Lancope, Inc., the leading provider of the StealthWatch System, the most widely used Network Behavior Analysis (NBA) and response solution, today announced the general availability of StealthWatch System 5.6. The system-wide upgrade includes powerful new features, including Live Alarms, High-Performance Flow Queries, Dynamic Data Aging and Storage Optimization, Failover Configuration and interoperability with Foundry Networks™ IronView Network Manager (INM). These features significantly extend the scalability and value of behavior-based anomaly detection and network performance monitoring for enterprise organizations.

A single, unified system for security and network operations, StealthWatch provides detailed views of anomalies and network utilization for security analysts, network engineers and network planners. Visit http://www.lancope.com/news/webinars/ to access An Exclusive Look at StealthWatch System 5.6, a Webinar led by Lancope Chief Technology Officer Adam Powers, who describes how each new feature benefits teams within the IT organization.

Lancope's StealthWatch combines behavior-based anomaly detection with traffic reporting and network optimization data. The resulting visibility enables network teams to efficiently manage complex networks without the need for additional hardware and software. StealthWatch can also detect zero-day, targeted, low-slow and unknown attacks which enhances network operations and security as well,” said Chris Liebert, a senior analyst for Yankee Group.

“With this release of StealthWatch, the best of breed NBA solution, we are delivering even greater functionality to unify network security and operations, said Harland LaVigne, president and CEO of Lancope. The delicate balance between business enablement, network availability and security requires a powerful combination of network performance monitoring and behavior-based anomaly detection. The new features in StealthWatch System 5.6 provide security personnel with more focused, actionable views of risk across the enterprise, assist network planners with more historical data for capacity planning and benefit operations personnel with business continuity assurance.

StealthWatch System 5.6 introduces the following features:

Live Alarms

The ability to view only Live Alarms (the active network events when an administrator accesses StealthWatch) provides time-saving direction that focuses on the most critical incidents impacting the network, and enables security and network administrators to perform root cause analysis. Alarms that are no longer cause for immediate concern remain available for detailed historical analysis within the Alarm Manager.  

High-Performance Flow Queries

With greatly accelerated query-response time, StealthWatch System 5.6 provides immediate access to current and historical network flows. Administrators can rapidly query all IP network transactions that have occurred for a suspicious IP or network service, minimizing incident investigation time and maximizing staff productivity. From any graph or table within StealthWatch, administrators can use the context-sensitive Associated Flows option to summon the specific flow records that triggered an alarm, alert or graph element. Billions of flows, which can be stored across 25 distributed StealthWatch flow collectors, are available for immediate recall using StealthWatch™s high-speed flow indexing system.

Source