Attivo and OpenStack the Deck Against Cyber Attackers
Company’s Dynamic Deception Platform ups the Anti for Attackers Looking to Breach OpenStack Networks
Attivo Networks®, the award-winning leader in deception for cyber security threat detection, today announced that its deception platform architecture now integrates with OpenStack, providing organizations with efficient and effective detection of inside-the-network threats for virtualized software defined data centers (SDDC). Building upon its current Dynamic Deception Platform, Attivo now offers support for OpenStack environments in addition to its current support for VMware EXSi, Amazon Web Services, SCADA, and user networks.
Tweet This: @AttivoNetworks ups the ante for attackers looking to #breach @OpenStack networks
Data center virtualization has achieved large-scale deployment based on its inherent cost and performance benefits; however with a SDDC there also comes a challenge of decreased visibility, which raises the risk of a network intrusion. With the explosion of server-server or what is also referred to as east-west traffic, traditional IDS/IPS and sandboxing solutions become unsuitable given their cost and the large amounts of resources and personnel required to manage and deploy these devices. A new, scalable approach is needed for increased network visibility and the ability to promptly and reliably detect the growing number of complex and malicious attacks targeted at the high value information stored within a data center.
The highly scalable Attivo Deception Platform is designed for friction-less deployment and efficient inside-the-data center threat detection for environments of large server workloads and widespread adoption of virtual machines (VMs) that are typically seen in data center and cloud networks. Using dynamic deception based on highly efficient luring techniques, Attivo does not rely on the compute and log intensive processes of monitoring traffic for known signatures or attack patterns. Instead, deception and decoys are used to lure in and deceive an attacker into revealing themself. These deception techniques are a highly effective approach for promptly detecting zero day, stolen credential, insider, and ransomware attacks. Once the attacker is engaged with the BOTsink® engagement server, the attack and its lateral movement can be studied, alerts raised, and forensics provided for prompt incident response. Integrations with firewall, NAC, SIEM and other security solutions are also available to automate the process and improve the time to remediation.
With the majority of a company’s data passing through their data center it is critical to have clear visibility into threats that are inside the network. The Attivo solution integrated with the OpenStack Platform will support deployment of engagement VMs in production subnets.
Attivo is also working with Criterion Networks and its Criterion SDCloud Platform to implement security groups and quarantine infected VM’s in Criterion SDDC solution architecture, which will contain an attacker from moving to other VMs to maintain persistence.
“With large scale SDDC comes challenges in security both in terms of visibility and detection of attackers,” said Srinivas Vegesna, CEO, Criterion Networks. “The integration between Criterion Networks’ quarantine solution with Attivo Networks provides organizations real-time detection of threats and the ability to promptly quarantine infected VMs. This is critical to protect against cyber threats, which can rapidly spread within a data center environment. This integrated solution will also be available on Criterion SDCloud platform so that our customers can see the solution in action instantly.”
“Cloud and software defined data centers are growing at unprecedented rates and there is an unquestionable need for visibility into and the protection of these environments,” said Tushar Kothari, CEO of Attivo Networks. “Attivo provides an inside the network breach detection solution that is massively scalable, complementary and seamless to integrate with OpenStack installations. The combination creates a powerful defense against attacks.”
“By 2019, OpenStack enterprise deployments will grow tenfold, up from just hundreds of production deployments, due to increased maturity and growing ecosystem support,” notes Gartner analyst Matthew Cheung in his February 5, 2016 report, “Competitive Landscape: OpenStack Distributions and Support Service Market.”
Attivo Networks is also a member of the OpenStack Foundation and will be participating at the OpenStack Summit in Austin, TX on April 25-29, 2016. Attivo will be speaking on April 28th at 11:50 AM and will be providing an overview on deception benefits based on customer use cases.
Criterion Networks: www.criterionnetworks.com
Attivo Networks: www.attivonetworks.com
About Attivo Networks:
Attivo Networks® is the leader in dynamic deception technology, which in real-time detects intrusions inside user networks, data centers, cloud, and SCADA environments before the data is breached. Leveraging high-interaction deception techniques, the Attivo BOTsink® Solution lures BOTs and APTs to reveal themselves, without generating false positives. Designed for efficiency, there are no dependencies on signatures, database look up or heavy computation to detect and defend against cyber threats. Attivo solutions capture full forensics and provide the threat intelligence to shut down current and protect against future attacks. www.attivonetworks.com
OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources throughout a datacenter, all managed through a dashboard that gives administrators control while empowering their users to provision resources through a web interface. The OpenStack Mission is to produce the ubiquitous Open Source Cloud Computing platform that will meet the needs of public and private clouds regardless of size, by being simple to implement and massively scalable. OpenStack is open source, openly designed, openly developed by an open community.