Monday, August 31, 2015

Avi Enhances its Software Load-balancer with Security Features

Avi Networks, which offers a software-defined application delivery controller (ADC), introduced a new Continuous Security Insights (CSI) Module that help enterprises evaluate their security posture and quickly mitigate application threats and attacks – in real-time.

Avi said its CSI module is able to collect and analyze hundreds of telemetry data points at its strategic point-of-entry into the network.  This intelligence enables the ADC to make changes in traffic delivery. The recent POODLE SSL attack is an example of how this capability could be implemented. The POODLE SSL attack exploited vulnerabilities in the many Internet-based systems still running SSL 3.0 encryption protocol. While the solution was relatively simple – reconfigure all systems to turn off SSL 3.0 – network admins had no way of understanding the full impact of this network-wide reconfiguration, including possibly damaging end-user experiences on websites and other public-facing apps.

Key functionality of the Avi Continuous Security Insights (CSI) solution:

  • Inspect: Constantly analyzes security configurations and user-to-application traffic to detect vulnerabilities, attacks and anomalies. 
  • Inform: Notifies admins about the real-time security posture via alerts, logs and simple to understand metrics such as a SSL Score, DDoS Score, Security Insight and overall application health score.
  • Mitigate: Takes proactive measures against anomalous behavior ranging from simple penalties for spurious transactions to traffic rate-limiting or blocking users for more serious threats.  

The Avi ADC v15.2 software is currently in pilot trials at several large financial services and e-commerce companies as well as a number of cloud service providers.

“Network administrators who cannot understand the current state of their systems cannot secure them,” said Dhritiman Dasgupta, VP of Marketing, Avi Networks. “For most enterprises today, we believe that a healthy security profile is not just a nice-to-have but is mandatory for guaranteeing the health of the overall application experience for today’s end users.”

http://www.avinetworks.com

0 comments:

Post a Comment

See also