’s Application and Threat Intelligence (ATI) program provides a comprehensive service and support resource for optimizing and hardening the resiliency of IT infrastructures, including:

• Over a decade of experience testing the threat detection and blocking capabilities of the world’s largest service providers and equipment manufacturers
• Real-time cloud threat intelligence that enables Ixia’s ThreatARMOR™ to reduce your attack surface and provide continuous protection. ThreatARMOR eliminates traffic originating from known malicious IP addresses (malware distribution, phishing sites, botnet C&C sites, SPAM distribution, BOGONs hijacked domains and unassigned IPs)
• Application insight enabling Ixia’s network visibility products such as the ATI Processor to provide complete network visibility extending beyond layer 4 into granular application behaviors
• Intelligence in simulating realistic conditions and relevant attacks consolidated into a large database of exploits, DoS, DDoS, phishing, live malware and applications
• Simulation of 100+ evasion techniques
• Information to recreate real-world network traffic using more than 300+ applications
• The Evergreen feed to provide constant updates for applications that are critical in validating lawful intercept, data loss prevention, and deep packet inspection devices
• Always-on global IP geolocation database
• Application- and geography-based application filtering
• Rich contextual NetFlow / IPFIX generation