Lancope adds net optimization to security appliance

* Lancope couple security and management

The convergence of network optimization and security management isn't an entirely new thing, but this week Lancope will introduce its new approach to bringing network routing data into its network behavior anomaly detection product.

Industry watchers have long touted the merits of coupling security and management technologies to both protect the network and to also help traffic flow more efficiently. The means by which various vendors have converged the IT disciplines vary, but the theme is the same: efficient operations are also secure networks.

For instance, traffic analysis tools that show network managers the applications traversing the net and conversing with hosts can also be used to detect excessive requests to one server, which could indicate a virus or worm is present on the network.

Companies such as Lancope provide tools to watch traffic for such activity and alert on the potential threat. Now the technologists at the company decided to also instrument their appliances with routing and network protocol information to couple security analysis with network optimization tools.

"We are putting network flow analysis capabilities, such as NetFlow and sflow, into our product so IT shops don't necessarily need to work with two vendors to get a picture of their traffic from both a security and operations point of view," says Adam Powers, CTO of Lancope.

Lancope upgraded its flagship software with network reporting capabilities that Powers says will enable network managers to get traffic flow data from Cisco, Foundry, Extreme, Juniper and HP routers, switches and devices. He says the product can now deliver detailed lists of top talkers, capacity use and link utilization.

StealthWatch 5.5 is software packaged on appliances that are distributed across a network, near a core switch or data center router. Upon installation, it performs a benchmark of normal traffic behavior and continuously monitors for changes. The product does not sit in line of network traffic, but passively monitors conversations between hosts and clients. Administrators can tap into the appliances via a Web-based interface or use the management console to configure, monitor and generate reports from multiple distributed appliances.

Lancope's StealthWatch 5.5 is expected to ship in July. Pricing for a stand-alone appliance starts at about $10,000.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT