Security Information and Event Management (SIEM)
Optimization Challenges

Removing the noise

With ‘point & click’ simplicity and patented features, PacketViper can precisely reduce IP traffic volumes and perform SIEM optimization. This is done with a layered filtering approach that includes the ability to geo-target and perform precise filtering based on business intelligence, threat intelligence and customer rules, both inbound and outbound, at the port level.

Our Virtual Minefield Zone (VMZ)™ solves the challenges of static perimeters in firewalls and creates a dynamic perimeter that can automatically change the access rules around any port or service and rotate when they are turned on or off. The VMZ also attracts threats, deceives them and gains new intelligence.

All of this improves the IDS/IPS threat identification process, lowers false positives and reduces alerting to security teams and SIEM related costs.

Addressing the challenges of SIEM optimization

Successfully deploying a SIEM is a complex task and the complexity is further amplified by the unmanageably high amounts of noise from within the network and from the skyrocketing volumes of global IP traffic constantly hitting the network.

Furthermore, with some SIEM vendors, depending on their pricing structure, the inability to control complexity and IP traffic volumes can drastically increase subscription or license related costs.

How It Works

The PacketViper dynamic threat defense platform allows users to continually deceive attackers, gather intelligence on threats and apply that intelligence to strengthen defense in a consistent and automated fashion. This greatly improves the performance of firewalls, IDS/IPS and SIEM solutions. Deploying PacketViper’s integrated deception, defense and intelligence plan into a layered security approach provides a practical and cost-effective means to proactively strengthen cybersecurity.
Deployment options include on-premise or in the cloud. PacketViper sits inline as an undetectable bridge at the perimeter of the network, as well as at other key network transition points throughout the network. On inbound IP traffic, PacketViper looks at new connections and is inherently stateful.

The Benefits

Removing illegitimate IP traffic from the network without taxing the resources of the firewall, NGFW, IDS/IPS is one of the most proactive, cost-effective and impactful network security moves that one can make today for SIEM optimization.  Measurable benefits include:

  • Reduction in IP traffic
  • Reduction in logs and alerts
  • Reduced SIEM licensing costs
  • Labor savings
  • Reduction in SPAM messaging
  • Savings from deferred upgrades
  • Bandwidth savings
  • Storage savings.