Paul Stamp

Director, Product Marketing at RSA

Latest posts by Paul Stamp (see all)

You can’t move  these days without some vendor or another talking about Big Data and security. It’s often pretty meaningless stuff, with very little practical advice  or insight into actual benefits. Today, though, RSA and Pivotal released a reference architecture for Big Data analytics to detect and investigate advanced threats. It’s an example of the deployment of RSA Security Analytics and Pivotal working together and a guide to organizations trying to do security analytics in a way that ties in IT and Enterprise analytics in an enterprise “IT  Data Lake”.

The refence architecture addresses the fact that customers need:

  • Greater Visibility through full network packet capture, log collection and contextual data enrichment to spot threats designed to evade detection by common security tools
  • Enhanced Analytics at the time of packet capture and throughout its lifecycle to its archival and retirement, to spot anomalies and reveal indicators of attack and compromise.
  • Actionable intelligence through data visualization, feeds of suspicious activity, and prioritization of alerts that allow analysts to respond appropriately to threats.
  • Enterprise deployability and scale, using distributed, high availability, scale-out architectures that allow for expansion and flexibility to scale to the largest of environments.
  • Flexibility and Agility through the ability to take advantage of new analytics modules and new data sources as they are developed or integrated, ensuring security operations are ‘future—proofed’ as threats and business processes evolve.

Other vendors have talked about Big Data, but the way RSA and Pivotal are approaching it provides much more in-depth guidance on how to gain benefits from newer, cutting-edge technologies like Pivotal HD. The architecture uses a much more open and flexible Hadoop-based architecture that has an entire ecosystem of tools built around it, rather than proprietary tools that can’t take advantage of these innovations.

Through this reference architecture, security teams can get a complete set of analytic tools, specifically designed for enterprise security and threat detection, not just a generic platform  that leaves much of the creation of tools to support the security team to the end customer.

Also, customers can use this reference architecture to create ‘IT Data Lake’ strategy, where you collect the data once, and use it for IT operations use cases like downtime impact analysis, capacity planning and “mean-time-to repair” analysis.

All-in-all, it’s a good thing for organizations to help reduce the risk of loss, reduce their deployment risk, rely less on scarce Data Science expertise – all while achieving a better return on investment by using their existing security team better, and getting to use their Big Data infrastructure across the organizations.

For more details, read the press release and download the reference architecture paper. Happy reading!

RSA Pivotal Reference Architecture

Paul Stamp

Director, Product Marketing at RSA

Latest posts by Paul Stamp (see all)

Leave a Comment

Comments are moderated. Dell EMC reserves the right to remove any content it deems inappropriate, including but not limited to spam, promotional and offensive comments.

Pulse in...

Follow Dell EMC

Twitter: @DellEMCNews

Dell EMC's @quityourjoshing shares industry lessons from 20 years of open source: about 2 days ago
Looking for the best approach to a balanced hyper-converged solution? Hear from @TreyLayton & @TechTarget about 4 days ago
Dell CCO @KarenHQuintos expands on the value of CSR, entrepreneurship and meaningful customer relationships… about 5 days ago
.@codeDellEMC releases open source updates including trust and security enhancements to #REXRay 0.9:… about 6 days ago
Don't miss the 2017 Dell EMC Healthcare Thank Tank – Join the conversation April 18th at 12 PM ET:… about 1 week ago