Threat Intelligence provides a significant advantage for categorizing and prioritizing network security events. Large volumes of highly dynamic intelligence have the opportunity to significantly reduce the amount of network security events end users are dealing with.
Applying GEO based policies that are of low-risk to the business, often times as much as 30% of malicious network traffic is eliminated from the network. Eliminating this network traffic at the Gateway reduces the need for downstream devices to process this traffic, speeding up performance, and extending the life of those investments. Additionally, security teams are given more time to focus on the remaining threats in their environment.
Once organizations have a handle on the effects of blocking this traffic at the Gateway and reducing these threats in their networks, they continue to tighten controls. Using large-scale policies to dynamically track items like scanners, Command and Control infrastructure, and un-authorized Remote Access tools, organizations further reduce risk, and higher-risk, advanced treats rise to the surface.
In this example, QuickThreat has reduced half of the volume of malicious traffic from known threats, raising the visibility of the Advanced Persistent Threats and Nation-State events. QuickThreat also has the ability to further reduce threats by expanding the policy to include more trusted intelligence sources.