New Amazon Virtual Private Cloud traffic mirroring extends IronDefense’s advanced network behavioral detection and IronDome’s collective defense capabilities to cloud and hybrid environments
FULTON, MD – IronNet Cybersecurity, a market leader in Network Traffic Analysis (NTA) and the industry’s first real-time, machine-speed Collective Defense provider, announced the expansion of IronDefense functionality to support the new Amazon Virtual Private Cloud (Amazon VPC) traffic mirroring feature from Amazon Web Services (AWS), introduced this morning at AWS re:Inforce 2019. With this new capability, customers can now replicate their AWS network traffic and send it natively to IronDefense for advanced behavioral analysis. Benefits to customers include:
- Enhanced visibility and detection within AWS environments. Amazon VPC traffic mirroring will allow customers to extract network traffic data from any workload in an Amazon VPC network and send it to IronDefense to apply advanced behavioral detection techniques to identify cyberattacks often missed by traditional log-centric tools.
- Faster detection of threats targeting industry ecosystems. IronDefense customers who subscribe to the IronDome collective defense platform now have the ability to automatically share identified anomalies in their AWS cloud or on-premises environments in near real-time with industry peers, supply-chain partners, and, optionally, with key government agencies, providing shared situational awareness and the ability to detect threat campaigns across an ecosystem.
- Improved security posture. Traffic mirroring offers significantly better security for cloud-enabled environments by providing packet capture at the Elastic Network Interface (ENI)-level instead of solely using AWS log files, such as Amazon VPC flow logs, AWS CloudTrail, and Amazon GuardDuty. These capabilities remain valuable and will play a key enrichment role for this new IronDefense capability.
- Simplified security operation. Today, customers often have to install and manage third-party agents on the AWS instances to capture and replicate Amazon VPC traffic. With Amazon VPC traffic mirroring, customers can natively mirror their Amazon VPC traffic to IronDefense without using packet-forwarding agents.
“Traffic visibility is a critical and foundational element to helping AWS customers keep infrastructure safe and functional,” said Dave Brown, Vice President – EC2 Compute & Networking Services, Amazon Web Services, Inc.. “IronNet’s ability to ingest Amazon VPC traffic mirroring and apply advanced network detection across customers’ AWS and on-premises environments, delivers an important solution to help them defend against cyber threats targeting cloud environments”
“The new Amazon VPC traffic mirroring capability provides the IronDefense platform with native access to critical virtual network data that allows it to seamlessly monitor network anomalies across AWS and enterprise networks to identify advanced threat actors,” said Dr. Michael Ehrlich, Chief Technology Officer, IronNet. “The ability to monitor hybrid environments and automatically share IronDefense threat insights across cloud and non-cloud environments to industry peers through our unique IronDome collective defense capability enhances our ability to protect companies, industries, and nations at scale.”
“IronNet has been a critical partner that has continually provided us with leading-edge cyber security solutions that help our company protect our massive cloud environments,” said Richard Puckett, former Vice President for Security Operations, Thomson Reuters. “The ability to monitor Amazon VPC traffic is a welcome new addition that will take IronNet’s network traffic analysis and collective defense capabilities to the next level, and we are pleased to team with IronNet and AWS to use the new Amazon VPC traffic mirroring capability to mitigate advanced cyber risk to our core cloud infrastructure.”
About IronNet Cybersecurity
Founded in 2014 by GEN (Ret.) Keith B. Alexander, the former Director of the National Security Agency and Founding Commander of U.S. Cyber Command, IronNet Cybersecurity is a worldwide cybersecurity leader in network traffic analysis that is revolutionizing how enterprises, industries, and governments secure their networks by delivering the first-ever collective defense platform operating at scale. IronNet combines the skills of its cybersecurity operators with their real-world experience working on both offense and defense in the public and private sectors, integrating this deep tradecraft knowledge into its industry-leading products to solve the most challenging cyber problems facing industry today.