Download   Report
  1. No category

Attivo BOT and APT Detection Solution

Attivo BOT and APT Detection Solution
Attivo offers a new paradigm in security
that complements and augments your
existing security infrastructure—our
technology lures, detects, engages,
and analyzes APT and BOT attacks on
your network.
APT and BOT Detection & Engagement
Cloud
Firewall, IDS/IPS
Sandbox
BOTsink
End Point Security
(ON DEVICE)
Fast / Easy Deployment
• VM-based honeynet to attract APTs and BOTs
• Configure unused IPs and subnets
• Detects both scanning and targeted types of attack
• Provides multiple presences in 100s of subnets
• Engages with hosted services and apps
• DHCP support
• Provides concise and actionable data
• Define whitelist
• Minimize the chances of APT or BOT outbreak
• Define log forwarder
Captures
Simple & Scalable
• User login anomalies
• Self-monitoring and self-healing
• Brute force login attacks
• Pre-configured
• Dropped payload
• Hosts virtual machines/servers and services
• Outbound network activity to C&C servers
• DNS sinkhole / Sinkhole Proxy, IOC and STIC ports
• Traps external communication into a Sinkhole
• Collect & export events/data through syslog integration
The Attivo Solution is an on-premise and data center APT and
BOT security appliance/VM designed to augment your existing
security systems. The Attivo Solution securely engages APTs and
BOTs as they begin scanning, targeting and probing network
clients, servers, and services and then traps their activity. Once
contained, the APTs and BOTs will not be able to communicate.
The Attivo Solution captures and catalogues all attempted
communications and propagation activity for future forensics.
The Attivo Solution uses our Analyze, Monitor and Record (AMR)
Engine that feeds events to our patented Multi- Dimensional
Correlation Engine to generate attack sequence.
Captures All BOT and APT Activity
Attivo Solutions are deployed on any subnet that has high-value
systems targeted by BOTs and APTs for IP and data theft or
systems that host BYODs. The Attivo Solution identifies infected
hosts mounting attacks, reports the time, type and anatomy
of the attack to enable immediate remedial action, and gives
visibility into the lifecycle of the BOT. The Attivo Solution emulates
the most commonly attacked network services and hosts
hundreds of IP addresses to quickly attract and identify BOTs.
© 2015 Attivo Networks. All rights reserved.
NETWORK PROTECTION
Minimize APT and BOT infections targeting network servers
and clients as they infiltrate the network. The Attivo Solution
emulates key network services across multiple virtual
machines and IP addresses to detect APT and BOTs before
they compromise your information.
ENGAGE APTs and BOTs BEFORE NETWORK DAMAGE
The Attivo Solution engages APTs and BOTs—trapping their
activities, preventing communications, and stopping their
propagation.
ISOLATE COMMAND & CONTROL ACTIVITY
Even APTs and BOTs that are sleeper agents or time
triggered are captured within the Attivo Solution. By default,
no outbound C&C activity can occur. Any attempts at
outbound C&C communication are captured for forensic
analysis.
www.attivonetworks.com
DS-2015.BOTSINKFAM-05.04
Simple Appliance Deployment
•Plugs into LAN
•Supports multiple subnets
•Does not require any redirection of traffic
•Syslog Integration
Simple Virtualized Deployment
•VMware support
•Deploy prior to or after cloud adoption
•Same benefits as the Attivo BOTsink® appliance
•Syslog Integration
BOTsink 2500
BOTsink 5000
Virtual BOTsink for VMware
BOTsink IRES™ for Targeted Attacks
Ideal for
Small to Medium
Enterprise
Medium to Large
Enterprise
Medium to Large Enterprises
Any Size Enterprise using
BOTsink Solutions
Deployment
Options
Up to 16 VLANs
Up to 100 VLANs
Public or Private Clouds
V2500 - up to 25 VLANs
V5000 - up to 125 VLANs
Endpoints
SKU#
ABS-2500-16
ABS-5000-100
ABSVMW-2500
ABSVMW-5000
ABS-IRES-100
Annual
Support
ABSSUP-2500
ABSSUP-5000
ABSSUP-2500
ABSSUP-5000
Yearly renewable license
Includes system service and support, firmware upgrades, and updates
Note: Subject to change without notice. Not all features are available for first release. Some features available on the BOTsink 5000 only.
Contact Attivo Networks for final specifications.
47697 Westinghouse Dr.
Fremont, CA 94539
Phone 555.543.5432
© 2015 Attivo Networks. All rights reserved.
www.attivonetworks.com
BOTsink and Attivo Networks are registered trademarks of Attivo Networks, Inc.
DS-2015.BOTSINKFAM-05.04
Attivo Networks BOTsink™ System

Attivo Networks BOTsink™ System

Attivo Networks Company Overview

Attivo Networks Company Overview

Attivo Networks Raises $8M in a Series A Round Led by Bain

Attivo Networks Raises $8M in a Series A Round Led by Bain

Attivo Networks--Active Deception

Attivo Networks--Active Deception

`Seven Billion Dreams. One Planet. Consume with Care

`Seven Billion Dreams. One Planet. Consume with Care

Document 334668

Document 334668

& Print Form

& Print Form

(APT) Fact Sheet - Illinois State Board of Education

(APT) Fact Sheet - Illinois State Board of Education

Monday Money Money advice if you are renting Money

Monday Money Money advice if you are renting Money

- Power2SME

- Power2SME

2015 Spring Competition Team Registration

2015 Spring Competition Team Registration

Gas Sample Form No. 62-3282 Please Refer to Attached Sample Form

Gas Sample Form No. 62-3282 Please Refer to Attached Sample Form

abcdocz.com

© Copyright 2024