Advanced Adversary Protection
Enhance your defense-in-depth security strategy withproactive deception technology
Attackers are evolving, so should your security posture

Security teams for organizations big and small struggle to keep pace with the ever-advancing tactics, techniques, and procedures (TTPs) of cyber criminals, opportunist hackers, and nation states. As a result, security practitioners are left at a severe disadvantage always being on the defensive - reactive rather than proactive. Compounding the situation are defense-in-depth strategies that stack defensive technologies to parry individual attacks and too often ignore the strategic importance of misleading, confusing, stalling, and frustrating adversaries.

Traditional security solutions are based on the idea of finding the needle in the haystack - to find the attacker within vast amounts of legitimate network and data center traffic. vArmour DSS Deception, at its core, is the natural corollary to traditional security solutions. It is designed to trick attackers to move outside the realm of legitimate traffic - outside the haystack - so that they can be easily identified and remediated.


The vArmour Solution

vArmour DSS Deception distracts, stalls, and identifies attackers by creating the illusion of vulnerable workloads and services across unused IP ranges in the data center. Built on top of the vArmour DSS Distributed Security System, vArmour DSS Deception creates a broad synthetic attack surface with an extremely small resource footprint.

Figure: vArmour policy-based deception services
Integrated Cyber Deception Services

Built on top of the vArmour DSS Distributed Security System, vArmour DSS Deception takes advantage of the installation, configuration, and management capabilities of the larger system and dramatically reduces the amount of care and feeding typically required by other deception solutions. With a single interface for all monitoring, alerting, and management of the system, ongoing operations are accelerated and simplified so organizations of all sizes can take advantage of the benefits of deception technologies.

Large Deception Coverage From a Small Resource Footprint

Enabled by the broad coverage and powerful policy capabilities of the vArmour Fabric, vArmour DSS Deception is able to cover an entire data center or cloud with the appearance of synthetic workloads and services - all with a single Deception Point. By leveraging a policy-based mechanism for transparent traffic routing, attackers are routed to the Deception Point for identification and inspection all the while thinking they are interacting with their intended destination.

Tightly Secured Deception Points

With the full Layer 7 visibility and microsegmentation capabilities of the vArmour DSS, vArmour DSS Deception not only is hardened against potential attempts to compromise the Deception Point, but is also able to provide a full audit trail of the communications in and out of each deception service. This tightly controlled and closely monitored activity provides the necessary data to rapidly determine whether the observed interactions are, in fact, malicious or not.


Benefits
  • Earlier compromise discovery by enticing attackers to interact with decoy workloads and services that no legitimate user would ever communicate with
  • Increased detection accuracy by eliminating legitimate traffic as a cause of false positive alerts
  • More relevant and actionable intelligence collected through the monitored interactions between attackers and the synthetic workloads and services they attempt to make use of