ARIA SDS Packet Intelligence

Superior Analytics and Protection of Critical Traffic While Stopping Threats

Complete Network Visibility, Accelerated Incident Response, and Better Threat Containment

The ARIA SDS Packet Intelligence (PI) application provides complete visibility into internal network traffic, including east-west data flows. The application creates analytics, for every packet, that are ingested by packet delivery accounting tools, quality of service SLA monitoring applications, or as security analytics by SIEMs, which dramatically improves the effectiveness at finding active network-borne threats.

SOC teams can control the ARIA PI application to send select traffic into IDS/IPS tools or forensic recorders for deeper investigations. They can then use the application to isolate compromised devices or keep critical devices online while blocking threat communications only. These factors enable better, more comprehensive threat detection, faster investigative responses, and immediate threat containment—all without impacting network or application performance. Find and stop more modern-day threats that would normally be missed—such as malware, ransomware, breaches, exfiltrations, and more.

ARIA Packet Intelligence Benefits

 

Detect More Threats

Detect More Threats
Expose and identify intrusions typically missed by existing approaches.


Faster Detection

Enhance Existing Security Tools
Enable faster incident detection and response, and with fewer false positives.


Automate Response

Automate Response
Improve effectiveness of investigation and automate containment.


Increase SOC Effectiveness

Improve Improve Security Posture
Strengthen effectiveness of existing solutions to increase SOC performance.


Reduce Costs

Reduce Costs
Quick, simple deployment that is cost-effective to operate.


Faster ROI

Fast ROI
Gain returns of up to ten times over traditional tools.


Compatible Products


Packet Intelligence Offerings

 

Deployed through switch span ports or network taps, or in-band, the Analytics configuration improves network visibility and intelligence gathering from the generation of NetFlow metadata for every network packet. Great for accounting and provider billing of packet delivery with 1000x less server load. SIEMs can use this information to identify network-based threats and attacks.

Threat Analytics

Deployed through either a network tap or span switch, or in-band, the Triage configuration can direct traffic streams to applications for counting packets, monitoring QoS SLAs, as well as threat detection toolsets, which allows for faster IR with more complete identification and verification of threats. It offers intelligent filtering capabilities to direct only the appropriate classified traffic streams to security toolsets. Such adaptive filtering allows detection tools to operate more effectively by only analyzing the most relevant threat conversation traffic.

Threat Triage

The in-band deployment of the Threat Reaper configuration adds the ability for real-time containment of identified network threats, as well as the execution of network connectivity policy enforcement. Any threat is stopped at the conversation level, leaving critical devices online, as well as be used to isolate compromised devices entirely and transparently from the network. It can also be deployed as a stateless port-based firewall running at wire rate either within the network or within a protected server doubling as a NIC. Finally, it can be used for network connectivity policy enforcement. It works with third-party tools that support SOAR solutions, and/or automated scripts and ARIA-provided workflows that allow such tools to communicate with ARIA PI to stop the threats as they are detected automatically.

Threat Reaper

ARIA PI is integrated with our ARIA ADR application and enables it to find internal network-borne threats, and to communicate back to ARIA PI to perform automated containment of the complete range of found attacks. This all happens within the network and is transparent to the devices and applications.

Deployment Options:

  • On our latest generation of Myricom SmartNICs for zero footprint packet accounting and filtering and firewalling applications.
  • Our in-line wire rate ARIA network appliances supporting at 10, 25, and 100G line rates to create on-the-fly network security analytics, select packet stream replication, and filter operations without adding latency to wire-rate packet flows.

  • 1-10-25- 100G line rate operation
  • Unsampled per packet NetFlow metadata (v5, v9), or IPFIX format generation
  • Selective traffic stream – Redirect and/or drop to full line rate Packet Capture
  • In-band or out-of-band deployment deployment options
  • Highly available transparent bypass for in-line operation
  • Out-of-the-box integration with all modern, SIEMs, IDS/IPS and forensic packet recorders
  • Delivers UI- or API-driven options for automatic containment of network threats and directing particular data traffic streams to IR tools
  • Compatible with SOAR tools and ideal for MDR services deployment
  • Four optimized configurations: Threat Analytics, Threat Triage, Threat Reaper, or integration with ARIA ADR

Resources and Related Content

News

April 21, 2020
ARIA Cybersecurity Announces ARIA ADR Application Providing AI-Driven Automated Attack Containment

ARIA Cybersecurity Announces ARIA ADR Application Providing AI-Driven Automated Attack Containment

March 16, 2020
ARIA Cybersecurity Solutions Named Winner of the Coveted InfoSec Awards during RSA Conference 2020

ARIA Cybersecurity Solutions Wins for Innovation in IoT and Network Security, as well as Industry Compliance IN 8th Annual InfoSec Awards at #RSAC 2020

March 10, 2020
ARIA Cybersecurity Solutions Receives Top Awards by Cybersecurity Excellence

Acknowledged for Solutions for Encryption, Threat Detection and Response, as well as Industry Compliance

 

Events

August 6, 2020
Attend this FREE virtual cybersecurity summit for the latest technology trends in the security industry, including a keynote by the Omaha Secret Service. Drop…
July 20, 2020
Watch this joint webinar with Sumo Logic to learn how with our integrated solution organizations can effectively secure their remote workforce, IoT devices, on-premise…
July 9, 2020
Attend this FREE virtual cybersecurity summit for the latest technology trends in the security industry, including a key note by the FBI’s Counter Intelligence…