What is Advanced threat protection?

Advanced Threat Protection (ATP) is a suite of analysis tools designed to defend against advanced threats that use known and unknown attack vectors. ATP augments more common security solutions aimed at repelling known intrusion strategies.

Advanced threats are those that seek to surreptitiously gain access to a network and remain, undetected, in that network for months or even years, exfiltrating large amounts of data, conducting espionage, and/or causing significant damage.

Network Sandboxing for VMware NSX Service-defined Firewall

Protect Your Data Center with a Purpose-Built Internal Firewall

Why do you need advanced threat protection?

Cyber attackers are continuously developing ever-more sophisticated strategies to gain access to networks. These attacks are typically well-funded, often specifically targeted, and involve complex malware that is designed to avoid common security defenses. Countering advanced threats requires advanced analytic tools that can provide rapid visibility, analysis, context, and response into the contents and actions of malicious network traffic.

Benefits of advanced threat protection

By incorporating a leading ATP solution into your security stack, you harness four critical advantages:

  • Threat Visibility Everywhere: In leveraging multiple threat detection techniques at once, ATP delivers deep visibility into all network traffic.
  • Advanced Malware Detection: ATP helps secure the data center against threats that have been engineered to evade standard security tools.
  • Lower False Positives: ATP can greatly improve the accuracy of your alerts, which means your security teams can focus on a smaller set of actual intrusions.

One of the most performant ATP solutions available today is the VMware Advanced Threat Prevention offering for the NSX Service-defined Firewall. Leveraging a combination of network traffic analysis, intrusion detection and prevention, and advanced malware analysis with comprehensive network detection and response capabilities, the solution is purpose-built to protect data center traffic with the industry’s highest fidelity insights into advanced threats.

How does advanced threat protection work?

Fundamentally, advanced threat protection solutions perform sophisticated detection and analysis on suspicious network traffic, often employing hardware emulation and supervised and unsupervised machine learning models. ATP solutions attempt to identify threats early – before they can do damage – and respond quickly in the event of a breach. The goal is to protect the network with the highest possible fidelity insights into the most challenging threats.

 

Related Solutions and Products

NSX Advanced Threat Prevention

Network traffic analysis and intrusion prevention for NSX Service-Defined Firewall

VMware NSX Distributed IDS/IPS

VMware NSX Distributed IDS/IPS is an intrusion detection and prevention system for east-west network traffic.

NSX Distributed Firewall

NSX Distributed Firewall

Secure your data center with a full-stack firewall distributed at each workload.