cClear analyzes hundreds of thousands of links in real time from a centralized dashboard, enabling the processing of network traffic as it is observed, unlike the "capture now, process later" approach offered by other solutions.
The combination of cPacket's cClear visualization dashboard and Cisco's Firepower unified management platform connects to provide customers with the benefits of a more comprehensive understanding of security events. This collaboration aims to drive the convergence of NetOps and SecOps, two groups within the enterprise that are often largely siloed but share the common goal of maintaining a secure, high-performance network infrastructure at low cost and with maximum efficiency.
The alignment of NetOps and SecOps is already underway. For example, Network Packet Brokers (NPBs) are increasingly feeding raw packets and data streams to security tools, such as those used for Security Information and Event Management (SIEM). Furthermore, organizations are increasingly leveraging Network Performance Monitoring and Diagnostics (NPMD) tools for security purposes, such as identifying infected hosts by analyzing malware attack markers, like those seen in the recent WannaCry and Heartbleed incidents.
The cPacket/Cisco integration leverages event context and the perpetrator's IP address, identified by Cisco Firepower's Next Generation Intrusion Prevention System (NGIP), to provide SecOps with immediate context in the form of packet captures (PCAPs), along with network performance KPIs powered by cClear.
cClear's real-time key performance indicators and federated search capabilities can be used to identify DDoS attacks, perform post-attack remediation scans, and conduct real-time pattern matching, all with precise timestamps to ensure accurate correlation. With this comprehensive context, SecOps engineers can now uncover the details of a security event and gather critical information about its causes, enabling the development of preventative measures against future similar attacks or attempts on the network.
