Free Shipping
Free Returns
Easy Payments
Sign up For our Blog
Trade in Welcome
Buy or Lease
Previous
Previous Product Image

ARUBA INTROSPECT AN 1500 HW APPL PL-L3

$25,440.19
Next

ARUBA INTROSPECT PP 1000 HW APPL PL-L3

$12,355.37
Next Product Image

ARUBA INTROSPECT AN 1000 HW APPL PL-L3

$20,707.46

Aruba IntroSpect 1000 Network Security/Firewall Appliance – 1 Year

SKU: JZ265A Brand: HPE Condition: Refurbished UPC: Categories: , ,

Description

Aruba IntroSpect 1000 Network Security/Firewall Appliance – 1 YearUSER AND ENTITY BEHAVIOR ANALYTICS

Aruba’s User and Entity Behavior Analytics (UEBA) solution, Aruba IntroSpect, detects attacks by spotting small changes in behavior that are often indicative of attacks that have evaded traditional security defenses. Aruba IntroSpect integrates advanced AI-based machine learning (ML), pinpoint visualizations and instant forensic insight into a single solution, so attacks involving malicious, compromised or negligent users, systems and devices are found and remediated before they damage the operations and reputation of the organization.

With a Spark/Hadoop platform, IntroSpect uniquely integrates both behavior-based attack detection and forensically-rich incident investigation and response at enterprise scale.

WHAT WE DETECT: SECURITY ANALYTICS USE CASES

IntroSpect provides 100+ supervised and unsupervised machine learning models focused on detecting targeted attacks at each stage of the kill chain:

  • Account Abuse
  • Account Takeover
  • Command and Control
  • Data Exfiltration
  • Lateral Movement
  • Password Sharing
  • Privilege Escalation
  • Flight Risk
  • Phishing
  • Ransomware

ACCELERATED INVESTIGATION & RESPONSE

From SysAdmins to Systems to Sensors – Providing Instant Visibility

IntroSpect Entity360 is key to reducing the time and effort required to understand, diagnose and respond to an attack. Entity360 provides a comprehensive security profile with continuous risk scoring and enriched security information – analysts would otherwise spend hours or days searching for and compiling months and years of security data down to the packet level. Entity360 provides:

  • Profiles for users, systems and devices
  • Access by SIEM, NAC systems, etc. via an open API
  • Pre-packaged incident response playbooks
  • Customer-measured 30 hours/investigation savings
  • Automatic detection of other entities impacted by the attack

THREAT HUNTING

Proactive threat hunting is easily accomplished with a powerful query interface, without the overhead of finding, searching, and summarizing isolated data stores.

  • Rich analytics to test threat hypotheses across any timeframe
  • Automated search of historical data using IOC’s from STIX and custom threat feeds
  • Visualizations to highlight anomalies and significant interactions
  • Significant activity monitored and tagged to assist with both hunting and investigations

DATA SOURCES

The IntroSpect platform processes the broadest range of data sources, including:

  • VPN, FW, IPS/IDS, Web proxy, Email logs
  • NetFlow
  • Packets
  • DNS logs
  • Active Directory logs
  • DHCP logs
  • External threat feeds
  • Alerts from 3rd party security infrastructure

DEPLOYMENT OPTIONS

  • On-premise VM or appliance for Packet Processor
  • AWS or on-premise deployment for Analyzer

KEY INTEGRATIONS

  • ArcSight
  • Aruba ClearPass
  • Blue Coat
  • Checkpoint
  • Cisco
  • FireEye
  • Forcepoint
  • Fortinet
  • Gigamon
  • IBM QRadar
  • Infoblox
  • IXIA
  • Juniper
  • McAfee (as in proxy server)
  • Microsoft
  • Palo Alto Networks
  • Splunk

Additional information

Product Type

Network Security/Firewall Appliance

Firewall Protection Supported

Network Attack Detection

Brand Name

Aruba

Product Family

IntroSpect

Manufacturer Part Number

JZ265A

Manufacturer Website Address

http://www.hpe.com

Manufacturer

Hewlett Packard Enterprise

Product Model

1000

Product Name

IntroSpect 1000 Network Security/Firewall Appliance

Product Line

IntroSpect

Marketing Information

USER AND ENTITY BEHAVIOR ANALYTICSAruba's User and Entity Behavior Analytics (UEBA) solution, Aruba IntroSpect, detects attacks by spotting small changes in behavior that are often indicative of attacks that have evaded traditional security defenses. Aruba IntroSpect integrates advanced AI-based machine learning (ML), pinpoint visualizations and instant forensic insight into a single solution, so attacks involving malicious, compromised or negligent users, systems and devices are found and remediated before they damage the operations and reputation of the organization.With a Spark/Hadoop platform, IntroSpect uniquely integrates both behavior-based attack detection and forensically-rich incident investigation and response at enterprise scale.WHAT WE DETECT: SECURITY ANALYTICS USE CASESIntroSpect provides 100+ supervised and unsupervised machine learning models focused on detecting targeted attacks at each stage of the kill chain: Account Abuse Account Takeover Command and Control Data Exfiltration Lateral Movement Password Sharing Privilege Escalation Flight Risk Phishing Ransomware ACCELERATED INVESTIGATION & RESPONSEFrom SysAdmins to Systems to Sensors – Providing Instant VisibilityIntroSpect Entity360 is key to reducing the time and effort required to understand, diagnose and respond to an attack. Entity360 provides a comprehensive security profile with continuous risk scoring and enriched security information – analysts would otherwise spend hours or days searching for and compiling months and years of security data down to the packet level. Entity360 provides: Profiles for users, systems and devices Access by SIEM, NAC systems, etc. via an open API Pre-packaged incident response playbooks Customer-measured 30 hours/investigation savings Automatic detection of other entities impacted by the attack THREAT HUNTINGProactive threat hunting is easily accomplished with a powerful query interface, without the overhead of finding, searching, and summarizing isolated data stores. Rich analytics to test threat hypotheses across any timeframe Automated search of historical data using IOC's from STIX and custom threat feeds Visualizations to highlight anomalies and significant interactions Significant activity monitored and tagged to assist with both hunting and investigations DATA SOURCESThe IntroSpect platform processes the broadest range of data sources, including: VPN, FW, IPS/IDS, Web proxy, Email logs NetFlow Packets DNS logs Active Directory logs DHCP logs External threat feeds Alerts from 3rd party security infrastructure DEPLOYMENT OPTIONS On-premise VM or appliance for Packet Processor AWS or on-premise deployment for Analyzer KEY INTEGRATIONS ArcSight Aruba ClearPass Blue Coat Checkpoint Cisco FireEye Forcepoint Fortinet Gigamon IBM QRadar Infoblox IXIA Juniper McAfee (as in proxy server) Microsoft Palo Alto Networks Splunk

Manageable

Yes

Support/Service Duration

1 Year

Shopping cart

0
image/svg+xml

No products in the cart.

Continue Shopping