ShieldX Elastic Security Platform
SC Magazine, Matthew Hreben, February 1, 2019
STRENGTHS: Quick initial installation. Micro-services can be upgraded without disrupting network traffic.
WEAKNESS: None that we found.
ShieldX believes going beyond control is important for resiliency, and provides a dozen capabilities, including a firewall, IPSs, URL filtering and more. Customers can expect to be able to block new vectors of cloud-based attacks. ShieldX has the speed and scale to perform at the levels expected in the cloud.
Full stack protection is offered with FireEye, APP-aware ACL, DLP, malware detection, full-flow packet capture IDS/IPS threat detection and prevention, virtual tap, URL inspection for reputation and classification/filtering, unique anomaly detection, and micro-segmentation. Every workload and application in your data center will be fully mapped automatically without agents.
Automating infrastructure, security and applications helps ensure agents are inserted when and where they are needed. These agents are inserted directly into infrastructures. This allows for automated intent-based security policies. Security Analytics has a unique component called Indicator of Pivot (IoP) which is based on kill chain methodology.
When inserting into a network, customers can define the insertion method and specify environments. Insertion staging shows specifications for review before committing changes. Once committed, a job will be kicked off and tasks relevant to carry out intended changes are executed. The 3D Connectivity Map has a unique clustering algorithm that takes individual objects and classifies them in different groups to reduce the manual labor required for network administrators to apply policies to all devices on a network.
The Global Threat Configuration page shows the total number of threats and detailed information. In the Event Explorer, customers can deny connections and build zero trust policies. Visualization maps give the ability to tie applications to vulnerabilities, see which protections would remediate them, and easily create policies using a machine learning algorithm.
The multi-cloud security threat intelligence and forensics feature shows the timeline and breakdown of connections made along a kill chain process, giving a comprehensive set of security controls necessary to remediate each stage of an attack. Backups can be executed automatically or manually, as well as used to restore configurations and data. Automated backup to a designated storage location is done once per day. Content download is also automated and can be set to occur at specified start times.
With a fast time-to-value return after a quick 30-minute installation, operational efficiency increases visibility and discovery seamless across a multi-cloud structure with a single pane view into any environment using tools you know.