Bringing Threat Detection and Mitigation Closer Together

For threat detection to be effective in today’s world, network visibility must extend from the network core to the edge, and out to the cloud.  Combining continuous, real-time intelligent threat detection with comprehensive visibility is the beginning to understanding and mitigating attacks in complex and hybrid networks.  Once threats are detected, mitigation must be performed to prevent things like data loss.  Historically, detection and mitigation are functions usually best handled by tools tailored for each task.   As a result, security teams are continually faced with the onerous operational challenge of taking actionable decisions on one tool from the reported threats of another.  

The combination of NETSCOUT Omnis Cyber Intelligence (OCI) platform with the Palo Alto Networks Panorama platform for centralized management of next-generation firewalls helps enterprises improve their security operations with end-to-end visibility and streamlining the response to threats by integrating detection and blocking capabilities.  Security and network teams can take advantage of the NETSCOUT/Palo Alto Networks collaboration to maximize detection, enable high-quality investigation and blocking threats from penetrating the defense perimeter while reducing administrative efforts and associated costs.

Key Benefits

Comprehensive Visibility

NETSCOUT OCI provides complete and border-less threat visibility and communicates directly to Palo Alto Networks Panorama.

Smart, Efficient Cross-Technology Platform

Security operations send detected or investigated threats from NETSCOUT OCI directly to Panorama with the click of a button, enabling enforcement in the environment.

User Experience

Security operators use NETSCOUT OCI for investigations, detect IOCs and do contract tracing to scope the breadth and timeframe of any security breach or issue.  NETSCOUT identifies IOCs detected in the network and on which hosts:

  • The IOC host, IP or URL can be marked for blocking
  • Optionally, the host on which it was received can be blocked
  • NETSCOUT OCI sends the marked entity to Panorama
  • The security analyst pushes the Panorama policy rule for the marked IOC to the Palo Alto Networks next-generation firewalls for enforcement

 

Security operators use NETSCOUT OCI for investigations, detect IOCs and do contract tracing to scope the breadth and timeframe of any security breach or issue.
Click to enlarge image

NETSCOUT Omnis Cyber Intelligence with AWS Security Hub

Cross-platform Visibility without Borders allows organizations to quickly identify and contain cyber threats

Questions?