Joint solutions will deliver new levels of visibility into network activity, even inside encrypted traffic
The discovery of data breaches continues to be problematic for organizations. According to Ponemon Research, it takes an average of 191 days to discover a data breach. In 60 percent of cases, according to the Verizon Data Breach Investigations Report, the discovery is made by someone outside of the organization.
In order to combat the issues surrounding the discovery of network anomalies, the combined solutions from Ixia and Endace provide enterprises with greater visibility into network activity and give analysts the detailed, packet-level evidence they need to go back-in-time to investigate and resolve security and network or application performance issues quickly and conclusively.
“Like Endace, Ixia has a deep understanding of the security and performance challenges that IT and security teams face,” said Cary Wright, Endace VP Product Management. “Delivering applications and services securely and reliably is challenging, especially given the high expectations of today’s users. When issues or threats arise, teams need to respond quickly and accurately.”
Ixia’s Vision portfolio of network packet brokers complements Endace’s high-performance EndaceProbe Analytics Platforms by enabling control over how packets are managed and where they are delivered. In addition, Ixia’s Vision ONE offers Active SSL decryption giving visibility into encrypted traffic and allowing it to be decrypted before it is recorded by, and stored on, EndaceProbes.
“Encrypting network traffic is a double-edged sword. While it can help protect valuable data, it can also be used by hackers to hide their activity,” says Scott Westlake, VP Business Development at Keysight’s Ixia Solutions Group. “Combining Ixia’s SSL decryption capabilities with Endace’s full packet capture and recording ensures security teams have a definitive source of evidence for investigating cyber threats and performance issues.”
By hosting virtualized Intrusion Detection Systems (IDS) and Application or Network Performance Monitoring (NPM/APM) on EndaceProbes, customers have a flexible and scalable ecosystem for real time monitoring of network traffic, including encrypted traffic. Customers can easily spin up new virtual monitoring applications on EndaceProbes to inspect traffic, decrypted by Ixia, in real time.
The new partnership has already borne fruit, with Ixia and Endace recently collaborating on a joint solution for financial traders. For high-frequency trading, the accuracy of market feeds from exchanges is critical. Delays or gaps in feeds can be extremely expensive. Ixia’s TradeVision network packet broker can monitor market data feeds from more than 100 exchanges and detect and alert when gaps or delays in market feeds occur. By combining TradeVision with EndaceProbes, market feed data can also be recorded, providing definitive evidence for analysts to troubleshoot any issues that TradeVision detects.
Integration between Splunk and EndaceProbes streamlines investigations when market feed errors are detected and lets analysts click on a TradeVision alert in Splunk to go directly to the related packet history on their EndaceProbes. Using the built-in EndaceVision application they can drill down to analyze even ultra-short-lived microburst events at packet level to see precisely what happens and respond appropriately.
For more information about using Ixia’s Vision portfolio of network packet brokers with EndaceProbes see endace.com/ixia.
 2017 Cost of Data Breach Study: United States, https://www.ponemon.org/blog/2017-cost-of-data-breach-study-united-states
 Verizon 2018 Data Breach Investigations Report, https://www.verizonenterprise.com/verizon-insights-lab/dbir/
Australasia: Mark Evans
mobile +64-21-494 850
USA: Kelly Dorsey
mobile +1-818-436 9646
EMEA: Leah Jones (CommsCo)
+44 203 697 6680
Endace’s multifunctional Analytics Platform can host 3rd-party network analytics applications while simultaneously recording a 100% accurate Network History, enabling fast, accurate detection, investigation and analysis of network security and performance issues.
The platform enables agile deployment of analytics functions and dramatically reduces OPEX and CAPEX costs by consolidating datacenter hardware. Hosted applications can analyze live or historical traffic. Global customers include banks, healthcare, telcos, broadcasters, retailers, web giants, governments and military.