Cloud Security Startup ProtectWise Creates Network DVR To Analyze Threats

MojoKid writes: A Denver-based security startup called ProtectWise has a rather interesting twist on a security as a service platform that also incorporates an innovative threat detection and management user interface. The ProtectWise security platform runs on a cloud-based infrastructure that currently utilizes Amazon AWS for storage and processing. ProtectWise is an all software solution comprised of a "Cloud Network DVR" platform made-up of virtual cameras in the cloud that record all traffic on the network. The sensors (12MB install package) record all network traffic wherever they're installed and stream it up to the ProtectWise platform where it is securely stored and the threat analysis is performed. The sensors can be configured with profiles to capture just light metadata like netflow or headers (source, destination etc.) all the way to the full payload. You can then playback the traffic from the ProtectWise cloud analytics platform, going months back if needed, and analyze the data for threats. You can go back in time and see if, where and how you've been compromised retrospectively. There's also a ProtectWise HUD that visualizes and renders network threat location and progression, allowing you to make better use of all the data recorded. It has a 'KillBox' that visually shows attack event progression across the network area. The only question has to do with compliance for financial applications since it is cloud-based. Currently, ProtectWise has 100 or so deployments of its product in the market with customers like Netflix, Hulu, Expedia, Pandora and Universal Music.

Woah Nelly!

[TheRealHocusLocus]

Does it come in a cereal box?

No, it comes in it's own damned planet. A planet like ours but much bigger, whose inhabitants have dedicated all their time and resources to the task of storing our planet's data streams so highly paid net-nerds can surround themselves with 'real time threat displays' while making knowing grunts of surprise, and giving tours of the NOC to doe-eyed CEOs, meanwhile getting zero productive work done..

Ping traffic (admin scripts and and early DDOS) sometimes grabbed 50% of all network traffic.
Email spam (in th

Re:

[nazsco]

in journalism parlance this is called "reheating a press release".

in extremely slow days, the journalist, in this case a slash dot editor, just gets a press release that are sent to newspapers in troves every day, and publish as an original article.

nowadays you can see the same paragraphs in several tech sites and blogs because they all just reheat the same press release.

it's exactly the kind of thing that makes regular news suck, and what made slash dot meaningful in the past. now that this reached here, w

The only question has to do with compliance

[turkeydance]

no. not the only.

Re:

[ls671]

Agreed, sending your protected LAN traffic and what not to the cloud. What could possibly go wrong?

As a matter of fact, our current security setup wouldn't even allow the data to be sent.

Re:

[ls671]

The concern for everybody is that it has to be decrypted at some point to be able to analyze the traffic and it would be decrypted outside your premises where you have no control. Heck you would even need to encrypt it with a public key for which you have no control over the matching private key!!!

And guess what? The other runs on the cloud! This all sounds great to me.

retro-spec

[turkeydance]

horse leaves barn.

Doesn't seem to have much to do with security

[fustakrakich]

...with customers like Netflix, Hulu, Expedia, Pandora and Universal Music...

It looks more like a geo-location service and VPN/Tor detector

Cloud Cloud Cloud Cloud

[SuperKendall]

Confused, where are they putting all the software again?

Re:

[xxxJonBoyxxx]

>> The sensors (12MB install package) record all network traffic wherever they're installed and stream it up to the ProtectWise platform

Cool, so I just install this on my router and...

>> Well, you can't install it there. Try a spanning port and set up a completely separate box to run our "sensor"

And how is this better than Snort from 2000 or so?

>> F***!

Re:

[Nunya666]

Right, and you're monitoring your network's (say) 10000 packets/sec link and UPLOADING that data duplicate at 10000 packets/sec to this Cloud service. May work at 100Mbs, not likely to work at 1Gbs. Oh yeah - compression - yeah that solves everything - and latency never matters.

How do startups succeed in getting headlines with ideas that can never work in the real world?

One of our networking guys told me we can't even monitor our network traffic for a single day because the volume would quickly fill our multi-terabyte SAN. Granted, we're a largish company with 350+ users at our corporate office, but still.

Maybe their service is geared towards smaller shops that would have smaller traffic volumes. But then how would smaller shops have the bandwidth for this service? I don't g

Re: Cloud Cloud Cloud Cloud

[xanthos]

Phffftt. 12MB! Is this thing written in Java? NetCat is only a couple of hundred bytes.

A private NSA competitor

[taniwha]

So now we have private companies setting up gross hoovering of network traffic worldwide - listening in to all the world's net traffic.

Why was it the powers that be want to get rid of good encryption again? certainly not to protect my credit card data when I buy stuff.

The time for crypto everywhere is now!

Re:

[transporter_ii]

Yes. Nothing screams security like copying every packet that crosses your LAN and storing it into the *cloud* somewhere. This is an NSA wet dream. They don't even have to take up their own drive space to store every packet, just get a warrant (hahaha) and get the data from Amazon.

Spam?

[Anonymous Coward]

How do I disable targeted ads, masquerading as articles?

Hey, kids!

[kheldan]

Now you too can have your own little NSA! Spy on your network just like the big boys!

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[amiga3D]

That's what I was thinking. It's a fucking system to log traffic! What genius! How unique! They should quickly patent this.

Re:

[Nunya666]

I thought it meant a shared TiVo or cloud storage of traffic cameras or some bizarre thing like that. No, it just fucking logs packets.

I came here to say the same thing. I guess I'll go back to what I was doing. Which is nothing.