CyberOSINT: Next Generation Information Access

Posted by Admin on February 24, 2015

Centripetal Networks

Company Background

Centripetal Networks manufactures a cyber defense solution consisting of both hardware and software products offering visualizations, analytics and threat alerts. The Centripetal team has intelligence in its ranks from Verizon, the Department of Homeland Security, the National Security Agency, the Department of Defense and others.

Founded in early 2009, Centripetal Networks is considered the first to offer real-time active network defense solution. The company's founder and CEO, Steven Rogers, is a technologist, corporate leader and entrepreneur. He has assembled a product suite that uses scaled packet processing for decision- making at Internet speed and scale. Centripetal innovation includes a new class of parallel algorithms.

Products

Centripetal Networks’ RuleGate product, a high performance TCP/IP packet filter, was the first to show action threat indicators at scale, at full line-rate speed. The RuleGate system is implemented in situations where malware, insider attacks and distributed denial of service are present.

In 2013, Centripetal Networks introduced its first commercial products, which include the RG2010 and RG2100 RuleGate appliances. These net- work appliances manage and operationalize millions of security rules at up to 10 Gigabit/second line rates with ultra-low latency and full network performance. The scale of this accomplishment has been recognized as being over one thousand times that of any other known technology.

Previously, in 2012, the devices were validated in a project for the Department of Homeland Security. The Network Survivability, Recovery & Recon- stitution (NS2R) program, enables packet filtering devices to rapidly switch between large security policies.

In 2014 Centripetal unveiled the Network Protection System, a fully integrated Real-Time Active Network Defense Platform, which applies live threat intelligence directly to network operations.

Components: Real-Time Monitoring and Visualization

The QuickThreat application is RuleGate’s breakthrough real-time visualization and analytics tool, which processes the real-time feed and then immediately presents the attack data in multiple forms. QuickThreat displays the geographic location of the cyber criminals that are targeting the network.

Accountability assurances are found in the security audit logs and RuleGate’s high availability monitoring tracks the status of active ports and other high availability peers, hardware system status, including CPU Load, memory usage, power supply status, and critical system temperatures.

Centripetal's Advanced Cyber Threat (ACT) Service is updated each day with many open source threats and other resources, which can be loaded into RuleGate, once identified. The ACT Service includes dynamic threat intelligence from Centripetal's industry-leading threat intelligence partners.

Upside

The system can discern in real-time through its many indicators and processing technology based on parallel algorithms what is happening now, for instant response. The hardware and software integrates for threat surface reduction (TSR), policing in real time, while managing security rules, and policies-- all in a day's work. Traditional methods for cyber defenses, however, often do not have the necessary scale, agility and threat-intelligence to execute in real time.

Considerations

The combination of hardware and OSINT collection and analysis may be unfamiliar to some information technology professionals. Consequently demonstrations of the Centripetal hardware, both on premises and from the cloud, can make clear the advantages of the Centripetal approach.

Net Net

The RuleGate technology continues to remain the leader in speed and performance as an appliance, and its visualization and analytics tools are easy-to-use. Because of federal use and interest, its threat intelligence resources will continue to rank at the top. Cyber defense, done in this manner, is the most useful for its real time capacity and sheer speed in computing.

About the Author

Stephen E. Arnold

Mr. Arnold is a technology and financial analyst with more than 30 years of experience. He has worked for Halliburton Nuclear and Booz Allen Hamilton and consulted at Interpol, The White House, and government agencies in the US and Europe. He currently writes the Beyond Search blog and he is a frequent speaker at TeleStrategies ISS World conferences.

CyberOSINT: Next Generation Information Access

Tags: CyberOSINT: Next Generation Information Access