ThreatARMOR™ from from Ixia, A Keysight Business

Hackers are not invisible. They leave traces as they penetrate the network and extract data. So why do we still constantly see headlines announcing major breaches?

The constant barrage of security alerts from devices like firewalls, IPS, antivirus, DLP, and SIEM overwhelms the teams that operate them, making it sometimes impossible to find the “needle in the haystack” needed to detect the critical traces of an intrusion or data breach, before it’s too late.

ThreatARMOR™ helps you overcome this issue by automatically applying an always-on threat intelligence feed to your network, eliminating traffic to and from known-bad sites and untrusted countries.

By blocking traffic to and from the attacker’s infrastructure – be it automated exploitation bots, phishing sites, malware distribution sites, botnet controllers, hijacked networks or unallocated IP addresses, ThreatARMOR™ reduces up to 80% of the malicious and invalid traffic that generates security alerts.

Why ThreatARMOR™?

ThreatArmor is our threat intelligence gateway and your firewall’s best friend. It allows you to:

  • Reduce “alert fatigue” by eliminating traffic to and from confirmed malicious infrastructure;
  • Stop traffic from unwanted countries;
  • Quickly find compromised internal systems;
  • Block connections with hijacked IP addresses;
  • Eliminate false positives;
  • Stay up to date via our always-on cloud update service. 

ThreatARMOR™ establishes a new front line of defense in your networks. Here’s how it works:

  1. It cuts straight to the core of the problem by automatically blocking much of the network communication that malware needs to download instructions or transmit sensitive data.
  2. It prevents network probes, phishing clicks, and all traffic to and from untrusted countries.
  3. It removes threats and improves security ROI by eliminating unwanted traffic before it hits any existing security infrastructure.

Next-gen firewalls are great at DPI and threat detection, but they are not optimized for massive-scale blocking of malicious, hijacked, and untrusted IP addresses.

Even if they can import a threat intelligence feed, their performance suffers when trying to block the tens of millions of IP addresses in the Rap Sheet database.

ThreatARMOR™ allows the firewall to dedicate more resources to content and policy inspection while also generating fewer alerts for operations teams to investigate.

And, best of all, the device incurs no bandwidth penalty whatsoever while requiring minimal configuration to work.

    Do you own a specialized tool regarding cyber security and want to share it? in that case just send it over and we’ll post it.


    Related articles​

    Business Internet Security Threat Map

    BY defcamp
    Business Internet Security from Orange protects the information delivered over the internet and the ..

    Threat Intelligence Services from SecureWorks

    BY defcamp
    Cyber threat intelligence is evidence-based information that identifies emerging threats to your organization ..

    The 4-FLIGHT system

    BY defcamp
    The 4-FLIGHT system, defined by DSNA and developed by Thales, the world leader in air traffic management, is a..