With the data revolution pushing more and more volume onto networks of all kinds, the need to monitor those networks as the data comes in is critical to guard against cyberattacks.
“If you can engage in some ad-hoc network intelligence … that makes your agility to deal with today’s threats really much more effective,” said John Smith (pictured), a solutions architect at ExtraHop Networks Inc.
Smith spoke with Jeff Frick (@JeffFrick), co-host of theCUBE, SiliconANGLE’s mobile live streaming studio, at the RSA Conference in San Francisco this week about the tools his company brings into play for its clients, the importance of network security these days and what he expects to see in the near future.
As described by Smith, ExtraHop is a “real-time IT analytics product that uses wire data to provide, at least in the security space, the biggest play … around surveillance and invisibility.” Asset inventory and the ability to see what applications are running on those assets are a significant part of the company’s services in monitoring and analysis, and in Smith’s words, “A lot of the tools in the security industry try to engineer down to that. … We start there. We don’t require any agents, we don’t require any SNMP [Simple Network Management Protocol], any ping-sweeps or anything like that. If it has an IP address, it can’t hide from us.”
“What we’ve seen with our customer base is kind of a burgeoning security practice, where people are actually using the appliance more in a security use-case. That’s probably our fastest-growing use-case right now,” Smith said.
He went on to address some of the business’ major areas of focus. “We generally use the wire as a data source, so we position the customer to interact directly with the wire and the data that’s coming across it,” he said. This allows them to draw from and address issues in areas such as performance, applications and business intelligence. Smith claims the company can provide full accountability for every IP address on a network.
Smith also shared some details on what the company has planned for the future, including its announcement of a SaaS offering, a cloud-based machine learning platform “that allows us to do some anomaly detection without the need to … [make customers] FTP data up to you to interpret it.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s on-the-ground coverage of the RSA Conference 2017.