Today we are proud to announce significant new capabilities in Halo that make it faster and easier for enterprises to manage and protect critical IT infrastructure at scale. The new features give security teams the ability to move quickly between high-level aggregate data and highly detailed, actionable security information. Along with a revamped user interface, these features speed up reaction time and allow security professionals to focus on the most important issues first.
Here are the details:
- Revamped UI: The Halo user interface has been streamlined to make it faster and easier for security and operations teams to collaborate, identify threats and react quickly when vulnerabilities, policy violations or attacks are detected. Halo continuously monitors servers, providing real time inventories of deployed operating systems, software packages, running processes, local user accounts, and network connections across the entire set of servers no matter where they sit (data centers or cloud environments).
- Enterprise-wide data aggregation: Even the world’s largest companies can now organize protected servers in logical groups, classified according to organizational structure, application function or compliance requirement. Servers can be organized into groups according to which organizational units and applications they belong to; and the users’ view can be tailored to focus inventory data on particular groups within the tree. Role-based access controls ensure that each user is only able to access the resources they should. A security professional within an organization monitoring tens of thousands of workloads can now drill down from an enterprise-level view to specific individual servers and assess vulnerabilities and configuration issues for each workload. This makes understanding and managing risk across heterogeneous environments much more manageable at scale.Halo’s continuous scanning capability and standards-based policy templates can be used to assess compliance with various benchmarks and standards. Administrators are provided a real time view of violations such as configuration problems, software vulnerabilities, and suspicious activity, so that risk can be identified and mitigated efficiently.
- Traffic Discovery: In addition to Halo’s existing firewall orchestration policies and microsegmentation features, network security professionals can now visualize and better understand the connection maps for server communication across all environments using the new traffic discovery capability. Gaining insight into traffic patterns no matter where the workloads reside is critical to controlling east-west traffic in the datacenter and protecting against lateral movement of threats.
- Log-based Intrusion Detection System (LIDS): This feature enables security teams to monitor and receive alerts on events or patterns in any server log file to expose attacks, misuse and policy violations across an enterprise’s entire infrastructure. LIDS Integrates with any SIEM system while dramatically minimizing data flow volumes and simplifying configuration and correlation efforts. Detecting critical events right at the workload enables efficient early remediation without moving massive data sets around.
Take the new features out for a test drive and let us know your thoughts.