The network security experts at macmon secure GmbH offer proven and tested protection with their Zero Trust Network Access strategy. Thanks to a collaboration with its technology partner Flowmon, macmon secure now enables its customers to respond automatically to anomalies in the network by isolating endpoints.
Flowmon Anomaly Detection System (ADS) is a security solution that uses machine learning to detect anomalies hidden in network traffic. It complements traditional security tools and creates a layered protection system capable of detecting threats at every stage of compromise. If attacks are detected, the macmon Network Access Control solution takes action immediately, and in real time.
Managing Director of macmon secure GmbH:
“Flowmon offers a comprehensive system for detecting abnormal and suspicious network behavior. By coupling this solution directly with macmon NAC, we can automate the response to attacks and anomalies and ensure, that infected machines and devices are isolated immediately, even before the threat is definitively identified by the IT department. Together, our solutions provide optimal network security.”
Fast detection—fast isolation
Detecting malware communication or botnet activity from infected devices, as well as uncovering hidden data, are just three examples where short response times are necessary to protect the corporate network as quickly as possible. Using machine learning, heuristics, and advanced analytics, Flowmon enables IT professionals to reduce risk in the data center. Information about an endpoint’s system status is then passed to the macmon Compliance API to isolate the endpoint and, if configured, notify the network administrator.
Bücker adds: “The solution serves as a common platform where network and security teams speak the same language, allowing them to work together to achieve faster resolutions and optimal resource allocation.”
macmon NAC allows granular handling of events with different priorities
Flowmon’s Anomaly Detection System allows network administrators to assign different priority levels to various anomalies and threat patterns. These priority levels can then be assigned to different compliance statuses in macmon NAC, so that the solution can respond appropriately and effectively to threats of varying severity.
A shared white paper for macmon NAC and Flowmon explains how to easily configure the two solutions:
FLOWMON is an international provider of network and security solutions that employ flow monitoring and analysis (NetFlow / IPFIX), network behavior analysis, detection of irregularities and anomalies (NBA / network behavior analysis & anomaly detection) and hardware-accelerated flow data acquisition (based on FPGAs / field programmable gate arrays, up to 40 G/100 G transmission speed). Under the brand name FLOWMON, the company develops and delivers multi-client solutions for monitoring, evaluating, operating and optimizing IP-based infrastructures (network monitoring, troubleshooting, network optimization, capacity planning, billing & accounting). The hardware-accelerated FLOWMON Network Probes enable complete flow data collection in real time in all IP-based networks.