Lancope, Inc. is a leading provider of network visibility and security intelligence to protect enterprises against today’s top threats. By analyzing NetFlow, IPFIX and other types of network telemetry, Lancope’s StealthWatch® System delivers Context-Aware Security Analytics to quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Combining continuous lateral monitoring across enterprise networks with user, device and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk.

Enterprise customers worldwide, including healthcare, financial services, government and higher education institutions, rely on Lancope for fast, precise incident response and forensic analysis to enable business continuity. Lancope’s innovation is continuously enhanced with research and threat intelligence from the StealthWatch Labs Intelligence Center.Leveraging NetFlow™, sFlow® and packet capture, the StealthWatch® System combines flow-based anomaly detection and network performance monitoring into a single, integrated enterprise platform for security and network operations.

Lancope's market-leading StealthWatch® System leverages the network as a sensor to deliver context aware network visibility and security analytics to defend enterprises against advanced cyber threats.  From real time threat detection to post-incident response, Lancope’s StealthWatch System delivers context-aware security to enable rapid and continuous response to today’s top threats. The comprehensive platform allows organizations to effectively:

·Monitor - gain pervasive, scalable network visibility into all traffic, including lateral east-west communications, to monitor for advanced attacks 24/7/365.

·Detect - draw upon sophisticated behavioral analytics to identify and prioritize suspicious network activity associated with APTs, insider threats, botnets, zero-day malware and DDoS attacks.

·Analyze - transform network data into actionable, context-aware security intelligence to accelerate incident response and conduct better post-incident forensic investigations.

·Respond - take advantage of in-depth situational awareness to continuously analyze and respond to threats before, during and after a security incident.

The StealthWatch® System combines flow-based anomaly detection and network performance monitoring into a single, integrated enterprise platform for security and network operations. By delivering unified visibility across physical and virtual networks, StealthWatch eliminates network blind spots and reduces total network and security management costs. The StealthWatch System meets the needs of security, network and datacenter administrators with a single platform that provides integrated network intelligence for all parties.Lancope’s StealthWatch System combines network behavior anomaly detection and flow-based security, network and application performance monitoring to deliver end-to-end visibility via a single, highly integrated enterprise platform. By delivering pervasive visibility context aware security analytics unified visibility across physical and virtual networks, StealthWatch eliminates network blind spots and reduces total network and security management costs. From real-time threat detection to post-incident response, Lancope creates an instant, always-on active surveillance system that operates easily on high speed, highly segmented or highly meshed networks – at a fraction of the cost of alternative point products.

Lancope provides the following capabilities to protect enterprises against advanced targeted threats:

Monitor:

-Achieve pervasive, scalable network visibility into all traffic, including lateral east-west communications, to monitor for advanced attacks 24/7/365.

-Harness the full power of flow data by capturing, analyzing and storing large amounts of stitched, deduplicated, 1:1 flows.

-Obtain a complete and continuous audit trail of all network activity including device, identity, location, application and time details.

 

Detect:

-Turn the network into an active sensor grid for real-time detection of potentially malicious activities.

-Draw upon sophisticated behavioral analytics, unique security algorithms and the SLIC Threat Feed to automatically identify and prioritize suspicious network activity associated with APTs, insider threats, botnets, zero-day malware and DDoS attacks.

-Detect threats early on to avoid devastating data breaches and harmful network disruptions.

 

Analyze:

-Transform network data into actionable, context-aware security intelligence.

-Analyze NetFlow, IPFIX and other types of transactional data to make fast, e­ffective decisions regarding threat activity.

-Utilize advanced dashboards/reports to dramatically accelerate incident response and conduct better post-incident forensic investigations.

 

Respond:

-Take advantage of in-depth situational awareness to continuously analyze and respond to threats before, during and after a security incident.

-Build an iterative threat intelligence process to gain more awareness of the network over time.

-Adopt an ongoing, proactive security strategy to increase operational efficiency and minimize enterprise risk.

 

NetFlow monitoring, network intelligence, network visibility, cybersecurity, forensics, applicaiton aware network performance monitoring, network behavior

►Expanded support for Cisco technologies including UCS servers, NBAR2 and ISE mitigation

►Extended scalability to 6 million flows per second ►More operationalized security intelligence and actionable Host Report for added context ►Several new security algorithms and enhanced Threat Feed for more precise analytics ►Assisted Network Classification (ANC) for automated asset discovery and segmentation ►Faster, more streamlined querying
Office Facilities Asia-Pacific,European markets,Japan,Emerging markets,US & Canada
Support Model Direct through third party or partner,Direct to customer
Support Coverage Hours 24x7 Standard business hours, with after hours pager support
TAC Hotline 1.800.838.6574
TAC Support Alias support@lancope.com
TAC URL http://www.lancope.com/resource/support.aspx

Resources

Compatibility

Version Verified Compatible Cisco Product Date Tested
6.6 None N/A
Cisco_compatible
The Cisco Compatible logo is used to signify that the PARTNER product has undergone technical interoperability testing with the Cisco product specified. The interoperability testing is conducted by a third party laboratory based on testing criteria set forth by Cisco. PARTNER is solely responsible for the support and warranty of its product. Placement of the PARTNER product or information pertaining thereto, on the Cisco Marketplace website does not constitute an offer to sell the PARTNER product in any way. For further information on the PARTNER products, please visit the PARTNER company website.

No reviews yet.