Chuck Leaver – Why You Must Have Flexibility With SysSecOps

Written by Chuck Leaver

 

You will discover that endpoints are everywhere. The device you read this on is an endpoint, whether it’s a desktop, notebook, tablet, or phone. The HEATING AND COOLING controller for your structure is an endpoint, assuming it’s linked to a network, and the WiFi access points and the security cams too. So is the linked vehicle. So are the Web servers, storage servers, and Active Directory servers in the data center. So are your IaaS/PaaS services in the cloud, where you are in control of bare-metal servers, VMware virtual machines, or containers working on Windows and/or Linux.

All of them are endpoints, and each and every one is very important to manage.

They have to be handled from the IT side (from IT administrators, who ideally have appropriate IT-level visibility of each connected thing like those security cams). That management means making sure they’re connected to the right network zones or VLANs, that their software and setups are up to date, that they’re not creating a flood on the network with bad packets due to electrical faults and so-on.

Those endpoints also need to be handled from the security perspective by CISO teams. Every endpoint is a prospective entrance into the business network, which indicates the devices should be locked down – default passwords never used, all security patches used, no unapproved software set up on the device’s embedded web server. (Kreb’s outlines how, in 2014, hackers got into Target’s network via its HVAC system.).

Systems and Security Operations.

Systems Security Operations, or SysSecOps, brings those two worlds together. With the best kind of SysSecOps frame of mind, and tools that support the correct workflows, IT and security workers get the exact same data and can collaborate together. Sure, they each have various tasks, and react differently to problem signals, however they’re all managing the same endpoints, whether in the pocket, on the desk, in the energy closet, in the data center, or in the cloud.

Ziften Zenith Test Report.

We were thrilled when the just recently released Broadband-Testing report applauded Zenith, Ziften’s flagship endpoint security and management platform, as being perfect for this kind of situation. To quote from the recent report, “With its Zenith platform, Ziften has a solution that ticks all the SysSecOps boxes and more. Because its meaning of ‘endpoints’ extends into the Data Centre (DC) and the world of virtualisation, it holds true blanket protection.”.

Broadband-Testing is an independent testing facility and service based in Andorra. They explain themselves as, “Broadband-Testing communicates with suppliers, media, investment groups and VCs, experts and consultancies alike. Testing covers all elements of networking hardware and software, from ease of use and performance, through to progressively important aspects such as device power intake measurement.”

Back to flexibility. With endpoints all over (once again, on the desk, in the energy closet, in the data center, or in the cloud), a SysSecOps-based endpoint security and management system should go everywhere and do anything, at scale. Broadband-Testing wrote:

“The configuration/deployment options and architecture of Ziften Zenith permit a really flexible implementation, on or off-premise, or hybrid. Agent deployment is simpleness itself with zero user requirements and no endpoint invasion. Agent footprint is also very little, unlike numerous endpoint security services. Scalability also looks to be excellent – the most significant customer implementation to this day remains in excess of 110,000 endpoints.”

We cannot help but be proud of our product Zenith, and exactly what Broadband-Testing concluded:

“The introduction of SysSecOps – integrating systems and security operations – is an uncommon moment in IT; a hype-free, sound judgment approach to refocusing on how systems and security are managed inside a business.

Key to Ziften’s endpoint technique in this category is total visibility – after all, how can you protect what you can’t see or do not know exists in the first place? With its Zenith platform, Ziften has a product that ticks all the SysSecOps boxes and more.

Deployment is simple, specifically in a cloud-based situation as evaluated. Scalability also looks to be excellent – the most significant customer implementation to this day is in excess of 110,000 endpoints.

Data analysis options are comprehensive with a huge quantity of info offered from the Ziften console – a single view of the whole endpoint infrastructure. Any object can be analysed – e.g. Binaries, applications, systems – and, from a procedure, an action can be defined as an automated function, such as quarantining a system in case of a possibly harmful binary being found. Several reports are predefined covering all aspects of analysis. Alerts may be set for any occurrence. Furthermore, Ziften provides the principle of extensions for customized data collection, beyond the reach of a lot of vendors.

And with its External API performance, endpoint data gathered by Ziften can be shared with most third party applications, thus including more worth to a client’s existing security and analytics infrastructure investment.

Overall, Ziften has an extremely competitive offering in what is a really worthwhile and emerging IT classification through SysSecOps that is extremely deserving of evaluation.”.

We hope you’ll think about an assessment of Zenith, and will concur that when it concerns SysSecOps and endpoint security and management, we do tick all the boxes with the true blanket coverage that both your IT and CISO teams have actually been looking for.

~leaverchuck1


No Responses Yet to “Chuck Leaver – Why You Must Have Flexibility With SysSecOps”

Leave a Reply