Mazu Networks Announces Profiler Version 3.0.Business Editors CAMBRIDGE, Mass.--(BUSINESS WIRE)--Nov. 3, 2003 New Release Contains Major Advancements in Traffic Profiling Technology that Drive Down Cost and Complexity of Securing Critical Business Applications and Processes Mazu Networks, a leading provider of enterprise network security solutions, today announced the release of Mazu Profiler 3.0, a distributed network security platform that uses network behavior analysis to reduce the risk, cost and complexity of securing critical business applications and processes. Built upon Mazu's unique traffic profiling engine, Profiler provides large enterprises and government organizations with real-time insight into how their networks are actually being used. Leveraging this baseline understanding of network behavior, Mazu Profiler 3.0 provides a host of security features that help customers to thwart attacks as they happen, dramatically reduce recovery time when breaches do occur, and tighten overall security policies to reduce risk and vulnerabilities on an on-going basis. Many large enterprises today are opening up their critical applications to greater numbers of internal and external users to gain operational efficiencies and competitive advantage. However, since the complexity of providing this access securely goes beyond the capabilities of existing tools, organizations have had to make tradeoffs between accessibility and security. Networking and security teams continue to struggle to keep pace with the business driver - the need to secure wider access quickly and with minimal resources. The Mazu Profiler addresses this growing challenge by providing an intelligent, behavioral approach to security that can scale to meet the needs of the largest organizations. "With dozens of offices and facilities across the country, ADVO's network is critical to our core business functions," said Phil McMurray, Information Technology Security Officer at ADVO. "Mazu's Profiler gives us a better understanding of how our network is actually used. It also provides the tools to detect threats, recover from attacks, and tighten access policy throughout the network. As a result, we are exposed to less risk, which makes it that much easier to keep our network, and the business processes that rely on it, running smoothly." "Maintaining network availability has become a painful business problem as companies are continually plagued with unauthorized access to internal systems, worm storms and denial of service attacks An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Unlike a virus or worm, which can cause severe damage to databases, a denial of service attack interrupts network service for some period. ," said Eric Ogren, senior analyst at the Yankee Group (the Yankee Group, Boston, MA, www.yankeegroup.com) A major market research, analysis and consulting firm founded in 1970 by Howard Anderson. It provides general consulting and strategic planning in the computer and communications field. . "Network integrity systems analyze traffic profiles to ensure that customers, business partners and employees have reliable access to the applications and network resources they need to do their jobs. Mazu Networks' Profiler 3.0 provides the real-time information the IT staff needs to accelerate security incident mitigation MITIGATION. To make less rigorous or penal. 2. Crimes are frequently committed under circumstances which are not justifiable nor excusable, yet they show that the offender has been greatly tempted; as, for example, when a starving man steals bread to satisfy and recovery. It also provides insight into network usage that has solid applicability in areas of IT beyond network security." "As we all saw this past summer, security breaches continue to pose major challenges to organizations of all sizes," said Jim Melvin, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of Mazu Networks. "But even with those challenges, companies are under pressure to become more efficient by Web-enabling more of their important business activities. With Mazu's new Profiler release, we help customers gain those efficiencies quickly, without hiring more staff and without creating new risks and security issues." Mazu Profiler: Intelligent Security Through Network Behavior Analysis Mazu Profiler is powered by MCube, Mazu's patent-pending network traffic profiling engine. MCube uses sophisticated statistical modeling to capture and represent the characteristics and patterns of typical network traffic and host-to-host activities in high-volume environments. MCube is housed in an appliance and takes in traffic flow information in real-time from Mazu Probes and/or NetFlow-enabled routers. The Profiler analyzes traffic anomalies A deviation from the normal traffic pattern. An intrusion detection system (IDS) may look for unusual traffic activities, such as a flood of UDP packets or a new service appearing on the network. using a variety of heuristics heu·ris·tic adj. 1. Of or relating to a usually speculative formulation serving as a guide in the investigation or solution of a problem: tuned to detect worms, unauthorized access, denial of service attacks, ping (1) See also PNG and ping service. (2) See blog ping. (3) (Packet INternet Groper) An Internet utility used to determine whether a particular IP address is reachable online by sending out a packet and waiting for a response. and port scans, new services and other potentially dangerous behavior. The heuristics correlate their analysis in real-time across the entire network to determine operational relevance. The result is a dramatic reduction in false positives and the ability to detect more classes of threats. Profiler alerts IT staff to potential breaches and provides actionable Giving sufficient legal grounds for a lawsuit; giving rise to a Cause of Action. An act, event, or occurrence is said to be actionable when there are legal grounds for basing a lawsuit on it. information to help speed attack mitigation and recovery. It also helps IT teams further harden hard·en v. hard·ened, hard·en·ing, hard·ens v.tr. 1. To make hard or harder. 2. To enable to withstand physical or mental hardship. 3. their internal network by defining tighter access policies for routers and firewalls. The major advancements in Mazu Profiler Version 3.0 fall into three categories: greater accuracy and breadth of detection, enhanced event recovery and post-event forensic tools, and scalability improvements. Following are descriptions of the specific new features added to Version 3.0. Greater Accuracy and Breadth of Detection Rule-Based Alerts - Profiler Version 3.0 enables users to specify and monitor acceptable usage policy and fine-grained access policy over large areas of the network using rule-based alerts. Rule-based alerts give security teams the ability to create custom rules that trigger alerts whenever certain specific activity is detected or a policy is violated vi·o·late tr.v. vi·o·lat·ed, vi·o·lat·ing, vi·o·lates 1. To break or disregard (a law or promise, for example). 2. To assault (a person) sexually. 3. . For example, if two segments are not supposed to talk to each other, a rule is easily created to monitor this policy. If specific users or systems are known to access a given service, application or server, a rule is easily created to monitor this access policy and alert the team if it is violated. If specific services are not supposed to run in certain parts of the network, a rule is easily created to monitor this policy. Rules-based alerts extend the protection of traffic profiling to very specific network activities. Ephemeral Port (networking) ephemeral port - A TCP or UDP port number that is automatically allocated from a predefined range by the TCP/IP stack software, typically to provide the port for the client end of a client-server communication. Protocol Tracking - Tracking abuses and attacks that exploit applications using ephemeral port protocols has always been a challenge. In general, these applications do not use a single, pre-defined port for communication and therefore were difficult to track and analyze. Profiler Version 3.0 introduces the first of several major advancements in this area and provides specific capabilities for tracking FTP FTP in full file transfer protocol Internet protocol that allows a computer to send files to or receive files from another computer. Like many Internet resources, FTP works by means of a client-server architecture; the user runs client software to connect to usage. Rapid Recovery and Post-Event Forensics See computer forensics. Recovery Reports - Profiler Version 3.0 introduces recovery reporting. Minutes after an attack begins, Profiler can report on compromised hosts, ordered by group, segment or other relevant organizational distinctions. Furthermore, for compromised servers, Profiler can list all hosts dependent on services being provided by the each server - giving security and networking teams immediate visibility into the impact of quarantining those servers. New Forensic Tools - A new flow log database enables analysis of critical forensic data. While the Profiler's baseline enables these teams to ask "What does a typical Monday morning look like?", flow logging enables them to ask "What did Monday July 21st look like?" Profiler Version 3.0 also includes new tools that enable users to identify behaviors indicative of unauthorized peer-to-peer (P2P See peer-to-peer and point-to-point. ) usage. Integration with Crystal Reports and Microsoft Excel (tool) Microsoft Excel - A spreadsheet program from Microsoft, part of their Microsoft Office suite of productivity tools for Microsoft Windows and Macintosh. Excel is probably the most widely used spreadsheet in the world. Latest version: Excel 97, as of 1997-01-14. further enables customers and partners to create new reports and analytical tools that leverage the Mazu Profiler's data and analytics. Industry-Leading Scalability Enterprise-Class Capacity - The number of hosts a profiling solution can manage is a critical metric, since having a single, aggregated model of network activity leads to the highest detection accuracy. In Version 3.0, Mazu has increased to 200,000 the number of hosts that a single Profiler appliance can model. This makes the Mazu Profiler by far the most scalable profiling solution on the market today. Specifications, Pricing and Availability Profiler 3.0 is available immediately. It is priced using an enterprise licensing model, beginning at $65k. The Mazu Profiler ships as an appliance and works with data sources including Mazu Sensors and NetFlow-enabled routers (NetFlow V5, V7). About Mazu Networks, Inc. Mazu Networks is the first security company to provide real-time insight into enterprise network behavior, reducing the risk, cost and complexity of securing critical business applications. The company's real-time traffic modeling technology enables enterprises to profile, plan and protect networks with unmatched accuracy, efficiency and scalability. The Mazu Profiler protects internal and external access to critical applications. Mazu's Enforcer solution protects networks from traffic-based attacks. These solutions eliminate the tradeoff between security and accessibility, enabling organizations to broaden access to critical applications with less downtime The time during which a computer is not functioning due to hardware, operating system or application program failure. and fewer resources. Mazu is backed by premier venture capital firms Name Location Founding date Managing Partners/Directors Specialty Capital managed 5AM Ventures Menlo Park, CA; Waltham, MA 2002 John Diekman, PhD (managing partner), Scott Rocklage, PhD (managing partner), Andrew Schwab (managing partner) life sciences $200M [1] , including Greylock, Matrix Partners, Pilot House Ventures Group, Benchmark Capital Benchmark Capital is a venture capital firm responsible for the early stage funding of some very successful startups, including eBay. In 1995, the firm invested $6.7 million in eBay, which became worth more than $5 billion by the spring of 1999 and resulted in one of Silicon , and StarVest Partners. Mazu is an IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) Business Partner. Headquartered in Cambridge, Mass., Mazu also has locations in New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of , San Francisco San Francisco (săn frănsĭs`kō), city (1990 pop. 723,959), coextensive with San Francisco co., W Calif., on the tip of a peninsula between the Pacific Ocean and San Francisco Bay, which are connected by the strait known as the Golden , Washington, D.C. and London. For more information, please visit www.mazunetworks.com or contact the company at info@mazunetworks.com. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion