SysSecOps Are Effective If They Are Flexible – Chuck Leaver

Written by Chuck Leaver

 

You will discover that endpoints are everywhere. The device you read this on is an endpoint, whether it’s a desktop, notebook, tablet, or phone. The HVAC controller for your structure is an endpoint, assuming it’s linked to a network, and the WiFi access points and the security electronic cameras too. So is the linked vehicle. So are the Web servers, storage servers, and Active Directory servers in the data center. So are your IaaS/PaaS services in the cloud, where you are in control of bare-metal servers, VMware virtual machines, or containers operating on Windows and/or Linux.

All of them are endpoints, and every one is essential to manage.

They have to be handled from the IT side (from IT administrators, who ideally have appropriate IT-level visibility of each linked thing like those security cameras). That management means making sure they’re connected to the best network zones or VLANs, that their software applications and setups are up to date, that they’re not flooding the network with bad packets due to electrical faults etc.

Those endpoints likewise have to be handled from the security perspective by CISO groups. Every endpoint is a possible entrance into the enterprise network, which suggests the devices must be locked down – default passwords never used, all security patches applied, no unapproved software set up on the device’s ingrained web server. (Kreb’s outlines how, in 2014, hackers got into Target’s network by means of its A/C system.).

Systems and Security Operations.

Systems Security Operations, or SysSecOps, brings those two worlds together. With the ideal kind of SysSecOps frame of mind, and tools that support the correct workflows, IT and security workers get the very same data and can team up together. Sure, they each have various jobs, and react in a different way to problem notifications, however they’re all handling the same endpoints, whether in the pocket, on the desk, in the energy closet, in the data center, or in the cloud.

Test Report from Ziften Zentih.

We were delighted when the recently released Broadband-Testing report applauded Zenith, Ziften’s flagship end-point security and management platform, as being perfect for this type of situation. To quote from the current report, “With its Zenith platform, Ziften has a product that ticks all the SysSecOps boxes and more. Because its definition of ‘endpoints’ extends into the Data Centre (DC) and the world of virtualisation, it is true blanket coverage.”.

Broadband-Testing is an independent testing center and service based in Andorra. They explain themselves as, “Broadband-Testing engages with suppliers, media, financial investment groups and VCs, analysts and consultancies alike. Evaluating covers all aspects of networking software and hardware, from ease of use and performance, through to significantly essential components such as device power consumption measurement.”

Back to flexibility. With endpoints all over (again, on the desk, in the energy closet, in the data center, or in the cloud), a SysSecOps-based endpoint security and management system should go everywhere and do anything, at scale. Broadband-Testing wrote:

“The configuration/deployment options and architecture of Ziften Zenith permit a really flexible deployment, on or off-premise, or hybrid. Agent deployment is simpleness itself with no user requirements and no endpoint intrusion. Agent footprint is likewise very little, unlike many endpoint security services. Scalability also looks to be outstanding – the biggest client implementation to date is in excess of 110,000 endpoints.”

We cannot help but be proud of our item Zenith, and what Broadband-Testing concluded:

“The introduction of SysSecOps – combining systems and security operations – is an unusual milestone in IT; a hype-free, good sense technique to refocusing on how systems and security are handled inside a company.

Secret to Ziften’s endpoint technique in this category is overall visibility – after all, how can you secure exactly what you can’t see or don’t know is there in the first place? With its Zenith platform, Ziften has a product that ticks all the SysSecOps boxes and more.

Release is basic, especially in a cloud-based scenario as checked. Scalability likewise seems excellent – the greatest client implementation to date remains in excess of 110,000 endpoints.

Data analysis choices are comprehensive with a big amount of details available from the Ziften console – a single view of the entire endpoint infrastructure. Any item can be evaluated – e.g. Binaries, applications, systems – and, from a procedure, an action can be defined as an automatic function, such as quarantining a system in the event of a potentially harmful binary being discovered. Several reports are predefined covering all areas of analysis. Alerts can be set for any occurrence. Additionally, Ziften supplies the idea of extensions for custom-made data collection, beyond the reach of most suppliers.

And with its External API performance, endpoint data gathered by Ziften can be shared with most 3rd party applications, thereby including additional value to a client’s existing security and analytics infrastructure financial investment.

In general, Ziften has an extremely competitive offering in exactly what is an extremely worthwhile and emerging IT category in the form of SysSecOps that is really deserving of examination.”.

We hope you’ll consider an assessment of Zenith, and will concur that when it comes to SysSecOps and endpoint security and management, we do tick all the boxes with the true blanket coverage that both your IT and CISO teams have actually been looking for.

Leave a Reply

Your email address will not be published. Required fields are marked *