Charles Leaver – SysSecOps And Flexibility Is The Only Way Forward

Written By Charles Leaver

 

You will find that endpoints are everywhere. The device you’re reading this on is an endpoint, whether it’s a desktop, laptop, tablet, or phone. The HEATING AND COOLING controller for your building is an endpoint, assuming it’s linked to a network, and the WiFi access points and the security electronic cameras too. So is the linked automobile. So are the Web servers, storage servers, and Active Directory site servers in the data center. So are your IaaS/PaaS services in the cloud, where you are in control of bare-metal servers, VMware virtual machines, or containers operating on Windows and/or Linux.

They’re all endpoints, and all are necessary to handle.

They need to be handled from the IT side (from IT administrators, who ideally have proper IT-level visibility of each connected thing like those security electronic cameras). That management suggests making certain they’re linked to the right network zones or VLANs, that their software applications and configurations the current version, that they’re not flooding the network with bad packets due to electrical faults and so-on.

Those endpoints likewise need to be handled from the security point of view by CISO teams. Every endpoint is a prospective entrance into the enterprise network, which suggests the devices need to be locked down – default passwords never used, all security patches applied, no unapproved software set up on the device’s ingrained web server. (Kreb’s outlines how, in 2014, hackers broke into Target’s network through its HVAC system.).

Systems and Security Operations.

Systems Security Operations, or SysSecOps, brings those two worlds together. With the right kind of SysSecOps state of mind, and tools that support the proper workflows, IT and security workers get the same data and can collaborate together. Sure, they each have various tasks, and react differently to trouble alerts, however they’re all handling the exact same endpoints, whether in the pocket, on the desk, in the energy closet, in the data center, or in the cloud.

Ziften Zenith Test Report.

We were thrilled when the recently published Broadband-Testing report praised Zenith, Ziften’s flagship end-point security and management platform, as being perfect for this type of circumstance. To quote from the recent report, “With its Zenith platform, Ziften has a solution that ticks all the SysSecOps boxes and more. Since its definition of ‘endpoints’ extends into the Data Centre (DC) and the world of virtualisation, it is true blanket coverage.”.

Broadband-Testing is an independent testing center and service based in Andorra. They describe themselves as, “Broadband-Testing engages with vendors, media, financial investment groups and VCs, analysts and consultancies alike. Evaluating covers all elements of networking hardware and software, from ease of use and efficiency, through to significantly important elements such as device power consumption measurement.”

Back to versatility. With endpoints all over (once again, on the desk, in the utility closet, in the data center, or in the cloud), a SysSecOps-based endpoint security and management system need to go everywhere and do anything, at scale. Broadband-Testing composed:

“The configuration/deployment alternatives and architecture of Ziften Zenith allow for a really versatile deployment, on or off-premise, or hybrid. Agent deployment is simplicity itself with zero user requirements and no endpoint intrusion. Agent footprint is likewise minimal, unlike lots of endpoint security solutions. Scalability also seems outstanding – the greatest customer release to this day remains in excess of 110,000 endpoints.”

We cannot help but be proud of our product Zenith, and exactly what Broadband-Testing concluded:

“The development of SysSecOps – integrating systems and security operations – is an uncommon moment in IT; a hype-free, common sense technique to refocusing on how systems and security are managed inside a company.

Secret to Ziften’s endpoint approach in this classification is overall visibility – after all, how can you secure exactly what you can’t see or don’t know is there in the first place? With its Zenith platform, Ziften has a product that ticks all the SysSecOps boxes and more.

Deployment is easy, specifically in a cloud-based situation as evaluated. Scalability likewise seems excellent – the greatest client deployment to date is in excess of 110,000 endpoints.

Data analysis alternatives are extensive with a huge amount of information readily available from the Ziften console – a single view of the whole endpoint infrastructure. Any item can be evaluated – e.g. Binaries, applications, systems – and, from a procedure, an action can be defined as an automated function, such as quarantining a system in the event of a potentially harmful binary being discovered. Multiple reports are predefined covering all areas of analysis. Alerts can be set for any event. Additionally, Ziften supplies the idea of extensions for customized data collection, beyond the reach of the majority of vendors.

And with its External API performance, Ziften-gathered endpoint data can be shared with many 3rd party applications, therefore adding further value to a client’s existing security and analytics infrastructure investment.

In general, Ziften has a very competitive offering in exactly what is a very worthy and emerging IT classification in the form of SysSecOps that is very deserving of assessment.”.

We hope you’ll consider an evaluation of Zenith, and will concur that when it pertains to SysSecOps and endpoint security and management, we do tick all the boxes with the true blanket protection that both your IT and CISO groups have actually been looking for.

Leave a Reply

Your email address will not be published. Required fields are marked *