OPSEC Partners

Company Description: Enterasys Networks provides intelligent, best-in-class infrastructure and security solutions to enterprise customers. With one of the industry's broadest product portfolios-plus a full range of service and support offerings-Enterasys is uniquely qualified to meet the evolving needs of today's businesses.

Leveraging our own technology and thought leadership as well as the strengths of our strategic partners, we strive to develop flexible, scalable, intelligent solutions that deliver real-world benefits to our customers.

As a renowned enterprise networking leader with more than 15 years of experience and over 650 patents, Enterasys Networks has provided Secure Networks that Know™ to some of the world's most successful companies, including many of the Fortune 500.

Designed to meet the unique security requirements of the enterprise environment, the Dragon Intrusion Defense System offers comprehensive features that minimize network vulnerabilities and bring improved security to the enterprise. Only Dragon, with its unique network-based detection and response capabilities, modular host intrusion detection components, web server intrusion prevention, server management, and event management, provides a reliable solution for detecting, and responding to the broad array of attacks present in today's constantly changing security landscape.

Dragon provides an integrated solution for detecting and stopping misuse and attacks across the entire IT infrastructure. It's the only IDS to combine events on the network with those on the hosts, firewalls, routers, switches, other Security platforms and applications, providing complete detection for the small and large environment. Dragon protects the enterprise with a range of intrusion prevention services. Dragon prevention capabilities include session disruption and sniping as well as the provisioning of firewall and router systems to block the source of a threat.

The Dragon Intrusion Defense solution includes:

• Dragon Network Sensor-Gigabit speed intrusion defense at the network layer by analyzing TCP/IP traffic via signature-based pattern matching, protocol monitoring, and anomaly detection techniques.
  
  
• Dragon Host Sensor-Host-based intrusion defense, delivered via a modular and flexible architecture for today's most common operating systems, protects at the host and application level by monitoring the operating system and critical applications via a variety of techniques.
  
  
• Dragon Web Server Intrusion Prevention-Dragon Web IPS protects at the application level, terminating security threats before they can disrupt an Enterprise's web based applications.
  
  
• Dragon Enterprise Management Server-Tools for highly scalable management, monitoring and decision support:
  
  
  • Policy Management-Centralized command and control of network and host sensors with system-level deployment of configuration and protection policies
    
    
  • Security Information Management-Centralized security alert information and web-based analysis tools for real-time event monitoring, advanced analysis and reporting
    
    
  • Advanced Forensics-Provides the tools and capabilities for performing forensics level analysis and reconstructing an attacker's session
    
    
  • Event Flow Processors-Collect and aggregate events for hierarchical event management enabling unmatched scalability
    
    
• Intrusion Prevention
  
  
  • Campus level "to the desk" Prevention through Enterasys' Dynamic Intrusion Response solution.
    
    
  • Advanced threat Prevention through session disruption and event sniping
    
    
  • Multi system threat Prevention through firewall and router filter configuration

Enterasys Network's Dragon Intrusion Defense System combines its advanced host and network threat detection capabilities with Checkpoint's industry leading Firewall and VPN technology to create an industry leading Intrusion Prevention Solution for enterprise networks. Under the OPSEC Framework, Dragon will communicate threats to Checkpoint Firewall-1/VPN-1 system utilizing the OPSEC SAM interface. Dragon's Enterprise Management System (EMS) acts as a conduit from the Dragon Intrusion Defense System that is comprised of multiple Network and Host sensors that are deployed around an enterprise network. Dragon EMS through its policy based management functionality allows enterprise customers to define what detected threats are serious enough to cause a Checkpoint Firewall to block them. Because Dragon EMS can act as a conduit for literally thousands of sensors in an enterprise. This technology ensures that only truly serious threats are responded to and minimizes unnecessary responses due to false positives.