Cyber-Security: The Shift to Cloud Solutions
In a response to high customer demand, DarkTrace has recently released new solutions to support local and third-party Cloud-based Virtual Networks.
About Darktrace
Darktrace is a world leader in Enterprise Immune System technology, a new category of cyber defense solutions based on pioneering Bayesian mathematics developed at the University of Cambridge. Darktrace addresses the challenge of insider threat and advanced cyber-attacks through its unique ability to detect previously unidentified threats in real time, as manifested in the emerging behaviors of the network, devices, and individuals. Some of the world's largest organizations rely on Darktrace's adaptive, self-learning platform to spot anomalous activity within the enterprise, in sectors including energy and utilities, financial services, telecommunications, retail, and transportation.
Continuing popularity of Cloud-based Networks
With the increase in VPN access by employees from outside the office, cloud-based networks have proven to be a transformative solution for companies in recent years. There are many benefits in transitioning to the cloud, such as reduced server infrastructure, reducing overhead costs and faster deployment, increasing both efficiency and productivity.
It is clear that Cloud Data Centers are not going to be in the decline anytime in the near future; therefore we need to create solutions that work in conjunction with these new methods of storing and securing data.
Risks of Cloud Solutions
As sited on V3, the #1 risk of using the cloud as your primary virtual network and storage is the vulnerability of your critical business data. A great example of this scenario is the cyber attack of Code Spaces, a company whose account admin panel was taken over by hackers, who in turn ran the company out of business.
Whereas, in traditional, physical networks, traffic can be easily ‘seen’ on the physical wire itself, traffic between virtual machines (VM) residing on the same hypervisor can be difficult to monitor. This is because inter-VM traffic is switched locally on a virtual switch, as opposed to a physical one, and so never makes it down to the network wire where it can be observed.
DarkTrace Vsensor and OS-Sensor Solution
Last week DarkTrace announced our new vSensors and OS-Sensors probes, which seamlessly extend the self-learning, real-time threat detection capability of the 'Enterprise Immune System' into virtualized environments. They provide organizations with enhanced visibility and insight into all points of the network, both on-premise and in the cloud.
The challenge is to provide a solution that gives visibility of inter-VM traffic, while not impacting on performance of the server, and allowing for scalability.
Vsensor-A standard deployment of the Darktrace Enterprise Immune System involves the capture of all traffic from a virtual server within one hardware appliance to a virtual server in another hardware appliance. This is because the traffic traverses the physical network connection.
With the vSensor installed into the hardware server, acting as just one more VM, visibility is extended to traffic between the VMs within the same physical appliance.
OS-Sensor- If your organization uses a managed cloud-computing environment, you may want your security monitoring to include the data moving within that cloud environment, even if you do not have direct access to the physical server.
Darktrace can capture virtual network traffic thanks to Darktrace’s OS-Sensors. OS-Sensors are lightweight, host-based server agents, that are easily installed on virtual machines in the cloud. They intelligently create single copies of network traffic, in a non-intrusive manner, and are capable of dynamically configuring themselves to avoid data duplication and streamline bandwidth use. Data is aggregated within the vSensor and fed back to the master appliance via a secure connection.
Darktrace OS-Sensors are fully configurable, allowing organizations to see all or selected cloud traffic, without requiring access to the hypervisor, and with minimal performance impact. Available for Linux and Windows, Darktrace OS-Sensors are robust and resilient, allowing organizations to enhance visibility and deliver Enterprise Immune System monitoring to cloud environments, wherever they are hosted.
Thank you for reading this article and as always if you would like to start a conversation just comment below.
