redborder at mobile world congress 2015
TRANSCRIPT
Apps
Layers
IPS
Snort 2.9 based
Performance enhancements
IDS / IPS / IDS Forwarding
Barnyard2 to kafka
Feature enhancements (reputation GeoIP)
Traffic visibility
Netflow v5, v9, IPFIX, Flexible Netflow
Layer 7 – Cisco AVC / Palo Alto AppID
Based on nProbe libraries
Flow
Malware
Interception – IPS / Email / Web / EP
Centrallized analysis
Static – Hashing, Fuzzy, AV, Cloud, Yara
Dynamic - Cuckoo
Correlation
Available 4Q2015
Vault
Syslog – Event Log
Normalization
Metadata extraction
Correlation
Available 3Q2015
Ecosystem
Chaos
Performance
Reliability
Persistance
Message “normalization”
Once in, everything is Kafka
Message
Stream
Enrich
Mine
Correlate
Store
Scale Out
Real time – Hystorical
Slice & Dice – OLAP
Aggregated / Persistent data
Schemaless
HyperLogLog & q-digest
Tranquility – Storm / Samza
Store
View
Manage
Programmatic configuration
Recipes isolate knowledge domains
Performance
Reliability
Manage
BridgerB FlowrB Vault
Netflow
SyslogSNMP
Legacy
NativerB IPS
rB Malware
Legacy formats
Apache Kafka
HTTP
Extend
Solve
Innovate
Share
Collaborate
Educate
Augment
Accelerate
How
www.linkedin.com/company/redborder
@redBorder_net
github.com/redBorder/
www.redBorder.net
Questions?Questions?