What is Advanced threat protection?
Advanced Threat Protection (ATP) is a suite of analysis tools designed to defend against advanced threats that use known and unknown attack vectors. ATP augments more common security solutions aimed at repelling known intrusion strategies.
Advanced threats are those that seek to surreptitiously gain access to a network and remain, undetected, in that network for months or even years, exfiltrating large amounts of data, conducting espionage, and/or causing significant damage.
Five Cyberattacks That You Would Miss Without AILearn More
Why do you need advanced threat protection?
Cyber attackers are continuously developing ever-more sophisticated strategies to gain access to networks. These attacks are typically well-funded, often specifically targeted, and involve complex malware that is designed to avoid common security defenses. Countering advanced threats requires advanced analytic tools that can provide rapid visibility, analysis, context, and response into the contents and actions of malicious network traffic.
Benefits of advanced threat protection
By incorporating a leading ATP solution into your security stack, you harness four critical advantages:
- Threat Visibility Everywhere: In leveraging multiple threat detection techniques at once, ATP delivers deep visibility into all network traffic.
- Advanced Malware Detection: ATP helps secure the data center against threats that have been engineered to evade standard security tools.
- Lower False Positives: ATP can greatly improve the accuracy of your alerts, which means your security teams can focus on a smaller set of actual intrusions.
One of the most performant ATP solutions available today is the VMware Advanced Threat Prevention offering for the NSX Service-defined Firewall. Leveraging a combination of network traffic analysis, intrusion detection and prevention, and advanced malware analysis with comprehensive network detection and response capabilities, the solution is purpose-built to protect data center traffic with the industry’s highest fidelity insights into advanced threats.
How does advanced threat protection work?
Fundamentally, advanced threat protection solutions perform sophisticated detection and analysis on suspicious network traffic, often employing hardware emulation and supervised and unsupervised machine learning models. ATP solutions attempt to identify threats early – before they can do damage – and respond quickly in the event of a breach. The goal is to protect the network with the highest possible fidelity insights into the most challenging threats.
VMware Advanced Threat Protection related Products, Solutions, and Resources
Inspect all network traffic and obtain the industry’s highest fidelity insights into advanced threats.
Secure east-west traffic with a purpose-built internal firewall, built-in to the hypervisor and distributed at every host.
Correlate large volumes of security events across north-south, east-west and cloud traffic for identifying real intrusions.
Included with NSX Advanced Threat Prevention, Advanced Threat Analyzer provides complete malware analysis
VMware NSX Distributed IDS/IPS is an intrusion detection and prevention system for east-west network traffic.