Tier-3 Launch Huntsman 5 The Most Powerful Defence Against Unknown Threats

Published 25th April 2007

London, UK 24th April 2007 Tier-3 has today launched Huntsman 5 which provides complete enterprise wide threat management, real time compliance and operational risk management capabilities. Huntsman’s patented data analysis engine provides a real-time ability to monitor, analyse and understand each transaction on the enterprise as it happens and flags up when unacceptable event whether known or unknown occurs. Huntsman collects and consolidates all information in real time from every network, server, application, end point device and security appliance in an organisation to provide a total view of all activity and then through one simple yet powerful console enables the state of all security technology to be escalated to provide an appropriate response to any threat.

Huntsman 5 stops in its tracks both known and unknown threats like: DoS and DDoS attacks, data leakage resulting from accidental or malicious activities, plus a wide range of threat types which are often collectively referred to as unknown or zero day threats. Huntsman does not rely on rules or signatures to determine what is acceptable, it uses behavioural anomaly detection which compares all events to a baseline of acceptable behaviour and identifies those which are important enough to merit investigation or immediate action.

Key new features introduced in Huntsman 5 include: Network agent; Distributed File watch and Easier integration.

Network Agent
Version 5 Huntsman includes the Network Agent, which is a passive technology that unobtrusively resides in a customer environment and provides a real time view into the occurrence and behaviour of all assets the instant they connect to the network, even if for only a split second, instead of relying on the device to be turned on and available before a scan is run.

Forensic Audit Trail
The Network agent provides a forensically sound audit trail of every single network communication so enabling administrators to reconstruct a network flow over a historical time frame.

Asset Inventory & Detection Engine

The Network agent together with the asset inventory and detection agent will reveal attacks such as: -

• Targeted zero day Trojans sending keystroke information to an internet site which had bypassed existing anti virus and content filtering counter measures.

• A user leaking data by tunnelling Secure shell traffic over HTTPS.

• A windows based machine rebooting as a Linux system.

• Unauthorised devices being plugged into a network.

Distributed File watch
Huntsman data collectors now feature the capability to monitor and detect modifications to important files across an organisation. Important files may include those such as critical system files, passwords, executable and libraries which are useful to detect root kits and other malware installations as well as tracking business sensitive documents which may include trade secrets, employee information, commercial proposals and the like.

Easy integration with existing security investments and customised business applications
Huntsman Version 5 includes the improved universal collector which now simplifies even further the process of connecting multiple products from different vendors into a single security and threat management and control system. By limiting the systemic risk inherent in the use of multiple point solutions and their multiple consoles security managers can leverage the previously unemployed value of existing security investments.

Andy Kellett, Senior Research Analyst, Butler Group commented, “The Huntsman product suite, from Tier-3 Pty Limited, is a real-time threat management system that has been developed to provide enterprise organisations with an integrated set of security facilities that can be deployed to provide protection and security information management services across the whole of an organisation’s systems infrastructure.”

Kellet continues “The range of facilities that the Huntsman suite makes available is driven by the product’s ability to identify and manage suspicious events as they occur. Denial of Service (DoS and DDoS attacks), information loss, and data leakage, alongside a range of other very real forms of malicious activity, all represent significant areas of concern for the modern business and its security team. As a result of these issues, the Tier-3 Huntsman suite has been designed to align its service-delivery capabilities with the compliance and policy-based risk management requirements of its users.”

For more information on Butler’s review of Huntsman 5 please visit www.tier-3.com/butlergroup

Functionally, the Tier-3 Huntsman suite provides a range of protection, high availability, and business continuity services that cover:

• Insider threats: protection against actions resulting from malicious or non-malicious resource usage.

• Risk adjustable threat prioritisation: providing prioritised asset protection for systems infrastructure as well as data that organisations collect and for which they are held accountable.

• The identification and management of unusual and suspect events: whether initiated by people, processes, or systems.

• The integration of security services: understanding traffic-flow intelligence from disparate elements of an organisation’s security systems to allow an integrated and centrally-controlled solution.

• Continuity and future proofing: the behavioural-learning engine is a key component of Huntsman and provides an ongoing ability to ‘keep up-to-date’ with the latest threats rather than be limited to only those defined by fixed rules or signature updates.

• Systems and back-office integration: the product’s integration capabilities have been designed to deal with complex enterprise environments, including the provision of support for legacy applications, operating systems, and network appliances.

• Audit Trail, Alerting, and Reporting Services: Huntsman provides full “SIM-style” audit trail, forensic event reconstruction, data mining, alerting, and reporting services.

• Central consol management services: The Huntsman LiveView console provides a “SEM-style” central point of access for real-time systems monitoring and administration services. In addition, the product’s automated management capabilities enable monitoring, analysis, alerting, and reporting services to be undertaken without user intervention.

Company Profiles powered by ITReseller.com