SAN FRANCISCO—Dell, much more well-known for PCs, storage and servers than for its security acumen, made a lot of news this past week in the data protection category.
Item 1: The Round Rock, Texas-based corporation’s SecureWorks subsidiary on March 3 launched a cloud-based service that identifies threats while they are happening by identifying malicious behavior, enabling it to become aware of attacks that may otherwise go undetected because they involve little or no malware code.
Dell’s Advanced Endpoint Threat Detection Red Cloak is available now as a fully managed software-as-a-service platform. It links to endpoint monitoring capabilities and lightweight sensors in the user’s data center in order to scan and analyze for activity that could indicate a network breach.
The service is powered by real-time threat intelligence provided by the Dell SecureWorks Counter Threat Unit (CTU). The system is already protecting more than 4,100 Dell clients in 61 countries, the company said.
Within the unit, the company’s Cyber Threat Analysis Center can provide electronic notification within 15 minutes of determining that activity constitutes a security incident, Dell said. Targeted and/or high-impact events are then forwarded to the Senior Intrusion Analyst Team, which guarantees a response within 24 hours.
New Data-Protection Packages Released
Item 2: On the storage security side, Dell unveiled a series of new data-protection packages to help organizations better protect frontline business systems, applications, and data–either on premises or in the cloud.
These offerings include Dell Data Protection/Rapid Recovery, three new data deduplication appliances models, a free edition of the new Dell Data Protection/Endpoint Recovery, and Dell’s Data Protection/NetVault Backup 11.
Dell Data Protection/Rapid Recovery integrates proven and familiar features of AppAssure and other Dell securityware to help eliminate downtime for customer environments. Customers can attain ZeroImpact recovery of systems, applications and data across physical, virtual and cloud environments, the company said.
Another new feature, Rapid Snap for Applications, takes snapshots of entire physical or virtual environments up to every five minutes. This gives users immediate access to data in the event of an incident and the power to restore in real time as if nothing ever happened. In addition, Rapid Snap for Virtual technology offers agentless protection of VMware VMs, Dell said.
Capture, Dell’s New ‘Sandbox’ Security Service
Item 3: Patrick Sweeney, vice president of marketing and product management for Dell Security, told eWEEK at the RSA Conference here about SonicWall’s new Capture service, a sandboxing technology—which competes with FireEye, Lastline and others—that has “differentiatable attributes to it.”
“It’s managed and controlled by the next-general firewalls, and we see packets coming in; we identify everything we know to be good, everything we know to be bad, and also what we determine to be unknown,” Sweeney said. “It could be zero-day, could be something benign, or whatever. We direct it to our cloud infrastructure, where we process it through in a key differentiation: three engines in parallel.”
Everybody knows that no one security engine is going to find every threat, Sweeney said. So, in addition to the SonicWall Capture and Lastline engines (Dell is part owner of Lastline, a strong emulation engine that enables users to detect advanced malware in networks), data packets in the Capture are also fed into VMRay, a third-generation malware analysis technology that detects and protects systems from advanced persistent threats, targeted attacks and 64-bit kernel rootkits.
VMRay was announced this week at the RSA conference as Dell’s newest security partner.
All the products noted in this article are available now. Go here for more information.