SecureStack

With our threat insights feature, you will be able to:

• Recognize malware, botnet, exploits, hijacked IPs and phishing activity with your Vision ONE, Vision X, Vision 7300, or CloudLens
  
• Send threat information automatically via NetFlow to existing security appliances

Threat intelligence from our Application and Threat Intelligence (ATI) Research Center, also used in Keysight's ThreatARMOR, provide what you need to secure your network without requiring any additional threat intelligence feed. You can ensure the security of your network by easily:

• Detecting IoT attacks
  
• Tagging suspicious or rogue applications and monitoring them for unusual activity
• Tracking traffic to or from unauthorized geographies
• Tracking questionable file transfers and brute-force attacks

Keysight's Inline Decryption capability enables organizations to see inside traffic that uses ephemeral key cryptography through its visibility platform. With our Inline Decryption you can:

• Decrypt once and scale monitoring infrastructure. Offloading TLS decryption will optimize security and monitoring tool performance.
  
• Deploy inline, out-of-band (OOB), and simultaneous inline and OOB tool configurations for the ultimate flexibility
• See into both outbound and inbound traffic to inspect downloads and detect server attacks
• Achieve limitless visibility when used with our NetStack, PacketStack and AppStack capabilities

Inline Decryption is available via separate high-performance application modules that are compatible with Vision ONE™ and Vision X™.

• Inline Decryption employs a dedicated cryptographic processor, to provide the best throughput integrated with a visibility solution
• Throughput options on the Vision ONE include 1G, 2G, 4G or 10G (license per module). Upgrades via licensing.
• Throughput options on the Vision X include up to 25G decryption per CPU on the Application Module.
• Includes built-in policy management, URL categorization, and real-time insight through reporting
• Supports all leading ciphers including TLS 1.3 (current draft)

Learn more about our Inline Decryption capability and the Vision ONE and Vision X platforms:

• TLS decryption and encryption
  
• Vision ONE
• Vision X
• Security: In an Encrypted World
  

• Get visibility to encrypted sessions without compromising security with role-based access controls and bidirectional decryption capability
• Handle 10 million concurrent sessions with up to 8Gbps throughput within AppStack on the Vision ONE and Vision 7300.
• Support encryption ciphers and key sizes: 3DES, RC4, AES, SHA1/521/384/256/224, MD5, ECC (Elliptic Curve), RSA and Diffie-Hellman Key Exchange
• No impact on application identification and filtering performance
• Can work simultaneously with NetFlow generation, data masking, PCAP, and application forwarding

Data masking + allows you to:

• Use pre-defined patterns to mask major credit cards, social security numbers, and email addresses
• Use a configurable offset with any number of bytes to mask a specific place in a packet
• Reduce false positives with built-in credit card number validation using the Luhn algorithm
• Achieve Payment Card Industry Data Security Standard (PCE-DSS), HIPAA, and other regulatory compliance