Masergy creates new detection and response tool with integrated Network Visibility
Masergy, a provider of global software defined networking, managed security and cloud communications solutions, announced the release of its new Network Visibility Tool. Bundled with the Masergy Managed Detection and Response service, the new tool leverages Netflow data, Active Directory,geolocation, syslog, BGP and other metadata to gain deep network insight for the purpose of identifying and investigating malicious activity across the entire IT infrastructure.
“The ability to execute critical capabilities such as threat hunting, investigation and incident response requires complete network visibility,” said Amy DeCarlo, principal analyst, Security and Data Centre Services from GlobalData. “Masergy is well positioned in the Managed Detection and Response space by integrating network visibility as part of its core service offering.”
Deployed with the company’s Unified Enterprise Security (UES) platform, the Masergy Network Visibility Tool can be configured to alert the security team to suspicious activity, such as unusual connections hitting critical information assets. The launch also includes a new Session Monitoring Tool widget for dashboard tracking of high-risk network sessions and latest security alerts, incidents and tickets.
“The Network Visibility Tool enables simple, but powerful security uses cases. For example, Masergy’s Security Operations Centre can now do retrospective threat intelligence matching on network metadata, thereby reducing the time sensitive nature of threat intelligence feeds,” said Craig D’Abreo, vice president of Security Operations at Masergy.
“Most importantly, the Network Visibility tool provides a complete network record so the security analyst can quickly identify, validate or investigate the extent of security incidents to understand their nature and promptly execute an effective response.”
Additionally the Masergy Network Visibility Tool allows customers to:
- Support Threat Hunting and other investigations on infected systems.
- Deploy rules for identifying malicious connections to critical assets.
- Execute Threat Intelligence matching on network traffic retrospectively.
- Identify problems with security controls and firewall rules so they can be fixed.