Dome9 Launches Magellan

November 22, 2017

Dome9 Magellan delivers threat intelligence, deep event correlation, and policy-driven intrusion detection and forensics. The new offering is powered by a patent-pending enrichment engine that has complete understanding of the ephemeral and dynamic nature of cloud environments. Dome9 Magellan is being unveiled ahead of AWS re:Invent 2017 and will be featured at the event.

Dome9 Magellan synthesizes data from a variety of sources to build contextual awareness of security in a cloud environment. Customers can use Dome9 Magellan to detect threats and intrusions, investigate incidents, and validate adherence to compliance and policy requirements based on actual network traffic and user-triggered events. For the first time, customers can use a uniform framework to define security policies and enforce them across static configurations as well as dynamic traffic and events in their cloud environments.

"As a leading financial services institution, the security of our IT environments is a top priority for us," said Reza Salari, director of information security and service transformation at Pacific Life Insurance. "We needed a way to establish and maintain security and compliance in the cloud as we grew our footprint. The Dome9 Arc cloud security platform is a comprehensive solution for visibility, control and active protection on the cloud. Dome9 Arc allows us define and enforce a consistent security posture throughout our cloud journey."

Dome9 Magellan's enrichment engine blends information from cloud-native sources such as VPC flow logs and CloudTrail events, public sources such as threat intelligence feeds, and Dome9's model of the environment's inventory of assets and security configurations. Dome9 Magellan is built to be extensible and can use the output from AWS security services such as Amazon Macie to further enrich and augment its security model.

Features of Dome9 Magellan include:

•Dynamic cloud infrastructure modeling based on real-world, time-based events such as network flow logs and AWS CloudTrail events

•Semantic awareness and attribution of network traffic to cloud-native ephemeral services such as AWS Lambda, Amazon Elastic Compute Cloud (Amazon EC2) Container Service (ECS), AWS Elastic Load Balancing, Amazon Relational Database Service (Amazon RDS), and NAT Gateways

•Intrusion detection and compliance validation based on defining and enforcing policies around network data streams and user behavior analytics; e.g., "PCI/CDE instances should never talk to the Internet"

•Continuous network monitoring and alerting based on customizable policies specified using natural language; e.g., "Lambda functions should never try to connect via SSH to any instance"

"The Dome9 Arc platform has offered comprehensive visualization and protection for cloud environments based on security configuration information," said Zohar Alon, co-founder and CEO of Dome9 Security. "With the introduction of Dome9 Magellan, Dome9 Arc is now enhancing this configuration-based model with dynamic data from several sources to bring unprecedented threat intelligence and intrusion detection in the cloud that makes traditional network and host-based IDS tools obsolete."

Terms of Use | Copyright © 2002 - 2017 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement