iboss FireSphere Adds Network Anomaly Monitoring to APT Functions

  • By Dian Schaffhauser
  • 02/11/15

A security technology company has upgraded one of its tools to flag malware that may already be working inside the network. iboss, which last fall released FireSphere, its advanced persistent threat software, has enhanced it with new functionality.

FireSphere was launched with several features:

  • Infection monitoring to detect and respond to malware in progress;
  • Network baselining to establish the normal chain of activities in order to be able to spot anomalies;
  • A device quarantine to fence off infected devices;
  • A behavioral sandbox to detect, isolate and "dissect" malware and other kinds of attacks;
  • Intrusion prevention through data inspection, network traffic scanning and SSL anomaly detection; and
  • Signature and heuristic antivirus, which uses feeds from multiple sources to stay up on the latest malware.

The latest version uses technology developed by the company to perform anomaly monitoring on network traffic to expose more sophisticated and evasive forms of malware. The software compares previous data logs of network traffic to current traffic in order to "pinpoint" odd behavior or activities that can signal a compromise. Then it stops data transfer, quarantines the traffic and alerts network administrators.

The monitoring process examines device category, number of bytes in or out, number of connections being attempted, who owns the device and the intended destination, among other parameters.

The software can be deployed from the cloud or in appliance form.

"Organizations must have technology in place to mitigate loss if and when a network is compromised," said CEO Paul Martini. "FireSphere focuses on data movement across the network, particularly on outbound communication, to ensure organizations have complete insight into threats to immediately remediate potential problems."

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • white clouds in the sky overlaid with glowing network nodes, circuits, and AI symbols

    AWS, Microsoft, Google, Others Make DeepSeek-R1 AI Model Available on Their Platforms

    Leading cloud service providers are now making the open source DeepSeek-R1 reasoning model available on their platforms, including Amazon, Microsoft, and Google.

  • illustration with geometric shapes, digital circuitry, and subtle icons of an open book, graduation cap, and lightbulb

    University of Michigan Launches Agentic AI Virtual Teaching Assistant

    At the University of Michigan's Stephen M. Ross School of Business, a new Virtual Teaching Assistant pilot program is utilizing agentic AI to provide students with 24/7 access to support and self-directed learning.

  • robot waving

    Copilot Updates Aim to Make AI More Personal

    Microsoft has unveiled a range of updates to its Copilot platform, marking a new phase in its effort to deliver what it calls a "true AI companion" that adapts to individual users' needs, preferences and routines.

  • modern college building with circuit and brain motifs

    Anthropic Launches Claude for Education

    Anthropic has announced a version of its Claude AI assistant tailored for higher education institutions. Claude for Education "gives academic institutions secure, reliable AI access for their entire community," the company said, to enable colleges and universities to develop and implement AI-enabled approaches across teaching, learning, and administration.