See How We Stack Up!
Keysight offers an extensive set of visibility intelligence feature stacks so you can get the most out of your visibility and security platform – our capabilities allow filtering based on L2 through L7. Moreover, we provide industry-specific, specialized capabilities. Each stack of features is executed with a purpose-built design to ensure you get the best performance whether in a physical data-center or a private, hybrid or public cloud.
Find Your Platform
Today's organizations are under cyberattack. Malware can find its way into an organization in a multitude of ways including email, clicking on malicious links, mobile devices, USBs used by employees, as well as physical intrusions into a network. Cyber Security Ventures reported that ransomware will attack a business every 14 seconds by the end of 2019.
With our threat insights feature, you will be able to:
- Recognize malware, botnet, exploits, hijacked IPs and phishing activity with your Vision ONE, Vision 7300, or CloudLens
- Send threat information automatically via NetFlow to existing security appliances
Threat insights from our Application and Threat Intelligence (ATI) Research Center, also used in Keysight's ThreatARMOR, provide what you need to secure your network without requiring any additional threat intelligence feed. You can ensure the security of your network by easily:
- Detecting IoT attacks
- Tagging suspicious or rogue applications and monitoring them for unusual activity
- Tracking traffic to or from unauthorized geographies
- Tracking questionable file transfers and brute-force attacks
Decryption and Encryption with Ephemeral Key and Upcoming TLS 1.3 Support
Encrypted traffic is a dual-edged sword, where the protection it provides can be manipulated by hackers to inject malware and other threats into a network. As most traffic becomes encrypted and with ephemeral key on its way to becoming the dominant technology, organizations need a way to retain the benefits of TLS 1.3 standards, while being able to inspect traffic for threats and malware to protect their networks and users.
Keysight's Active SSL capability enables organizations to see inside traffic that uses ephemeral key cryptography through its visibility platform. With our Active SSL you can:
- Decrypt once and scale monitoring infrastructure. Offloading SSL decryption will optimize security and monitoring tool performance.
- Deploy inline, out-of-band (OOB), and simultaneous inline and OOB configurations for the ultimate flexibility
- See into both outbound and inbound traffic to inspect downloads and detect server attacks
- Achieve limitless visibility when used with our NetStack, PacketStack and AppStack capabilities
Active SSL is available via a high-performance application module that is compatible with Vision ONE™.
- Active SSL employs a dedicated cryptographic processor, to provide the best throughput integrated with a visibility solution
- Throughput options include 1G, 2G, 4G or 10G (license per module). Upgrades via licensing.
- Includes built-in policy management, URL categorization, and real-time insight through reporting
- Supports all leading ciphers including TLS 1.3 (current draft)
Learn more about our Active SSL capability and the Vision ONE platform:
SSL Decryption (Passive)
Data encryption helps make information secure, but unfortunately, it can also be used by hackers to inject malware, viruses and other risky content into encrypted traffic and traverse your network without being detected. Get greater visibility by decrypting traffic to detect such malware, prevent data loss, monitor applications and more. We can help you offload the SSL decryption work and remove your network performance bottleneck.
- Get visibility to encrypted sessions without compromising security with role-based access controls and bidirectional decryption capability
- Handle 10 million concurrent sessions with up to 8Gbps throughput
- Support encryption ciphers and key sizes: 3DES, RC4, AES, SHA1/521/384/256/224, MD5, ECC (Elliptic Curve), RSA and Diffie-Hellman Key Exchange
- No impact on application identification and filtering performance
- Can work simultaneously with NetFlow generation, data masking, PCAP, and application forwarding
Data Masking +
With personally identifiable information traversing the network, security is key to keeping your consumers and your organization safe. Data masking + helps you meet compliance regulations by securely masking sensitive data on your network such as credit card and social security numbers.
Data masking + allows you to:
- Use pre-defined patterns to mask major credit cards, social security numbers, and email addresses
- Use a configurable offset with any number of bytes to mask a specific place in a packet
- Reduce false positives with built-in credit card number validation using the Luhn algorithm
- Achieve Payment Card Industry Data Security Standard (PCE-DSS), HIPAA, and other regulatory compliance
Be More Secure
Security focused intelligence that gives you better visibility to Transport Layer Security (TLS) / Secure Sockets Layer (SSL) encrypted traffic with the greatest keys and ciphers supported.