|
Of all the responsibilities that governments carry, perhaps the most important is to the health and safety of their own citizens. The Federal government’s civilian agencies provide thousands of vital services, ranging from disaster assistance to Social Security to keeping our borders safe. Reliability and performance of these systems are essential. For these reasons, the security of the data and information managed by civilian agencies is absolutely critical, not only to keep federal public service programs running, but also to keep information flowing among agencies and to the public.
In 2010, the U.S. government saw a full spectrum of cyber threats, from denial-of-service attacks and spamming to bots and APTs. In response, the requirements of the U.S. Federal Information Security Management Act (FISMA) that regulates IT system security of civilian agencies are shifting from periodic security reviews to continuously monitoring and remediating IT security vulnerabilities.
The State of the Industry
The U.S. cyber infrastructure is susceptible to foreign and domestic attacks: civilian government networks suffer an estimated 3 million instances of malicious activity per year. Security breaches that compromise personal and other sensitive information of U.S. citizens continue to occur despite efforts to block unauthorized entry and access to the servers that store the information.
The breadth of our national information architecture makes security breaches nearly inevitable. Assuring the integrity of civilian agency networks is essential to assuring the integrity of sensitive information of our citizens and the continued delivery of government services.
• The U.S. Department of Homeland Security (DHS) has nitiatives to develop and deploy cyber security technologies to counter on-going, real world national cyber threats. DHS wants to apply effective analysis to detect vulnerabilities and risk mitigation strategies to neutralize threats. In 2010, DHS completed the deployment of the Einstein 2 threat detection system across the Federal space; it will continue to develop and deploy Einstein 3, which will enable DHS to automatically collect, correlate, analyze, and share computer security information to improve the nation’s situational awareness.
• U.S. FISMA requirements are moving toward continuous monitoring and automation to increase the visibility of government civilian network behavior. Operators and analysts will need to collect information to better secure government information systems.
• Rapid technological advances, constantly evolving usage patterns, and rapid adoption rates of new communications and web platforms and mobile devices are opening new entry points into critical networks and infrastructure.
The Challenge
Successful cyber attacks on critical civilian agency networks can destabilize financial markets, compromise sensitive personal information, and undermine critical responders during times of crisis (such as earthquakes, floods or hurricanes). Understanding what servers and applications are running on the network is fundamental to ensuring a secure civilian government network infrastructure.
• High-level management of cyberspace is now critical to the integrity and security of civilian agency networks, not simply a nice-to-have
• SOC and NOC operators must maintain FISMA compliance and manage and protect the overall IT infrastructure in order to assure the stability, security, and reliability of civilian agency networks
• Effective analysis and risk mitigation strategies to detect and deter threats must be deployed
• Sophisticated criminals, state-sponsored espionage, and persistent, patient attacks easily slip past firewalls, intrusion detection systems, and other traditional cyber defenses
• Internal threats (e.g. exfiltration, rogue servers and applications) are as real, and as potentially damaging, as external threats
The Solution
Through continuous monitoring and in-depth reporting on infrastructure health, federal agencies can now gain accurate information about security postures, activities, and threats. Agencies can monitor security-related information across the entire organization in a manageable and actionable way.
NarusInsight™, our flagship product, provides total network visibility and anomaly detection, which can complement traditional cyber security and traffic management solutions. Additionally, through its SDKs, NarusInsight can integrate with third party SEMs, visualization tools, and IT search tools to deliver and maintain continuous monitoring.
NarusInsight includes these solutions:
• NarusInsight™ Solution for Cyber Protection
• NarusInsight™ Solution for Intercept
• NarusInsight™ Solution for Traffic Management
Benefits
NarusInsight uses dynamic network traffic intelligence and analytics to look at the “digital DNA” (i.e., the behavior) of the network to detect deviations and anomalous traffic patterns. This ensures mission integrity and enables civilian agencies to maintain complete situational awareness.
• The Solution for Cyber Protection provides continuous monitoring of the dynamic environment, which provides essential, real-time status-related information to organizational officials. It allows correct decisions to be made quickly, based on timely and accurate information.
• The Solution for Intercept can help civilian government entities precisely target suspicious and criminal activity and prevent exfiltration of intellectual property. The solution also enables forensic data capture and analysis.
• The Solution for Traffic Management prevents misuse of valuable resources and optimizes network performance. It ensures conformance with security and network policy, and enables NOC and SOC operators to see what is actually running and how applications are performing on their networks.
Narus solutions can help federal agencies determine the level and nature of threat in any traffic pattern or data stream, and take quick, decisive action through a number of different remediation programs.
Please click on an Industry or a Product Solution to learn more. You can also Talk to an Expert for more information.
|
