How Flexible Is Your SysSecOps? – Charles Leaver

Written By Charles Leaver

 

You will find that endpoints are all over. The device you’re reading this on is an endpoint, whether it’s a desktop, notebook, tablet, or phone. The A/C controller for your structure is an endpoint, presuming it’s linked to a network, and the WiFi access points and the security electronic cameras too. So is the linked automobile. So are the Web servers, storage servers, and Active Directory servers in the data center. So are your IaaS/PaaS services in the cloud, where you have control of bare-metal servers, VMware virtual machines, or containers running on Windows and/or Linux.

All of them are endpoints, and every one is necessary to manage.

They need to be managed from the IT side (from IT administrators, who ideally have proper IT-level visibility of each linked thing like those security electronic cameras). That management suggests ensuring they’re connected to the ideal network zones or VLANs, that their software and configurations are up to date, that they’re not creating a flood on the network with bad packets because of electrical faults etc.

Those endpoints also have to be managed from the security perspective by CISO teams. Every endpoint is a potential front door into the business network, which suggests the devices must be locked down – no default passwords, all security patches applied, no unauthorized software applications set up on the device’s ingrained web server. (Kreb’s outlines how, in 2014, hackers got into Target’s network by means of its HEATING AND COOLING system.).

Systems and Security Operations.

Systems Security Operations, or SysSecOps, brings those 2 worlds together. With the ideal type of SysSecOps frame of mind, and tools that support the correct workflows, IT and security employees get the exact same data and can team up together. Sure, they each have various tasks, and respond in a different way to difficulty alerts, but they’re all handling the same endpoints, whether in the pocket, on the desk, in the energy closet, in the data center, or in the cloud.

Ziften Zenith Test Report.

We were delighted when the just recently released Broadband-Testing report praised Zenith, Ziften’s flagship end-point security and management platform, as being ideal for this type of circumstance. To quote from the current report, “With its Zenith platform, Ziften has a product that ticks all the SysSecOps boxes and more. Considering that its meaning of ‘endpoints’ extends into the Data Centre (DC) and the world of virtualisation, it is true blanket coverage.”.

Broadband-Testing is an independent testing center and service based in Andorra. They describe themselves as, “Broadband-Testing interacts with vendors, media, investment groups and VCs, experts and consultancies alike. Evaluating covers all aspects of networking software and hardware, from ease of use and performance, through to increasingly essential aspects such as device power consumption measurement.”

Back to flexibility. With endpoints everywhere (again, on the desk, in the utility closet, in the data center, or in the cloud), a SysSecOps-based endpoint security and management system need to go all over and do anything, at scale. Broadband-Testing wrote:

“The configuration/deployment options and architecture of Ziften Zenith allow for a very flexible release, on or off-premise, or hybrid. Agent implementation is simpleness itself with absolutely no user requirements and no endpoint intrusion. Agent footprint is also very little, unlike numerous endpoint security services. Scalability likewise seems excellent – the most significant client implementation to this day remains in excess of 110,000 endpoints.”

We can’t help but be proud of our product Zenith, and exactly what Broadband-Testing concluded:

“The emergence of SysSecOps – integrating systems and security operations – is an uncommon milestone in IT; a hype-free, good sense approach to refocusing on how systems and security are managed inside a business.

Key to Ziften’s endpoint approach in this category is overall visibility – after all, how can you secure what you cannot see or have no idea is there in the first place? With its Zenith platform, Ziften has a product that ticks all the SysSecOps boxes and more.

Release is simple, specifically in a cloud-based circumstance as evaluated. Scalability also looks to be excellent – the most significant consumer deployment to this day is in excess of 110,000 endpoints.

Data analysis choices are extensive with a huge amount of info available from the Ziften console – a single view of the entire endpoint infrastructure. Any object can be analysed – e.g. Binaries, applications, systems – and, from a procedure, an action can be specified as an automated function, such as quarantining a system in case of a potentially destructive binary being discovered. Multiple reports are pre-defined covering all areas of analysis. Alerts can be set for any occurrence. In addition, Ziften supplies the concept of extensions for custom data collection, beyond the reach of the majority of suppliers.

And with its External API performance, Ziften-gathered endpoint data can be shared with most 3rd party applications, consequently adding additional value to a consumer’s existing security and analytics infrastructure financial investment.

In general, Ziften has a very competitive offering in what is an extremely worthwhile and emerging IT category through SysSecOps that is very worthy of examination.”.

We hope you’ll consider an assessment of Zenith, and will concur that when it concerns SysSecOps and endpoint security and management, we do tick all the boxes with the true blanket coverage that both your IT and CISO groups have been searching for.

Leave a Reply

Your email address will not be published. Required fields are marked *