Three security companies are the latest to find that putting their pieces together has the potential to solve major problems.
Bit9 Inc., which makes a server-based whitelist platform for controlling access to endpoints, said this week that is has created connectors to tie its application to two products: Palo Alto Network’s next-generation firewalls, and FireEye Inc.’s Malware Protection System.
The result, Bit9 says, is a solution that automatically enforces the policies set on the firewall or the detector to endpoints and servers protected by Bit9.
(Bit9 Connector’s dashboard)
“We have many common customers and they were demanding integration,” said Brian Hazzard (pictured), Bit9’s vice-president of product management.
Although there are Bit9 Connectors for each product, the connectors don’t make a three-way link.
Until now when IT managers get alerts from either the Palo Alto firewall or FireEye they go to the Bit9 console to assess its impact on endpoints and then take action. The Connector automates this and other processes by linking Bit9 directly to the firewall or the malware detector.
The connector can filter out non-actionable alerts if the malware doesn’t hit systems, details what systems were impacted and executes policies if endpoints or servers are touched. In addition it analyzes new files on the networks and sends suspicious ones to FireEye or Palo Alto for analysis. All this can be done in real time, said Hazzard.
“It’s a completely integrated system,” said Hazzard.
The goal is to mount a network defence that can meet advanced threats like zero-day attacks, Hazzard said.