HK govt lab venture launches new security solutions

In a series of launches, a company operating within the Hong Kong’s Smart Government Innovation Lab has announced that several new solutions.

The company is now seeking start-ups, SMEs or other companies who will apply to acquire and use the technologies.

The three innovations are:

1. IXIA BreakingPoint

The solution is an all-in-one applications and network security testing platform. It can validate the security posture of networks with real applications and a complete range of threat vectors.

In the current business environment, it is necessary to have an application and security test solution that can verify the stability, accuracy, and quality of networks and network devices.

Thus, BreakingPoint can simulate real-world legitimate traffic, distributed denial of service (DDoS), exploits, malware, and fuzzing.

The solution validates an organization’s security infrastructure, reduces the risk of network degradation by almost 80%, and increases attack readiness by nearly 70%.

And with the firm’s new TrafficREWIND solution, users can get a more realistic and high-fidelity validation by adding production network insight into BreakingPoint test traffic configurations.

Application Areas

The areas of application for the technology include Broadcasting, City Management, Climate and Weather,
Commerce and Industry, Development, Education, Employment and Labour, Environment, Finance, Food, Health,
Housing, Infrastructure, Law and Security, Population, Recreation and Culture, Social Welfare, as well as Transport.

Technologies

The solution employs Simulation and Training technology.

Key Features

1. Simulates more than 400 real-world application protocols
2. Allows for customization and manipulation of any protocol, including raw data
3. Generates a mix of protocols at high speed with realistic protocol weight
4. Supports more than 38,000 attacks and malware
5. Delivers all Real-World Traffic™ simultaneously from a single port, including legitimate traffic, DDoS, and malware
6. Bi-monthly Application and Threat Intelligence (ATI) subscription updates ensure you are current with the latest applications and threats
7. Combined with the CloudStorm™ platform, BreakingPoint reaches a staggering performance with a fully-populated chassis—2.4 Tbps / 1.44 billion sessions and 42 million connections per second—to emulate enterprise-wide networks to continent-scale mobile carrier networks
8. Provides a cyber range environment for hands-on cybersecurity skills development

2. IXIA ThreatARMOR

ThreatARMOR cuts straight to the core of the problem by automatically blocking much of the network communication that malware needs to download instructions or transmit sensitive data.

It prevents network probes, phishing clicks, and all traffic to and from untrusted countries. This reduces the risk from attacks such as zero-day ransomware mutations along with up to 80% of the malicious connections that threaten the network and generate floods of security alerts.

Ixia’s ATI Research Center provides an always-on stream of geolocation and threat intelligence for ThreatARMOR—individually validating every single blocked IP address, every single day.

Detailed Rap Sheets provide clear, on-screen proof of malicious activity for all blocked sites to mitigate the risk of false positives.

While next-gen firewalls are great at DPI and threat detection, they are not optimized for massive-scale blocking of malicious, hijacked, and untrusted IP addresses.

Even if they can import a threat intelligence feed, their performance suffers dramatically when trying to block the tens of millions of IP addresses in the Rap Sheet database.

ThreatARMOR complements next-gen firewalls by offloading massive-scale blocking so that they can allocate more resources to content inspection, user policies, VPN termination, and other features while generating fewer security alerts.

Areas of application

The areas of application are the same as those of the aforementioned solution, BreakingPoint.

Technologies Used

The company employed the following technologies in this solution: Artificial Intelligence (AI), Data Analytics, Machine Learning and Predictive Analytics.

Key Features

1. Provides full line-rate performance
2. Eliminates 30% of alert-generating connection attempts, and yields a 15x return on investment in a single year
3. Updates threat data every 5 minutes with cloud-based Application Threat Intelligence (ATI) feed
4. Delivers clear on-screen proof of malicious activity for any blocked sites
5. Offers on-box and off-box logging of blocked connections and system events
6. Features easy 30-minute setup, with no ongoing tuning or maintenance required
7. Provides an intuitive, on-screen dashboard displaying blocked sites, countries of origin, and statistics
8. Combined with Ixia Bypass, it switches to provide additional resiliency of ThreatARMOR and other security infrastructure.

3. IXIA Vision ONE (Network Packet Broker)

Ixia Vision ONE provides the ability to deploy resources where they are needed most and secure any traffic in their network.

It acts as the first step to security, providing reliable inline connectivity for security tools such as intrusion prevention systems (IPS), data loss prevention (DLP), and Web firewalls. It simultaneously connects out-of-band monitoring tools like intrusion detection systems (IDS) and data recorders.

Integrated intelligence features enable you to access encrypted traffic using SSL decryption, reduce analysis traffic using advanced packet processing, and precisely select traffic by application type, and geography. Ixia Vision ONE forwards selected traffic in a variety of formats to interoperate with any security tool.

Areas of application

The areas of application are the same as those of the aforementioned solutions, BreakingPoint and ThreatARMOR.

Technologies Used

The company employed the following technologies in this solution: Artificial Intelligence (AI), Data Analytics, as well as Machine Learning.

Key Features

1. A powerful GUI allows for focus on security rather than configuration – the industry-leading user interface and patented filter compiler make configuration simple for both inline and out-of-band topologies
2. CLI support for NetStack and inline features
3. Active SSL the ability to decrypt and re-encrypt traffic as an active SSL proxy for both inline and out-of-band tool deployments. Offloads the SSL burden from tools to improve ROI and security performance
4. Passive SSL decryption provides downstream security tools with plain text content, so they do not need to support or incur the performance overhead of decrypting traffic to find hidden threats
5. VOIP / VoLTE support provides correlation, sampling and whitelisting of SIP/RTP traffic. Allows visibility into Evolved Packet Core (EPC) and IP Multimedia Core Network Subsystem (IMS) interfaces based on SIP messaging
6. Zero-loss advanced packet processing improves security tool efficiency through techniques such as deduplication and packet trimming without dropping packets
7. Classify traffic in real-time with hundreds of pre-loaded application signatures, and direct it to the correct tool according to parameters such as application type, geolocation, or even handset type—so tools get just the traffic type they need, again optimizing your investment in tool infrastructure
8. Sophisticated load balancing distributes traffic across several tools for monitoring or inline in serial or parallel to maximize up-time and ensure that no critical data is lost
9. Comprehensive wizards make inline tool deployment extremely easy for complex use cases that require tool sharing or VLAN translation
10. Space efficient 1RU design saves rack space in your data centre
11. Secure serial console port with authentication