12-04-2018 09:28 AM - edited 12-04-2018 09:28 AM
The latest release of ActiveTrust/ ActiveTrust Cloud includes significant enhancements to the Cloud Services Portal for an improved user experience. This release also helps contain threats more effectively by enabling correlation of events with IPAM metadata for event correlation, thereby enhancing the Threat Containment and Operations solution capabilities.
New features include:
- Enhanced Cloud Services Portal:
- A new, user-centric design to easily get started with important tasks such as defining networks, creating custom lists, configuring security policies. Additionally, customers can easily explore the content and get questions answered on topics such as integrations, community resources, and support as shown in the figure below:
- Improved navigation facilitating logical user workflows
- Inclusion of IP metadata:
ActiveTrust Cloud reports now include IP metadata (MAC Address, Source IP, etc.), which makes it easy for customers to correlate security events.
- Free conversion tool for multiple formats:
Easy to use tool that allows conversion of query/log files, uploaded to an Amazon S3 bucket, to CVS/CEF/JSON format for consumption in SIEMs/ecosystem products. To use this tool, the customer should first download the files from S3 bucket.
Infoblox ActiveTrust® allows customers to proactively detect, investigate, prioritize and prevent cyber threats. Infoblox ActiveTrust® bundles Infoblox DNS Firewall, Infoblox Threat Insight in the Cloud, Infoblox Threat Intelligence Data Exchange (TIDE) and Infoblox Dossier™. The solution prevents data exfiltration and malware C&C communications via DNS, centrally aggregates curated internal and external threat intelligence, distributes threat data to the customer’s existing security infrastructure and enables rapid investigation to identify the context and prioritize threats.
Please follow the link below to receive 30-day free trial for ActiveTrust: http://info.infoblox.com/resources-evaluations-activetrust-bundles