Security Analytics Virtual Appliance by Solera Blue Coat Advanced Threat Protection

soleranetworks.com Security Empowers Business

THE CHALLENGEThere is a major drive in nearly every industry to virtualize IT assets and infrastructure. Enterprises are virtualizing their data centers, applications and mission-critical systems. Virtualization has reduced capital expenses and IT footprint, resulting in great savings—but not without a cost. Unfortunately, advanced malware and targeted attacks have evolved to target data centers, branches, and remote offices, and now infiltrate virtual environments, threatening mission-critical systems wherever they reside. IT organizations must gain complete enterprise-wide visibility to monitor, detect and analyze these advanced threats, even within virtual environments.

To mitigate the risks advanced threats pose to virtual environments, organizations must implement advanced threat protection solutions that fit into their existing virtual IT infrastructure. IT organizations need to see into their physical enterprise network as well as the activity within the virtual infrastructure, thereby achieving full security visibility and situational awareness into advanced malware and attacks. Big Data security analytics solutions can provide these capabilities, allowing enterprises to detect advanced threats and enable swift incident response and mitigation. However, enterprises must also find a solution that:

• Is easily deployed in remote or branch offices and any existing virtual environment, without compromising complete security visibility

• Works with both physical and virtual network environments

• Integrates with existing security tools to deliver greater context and leverage security processes, workflow, and available security alerts and threat intelligence

• Scales with continued growth in virtual data centers, servers, applications and network traffic

THE SOLUTIONSecurity Analytics Virtual Appliance by Solera is the industry’s first and only Big Data security analytics platform available as a virtual appliance. It includes the same advanced security analytics technology found in the high performance, pre-configured Solera Security Analytics Appliances, but also provides complete visibility into virtual networks and private and hosted clouds. As a virtual appliance,

SOLUTION DESCRIPTION

The first and only virtual appliance for Big Data security analytics, delivering unprecedented visibility and threat detection for any virtual environment.

KEY FEATURES

•Fully featured Big Data security analytics solution in a flexible virtual appliance

•Complete network capture (Layers 2-7), indexing, classification, storage and replay

•Performance and scalability to support any cloud or virtual network infrastructure

•Virtualized central management to gain enterprise-wide visibility

•Support for all leading enterprise virtual environments and infrastructures

•Seamless integration with Blue Coat ThreatBLADES

• Integration with industry’s leading network security tools

DatasheetA BLUE COAT COMPANY

Security Analytics Virtual Appliance Big Data Security Analytics in any Virtual Envrionment

SECURITY IS ABOUT WHATYOU MAKE POSSIBLE

Security AnalyticsV I R T U A L A P P L I A N C E by Solera

soleranetworks.com Security Empowers Business

this solution delivers a cost-effective option for branch, small and medium enterprise deployments.

Security Analytics Virtual Appliance provides complete visibility into all network traffic, including traffic between applications running in the virtual network. It delivers the world’s most flexible and cost-effective solution for unified Big Data security analytics, threat intelligence, and security visibility—enabling superior advanced threat protection.

Combined with all-new Blue Coat ThreatBLADES, the Security Analytics Virtual Appliance levels the battlefield against advanced threats and targeted malware attacks, giving security professionals clear and concise insights with answers to the toughest security questions. The virtual appliance leverages the award-winning Solera Security Analytics Software, which records and classifies every packet of network traffic—from Layer 2 through Layer 7—while indexing and storing the data to provide comprehensive intelligence and analytics. The result is clear, actionable evidence for real-time situational awareness, continuous monitoring, advanced malware detection, incident response and resolution, data loss monitoring and analysis, organization policy compliance, and security assurance.

Security Analytics Virtual Appliance

Flexible Deployment – Security Analytics Virtual Appliance offers the easiest way to implement and deploy Big Data security analytics. It can be deployed on a laptop, desktop, or enterprise server anywhere in an enterprise network—from branch office to data center.

Application Classification – Comprehensive deep-packet inspection (DPI) classifies more than 1,200 applications and supplies thousands of descriptive metadata details. This feature efficiently identifies applications and also provides descriptive information about a network session, including application, identity, geographic location and more.

Real-time Threat Intelligence – Blue Coat ThreatBLADES integrate directly with the Security Analytics Virtual Appliance. ThreatBLADES leverage the Blue Coat WebPulse Collaborative Defense Cloud and the “network effect” from more than 75 million end points, providing instant, actionable intelligence on threats delivered via web, file or e-mail. Additionally, the Solera Threat Profiler is a security game-changer in detecting advanced threats. This innovative technology automatically extracts and analyzes any file—including the most prevalent and malicious file types—which enables immediate, automatic identification and alerting of advanced and zero-day threats.

Layer 2 to 7 Analytics – Security Analytics Software—pre-installed on the Security Analytics Virtual Appliance—provides a variety of analytics to strengthen incident response and resolution with comprehensive and conclusive analysis. Key analytic capabilities include full session reconstruction; real-time reputation look up; IM, email, and image reconstruction; Root Cause Explorer; and delivery of complete artifacts, not just packets.

Context-aware security – The Security Analytics Virtual Appliance integrates with best-of-breed network security technologies to pivot directly from any alert or log

KEY BENEFITS

•Gain full security visibility into threats and 100% situational awareness of any network activity

•Capture and port all virtual traffic to physical security tools for comprehensive analysis

•Reduce IT footprint and save valuable resources with minimal capital expenditure

•Easily deploy and manage in stand-alone or distributed networks

•Remotely deploy anywhere in the network for on-demand incident response

•Add full context to any alert from leading security solutions

Solera Networks Headquarters10713 South Jordan GatewaySuite 100South Jordan, Utah 84095

www.soleranetworks.cominfo@soleranetworks.com877-5SOLERA or 877-576-5372801-545-4100

ABOUT SOLERA NETWORKS, A BLUE COAT COMPANYSolera Networks, a Blue Coat Company, is the industry’s leading provider of big data security analytics for advanced threat protection. Its award-winning Solera

Platform levels the battlefield against advanced targeted attacks and malware, and gives security professionals clear and concise answers to the toughest security

questions. The Solera Platform is powered by next-generation deep-packet inspection and indexing technologies, full-packet capture, malware analysis and real-

time security intelligence and analytics capabilities. Global 2000 enterprises, cloud service providers and government agencies rely on Solera for real-time situational

awareness, continuous monitoring, security incident response, advanced malware detection, data loss monitoring and analysis, organization policy compliance

and security assurance—allowing them to respond quickly and intelligently to advanced threats and attacks, while protecting critical information assets, minimizing

exposure and loss, and reducing business liabilities.

© 2013 Blue Coat Systems, Inc. All rights reserved.  Blue Coat, the Blue Coat logos, ProxySG, PacketShaper, CacheFlow, IntelligenceCenter, CacheEOS, CachePulse, Crossbeam, K9, the K9 logo, DRTR, Mach5, Packetwise, Policycenter, ProxyAV, ProxyClient, SGOs, WebPulse, Solera Networks, the Solera Networks logos, DeepSee, “See everything. Know everything.”, “Security Empowers Business”, and BlueTouch are registered trademarks or trademarks of Blue Coat Systems, Inc. or its affiliates in the U.S. and certain other countries. This list may not be complete, and the absence of a trademark from this list does not mean it is not a trademark of Blue Coat or that Blue Coat has stopped using the trademark.  All other trademarks mentioned in this document owned by third parties are the property of their respective owners.  This document is for informational purposes only. BLUE COAT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT.  BLUE COAT PRODUCTS, TECHNICAL SERVICES, AND ANY OTHER TECHNICAL DATA REFERENCED IN THIS DOCUMENT ARE SUBJECT TO U.S. EXPORT CONTROL AND SANCTIONS LAWS, REGULATIONS AND REQUIREMENTS, AND MAY BE SUBJECT TO EXPORT OR IMPORT REGULATIONS IN OTHER COUNTRIES. YOU AGREE TO COMPLY STRICTLY WITH THESE LAWS, REGULATIONS AND REQUIREMENTS, AND ACKNOWLEDGE THAT YOU HAVE THE RESPONSIBILITY TO OBTAIN ANY LICENSES, PERMITS OR OTHER APPROVALS THAT MAY BE REQUIRED IN ORDER TO EXPORT, RE-EXPORT, TRANSFER IN COUNTRY OR IMPORT AFTER DELIVERY TO YOU.

A BLUE COAT COMPANY

Security AnalyticsV I R T U A L A P P L I A N C E by Solera

Security AnalyticsS O F T W A R E by Solera

Security AnalyticsA P P L I A N C E by Solera

Interfaces Capacity Minimum CPU & RAM Virtual Environments

1—Virtual Management Interface3—Virtual Capture or Replay Interfaces

500GB, 2TB, 5TB or 10TB of usable storage

2-Core CPU with8 GB RAM

VMware ESXservers, and VMware Workstation

and obtain full-payload detail of the event before, during and after the alert. The open, web services REST API adds complete context to any security tool and lets you leverage leading technologies such as Dell SonicWALL™, FireEye™, HP ArcSight™, McAfee®, Palo Alto Networks™, Sourcefire®, Splunk®, and many other security applications.

Root Cause Explorer – Using extracted network objects, this tool reconstructs a timeline of suspect web sessions, emails, and chat conversations. By automatically enumerating these events, Root Cause Explorer helps the analyst quickly identify the source of an infection or compromise and reduce time-to-resolution.

Root Cause Explorer: Quickly determine the root source of any threat

Customized dashboard view for quick analysis