ARIA SDS Packet Intelligence

Superior Analytics and Protection of Critical East-West Network Traffic While Stopping Threats

Complete Network Visibility, Accelerated Incident Response, and Better Threat Containment

The ARIA SDS Packet Intelligence (PI) application provides complete visibility into internal network traffic, including east-west network data flows. The application creates analytics, for every packet, that are ingested by packet delivery accounting tools, quality of service SLA monitoring applications, or as security analytics by SIEMs, which dramatically improves the effectiveness at finding active network-borne threats.

SOC teams can control the ARIA PI application to send select traffic into IDS/IPS tools or forensic recorders for deeper investigations. They can then use the Packet Intelligence application to isolate compromised devices or keep critical devices online while blocking threat communications only. These factors enable better, more comprehensive threat detection, faster investigative responses, and immediate threat containment—all without impacting network or application performance. Find and stop more modern-day cyber threats that would normally be missed—such as malware, ransomware, breaches, exfiltrations, and more.

ARIA Packet Intelligence Benefits

 

threat detection

Detect More Threats
Expose and identify intrusions typically missed by existing approaches.


network security tools

Enhance Existing Security Tools
Enable faster incident detection and response, and with fewer false positives.


automatic threat response

Automate Response
Improve effectiveness of investigation and automate threat containment.


improve network security

Improve Improve Security Posture
Strengthen effectiveness of existing enterprise and network security solutions to increase SOC performance.


reduce cyber security costs

Reduce Costs
Quick, simple deployment that is cost-effective to operate.


cyber security roi

Fast ROI
Gain returns of up to ten times over traditional network security tools.


Compatible Products


Packet Intelligence Offerings

 

Deployed through switch span ports or network taps, or in-band, the Analytics configuration improves network visibility and intelligence gathering from the generation of NetFlow metadata for every network packet. Great for accounting and provider billing of packet delivery with 1000x less server load. SIEMs can use this information to identify network-based threats and attacks.

Threat Analytics

Deployed through either a network tap or span switch, or in-band, the Triage configuration can direct traffic streams to applications for counting packets, monitoring QoS SLAs, as well as threat detection toolsets, which allows for faster IR with more complete identification and verification of threats. It offers intelligent filtering capabilities to direct only the appropriate classified traffic streams to security toolsets. Such adaptive filtering allows detection tools to operate more effectively by only analyzing the most relevant threat conversation traffic.

Threat Triage

The in-band deployment of the Threat Reaper configuration adds the ability for real-time containment of identified network threats, as well as the execution of network connectivity policy enforcement. Any threat is stopped at the conversation level, leaving critical devices online, as well as be used to isolate compromised devices entirely and transparently from the network. It can also be deployed as a stateless port-based firewall running at wire rate either within the network or within a protected server doubling as a NIC. Finally, it can be used for network connectivity policy enforcement. It works with third-party tools that support SOAR solutions, and/or automated scripts and ARIA-provided workflows that allow such tools to communicate with ARIA PI to stop the threats as they are detected automatically.

Threat Reaper

ARIA PI is integrated with our ARIA ADR application and enables it to find internal network-borne threats, and to communicate back to ARIA PI to perform automated containment of the complete range of found attacks. This all happens within the network and is transparent to the devices and applications.

Deployment Options:

  • On our latest generation of Myricom SmartNICs for zero footprint packet accounting and filtering and firewalling applications.
  • Our in-line wire rate ARIA network appliances supporting at 10, 25, and 100G line rates to create on-the-fly network security analytics, select packet stream replication, and filter operations without adding latency to wire-rate packet flows.

  • 1-10-25- 100G line rate operation
  • Unsampled per packet NetFlow metadata (v5, v9), or IPFIX format generation
  • Selective traffic stream – Redirect and/or drop to full line rate Packet Capture
  • In-band or out-of-band deployment deployment options
  • Highly available transparent bypass for in-line operation
  • Out-of-the-box integration with all modern, SIEMs, IDS/IPS and forensic packet recorders
  • Delivers UI- or API-driven options for automatic containment of network threats and directing particular data traffic streams to IR tools
  • Compatible with SOAR tools and ideal for MDR services deployment
  • Four optimized configurations: Threat Analytics, Threat Triage, Threat Reaper, or integration with ARIA ADR

Contact Us to Speak to a Cybersecurity Expert!

Resources and Related Content

News

April 21, 2020
ARIA Cybersecurity Announces ARIA ADR Application Providing AI-Driven Automated Attack Containment

ARIA Cybersecurity Announces ARIA ADR Application Providing AI-Driven Automated Attack Containment

March 16, 2020
ARIA Cybersecurity Solutions Named Winner of the Coveted InfoSec Awards during RSA Conference 2020

ARIA Cybersecurity Solutions Wins for Innovation in IoT and Network Security, as well as Industry Compliance IN 8th Annual InfoSec Awards at #RSAC 2020

March 10, 2020
ARIA Cybersecurity Solutions Receives Top Awards by Cybersecurity Excellence

Acknowledged for Solutions for Encryption, Threat Detection and Response, as well as Industry Compliance

 

Events

December 10, 2020
Attend this FREE virtual cybersecurity summit for the latest technology trends in the security industry, including a key not by US Secret Service. Drop…
December 2, 2020
Attend this FREE virtual cybersecurity summit for the latest technology trends in the security industry, including a keynote by US Secret Service. Drop by…
November 5, 2020
Attend this FREE virtual cybersecurity summit for the latest technology trends in the security industry. Drop by our booth to learn about our latest…