Bivio Networks, Inc. (Bivio), a Pleasanton, CA-based network security platform solutions provider for federal and commercial network operators and large enterprise customers, announced on July 7 that its integrated cyber intelligence platform delivered real-time network threat visibility during the 2015 Joint Users Interoperability Communications Exercise (JUICE), held last month at the U.S. Army’s Aberdeen Proving Ground (APG). The platform detected, analyzed and reported on malicious network activity throughout the exercise based on a combination of cyber security tools from Symantec Corporation, Proofpoint, Inc. and the Open Information Security Foundation (OISF).
The JUICE 2015 event emphasized communications interoperability throughout a Coalition Joint Task Force that included participants from the Combatant Commands, Services, Federal Agencies, Civil authorities and Coalition partners. Joint Cyber Operations during the exercise included Cyber Warriors from all the services working together as a team to validate joint cyber cell techniques, tactics and procedures.
The platform deployed for the exercise is part of the Bivio FlowIntelligence application suite that combines the Suricata Engine from OISF, an Open Source Next Generation Intrusion Detection and Prevention Engine, withSymantec Cyber Security: DeepSight™ Intelligence datafeeds and theProofpoint ET Pro Ruleset.
“We are proud that our Bivio 8000i Series platform helped protect the JUICE network environment from network threats and malicious activities,” said Keith Glover, President, Bivio Networks. “The integration of the platform with proven network security tools from OISF, Symantec and Proofpoint further demonstrates the ease of deploying a powerful cyber intelligence solution in a complex and demanding environment.”
The Bivio 8000i Series is a family of high-performance, multi-application platforms that help protect and defend mission-critical environments including national defense and intelligence agencies from an ever-changing arsenal of network cyber-attacks. At the foundation of the platform is a robust, secure and optimized Linux application environment that simplifies deployment of high-performance packet processing solutions for Cyber Security, Information Assurance, Network Flow Monitoring and other advanced network security services.
In order to provide real-time cyber intelligence for the exercise, the platform combined the Suricata engine with updates from the Symantec Cyber Security: DeepSight™ Intelligence datafeeds. The automated datafeeds provided actionable intelligence on IP addresses and domains/URLs exhibiting malicious activity such as malware distribution, and botnet command and control server communication.
“The DeepSight Intelligence datafeeds ensured that the platform remained up-to-date on the latest threats and exposures throughout the exercise,” said Rob Potter, Vice President Public Sector and Healthcare, Symantec. “It was extremely important for the cyber analysts at JUICE to have immediate visibility to any potential threat in their environment so that they could quickly analyze the incident and take the appropriate action.”
In addition to the DeepSight Intelligence datafeeds, the Bivio platform was also configured to update the Suricata engine using the Proofpoint ET Pro Ruleset. The platform integration simplified the task for analysts to enable proactive cyber defense and incident response based on the industry’s largest threat collection network.
“In a climate where most cyber security news tends to be bad news, it’s great to see excellent teams like JUICE leverage effective products like the Proofpoint ET Pro Ruleset to demonstrate real success,” said Ryan Kalember, senior vice president of Product Marketing for Proofpoint. “We are pleased that the JUICE team could depend on the comprehensive coverage that the ruleset provides for blocking command and control communication on the Bivio platform.”
Source: Bivio Networks, Inc.