Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

OPSEC Partners

Arbor Networks, Inc

Product Version Certified: Peakflow X 3.0
Certified for use with: Check Point Next Generation with Application Intelligence

Product Description: Designed to locate and isolate internal security threats, Peakflow X Utilizes Relational Modeling—a breakthrough in network modeling technology— to construct a network-wide view of the entire network, auto-learning host behaviors to determine which hosts communicate with each other, and how. Using this network-wide perspective, Peakflow X generates actionable security information allowing network operators to track and harden threatened protocols before vulnerabilities are discovered, while maintaining business continuity.
 
Key Features and Benefits
OPSEC Integration		 Clear Arbor
 
Company Description: Founded in 2000, Arbor Networks, Inc. is a leading provider of network integrity solutions that ensure the security and operational integrity of the today’s most critical networks. Arbor’s Peakflow family of appliances are deployed around the globe to protect service providers and enterprises from zero-day security threats such as worms and DDoS attacks, and to effectively manage converged networks in the presence of operational challenges such as traffic engineering and deployment of new IP-based applications. With over one hundred customers worldwide, including most of the top tier ISP and MSO networks, Arbor’s Peakflow protects a significant portion of the world’s Internet backbone.
 
Key Features and Benefits
Peakflow X provides internal network security for enterprises:
  • Actively defend against worms
  • Segment and harden the network against future threats
  • Eliminate internal misuse
  • Simplify corporate and government compliance
  • Gain visibility across the network

Striking with blinding speed, worms are a service-level threat that demands an automated solution. Peakflow's Safe Quarantine uses the relational model to create a “white list” of legitimate traffic. This provides an instant, automated response to the worm threat that uses existing switches and firewalls to track and lock down applications in the network, without disrupting critical business processes.

Peakflow's Worm Vaccine lets network operators respond to newly discovered security threats. Using security advisories, detailed what/if analysis can be automatically generated to understand the threat as it relates to the operator's own network. Depending on the network's vulnerability to the potential threat, preemptive filters on routers, switches or firewalls can be applied to stop the infection before it even exists.

With Network Hardening, operators can discover legitimate relationships between users, machines and applications and then segment the network, locking it down before new vulnerabilities are announced thus reducing exposure to outages and availability problems.

Internal security threats are different from the “hacker threats” that are the core of the Internet perimeter model. Peakflow X is the only internal security system with multiple anomaly models focused on detecting internal threats:

  • Relational Modeling—Discovers and enforces the legitimate relationships between users, machines and applications
  • Rate Detection—Discovers traffic shifts, floods, and off-hours application usage.
  • Worm Detection—Detects worms without signatures by monitoring for telltale signs of worm infection and propagation.
  • Indications and Warnings—Alerts are correlated, corroborated and contextualized across the whole network to provide the complete story of a security incident to network operators.
OPSEC Integration
Peakflow-X uses the CPMI API to merge Peaklow X rules with VPN-1 rules. Peakflow X is designed to interoperate with VPN-1 and can choreograph the actions taken by VPN-1 by providing rule-set exceptions to ensure critical business traffic is allowed through the firewall no matter what. Furthermore, the Peakflow X Relational Model is an extremely valuable tool for locking down firewall policy to harden networks in advance of security threats. By providing visibility and context for firewalls like VPN-1, Peakflow X occupies an important space in an ecosystem of security defenses that include internal firewalls and perimeter security.