Javelin Networks Releases AD|Protect v3.1 To Secure Microsoft Active Directory Networks
March 2018 by Marc Jacob
Javelin Networks launched version 3.1 of AD Protect, its security platform for Microsoft Active Directory networks. Active Directory powers most corporate networks around the world as a central database of all credentials, kerberos tickets and hashes that control the organization. Javelin’s latest version of Javelin AD Protect can protect the biggest multi-domain networks in the world from a single console.
Active Directory is the main repository of information about users, devices, and services available on a network. When hackers gain access to Active Directory, such as through a breached endpoint, they can discover everything on the network — and use that knowledge to move horizontally through the network, gaining privileges, stealing information, and planting seeds for long-term surveillance and disruption.
Attackers access Active Directory for easy answers to network compromise. On the breached endpoint, simple queries provide them with every user account, server, and application service in the domain. AD Protect infinitely obfuscates this data on every endpoint, with no agent, using Native Language Processing. This machine-learning algorithm learns and continuously adjusts to the real topology of the environment. The result appears completely natural, including any attributes that the attacker could query. Items like credentials stored on each endpoint are also covered in the process.
This process is non-disruptive to the business and user base. With no identifiable presence, end users are unaware of AD Protect, and execute daily work with no performance impact. The IT admin and local applications are also unaffected. When a hacker queries Active Directory, AD Protect provides the attacker with false information that thwarts further access — while instantly sounding a silent alarm that an attack is in process.
New with AD Protect version 3.1, available immediately to all Javelin Networks customers: The Javelin core server can now aggregate data across multiple Active Directory domains. The Javelin UI provides security visibility across all domains in the AD environment for AD Protect users.
Administrators can choose to view all alarms aggregated for the whole environment, or can drill down to a specific domain. Each Active Directory domain has its own Javelin DM (Deployment Manager) with its own management account, deception accounts, and policies. Multiple DMs can run on the core server, or they can be distributed to different physical locations. This flexible architecture gives any organization, of any size, the options needed to effectively secure their Active Directory environment with Javelin Networks technology.
The benefit: Better protection through better visibility across the entire enterprise — and less effort on behalf of the security operations team using AD Protect.