Guardicore Centra is a simple to use, fast to deploy Zero Trust segmentation solution that stops attackers from moving across your network by delivering granular enforcement, intuitive policy creation engine and breach detection capabilities. Guardicore recently introduced into its 40th major release capabilities that radically enhance its visualization, zero trust segmentation and ransomware mitigation capabilities.
Here are some of the highlights:
Enhanced Zero Trust offering
In addition to maintaining a leadership position in network and workload zero trust security, Guardicore is continually extending the network security fabric to devices in OT, IoT and additional environments, providing access management along with context of the device with no agent install required.
Extending Guardicore’s policy model to IoT & OT
The ideal way of getting visibility and enforcing policy is to use a host-based agent to report communications for each workload. However, there are cases where an agent cannot be installed such as in OT environments, IoT devices, legacy mainframes, medical devices etc.
To address this growing need for protecting IoT and OT environments, Guardicore has extended its policy model to include enforcement for devices where agents can not be installed, by integrating with 3rd party solutions. In addition, we have extended our orchestration capabilities and integrated with specialized CMDB and device identification solutions such as Armis and ORDR.
Guardicore’s Collector now supports NetFlow, sFlow and IPFIX to deal with devices that can not take a software agent. Network administrators can configure their switches and flow aggregators like Gigamon, IXIA and many others to share telemetry and flow data using this Collector. Security policies can then be created and converted into ACLs that switches understand natively and easily applied to these switches.
Enhancing ransomware protection
A successful ransomware attack can be devastating to any business. A Forrester report ‘’New Tech: Microsegmentation, Q3 2021’, published September 8 of this month, noted that “microsegmentation will slow down the propagation of future ransomware”. Several years ago, Guardicore pioneered the identity-based microsegmentation solution category and now has even more capabilities to ensure the fastest and simplest deployment of anti-ransomware strategies.
Prevent initial infection at the edge
We recently introduced the DNS Security feature to provide immediate protection against ransomware. With DNS Security, any user’s DNS request is inspected and compared against a list of known malicious domains, including phishing and malware sites, CnC servers and more. In case of a match, the connection to the domain is blocked at the source. Blocking the connection at the source helps us break the ransomware killchain before it is able to infect the machine or move laterally across the network.
How to use: You can curate Block lists, use your own feeds, OR subscribe to Guardicore’s feed.
Major use cases include: Organizations can block DNS requests to known malicious domains to prevent users from visiting dangerous sites or to stop malware from communicating with its CnC operator.
DNS Security benefits SOC teams. Monitoring your DNS traffic can be a rich source of data to your SOC team. Any blocked DNS is logged to Centra and can then be further analyzed.
AI labeling for rapid network mapping
Our enhanced AI-based labeling capability provides administrators with label suggestions customized to the asset’s applications and roles. This capability is based on advanced algorithms that analyze asset traffic and meta data that is collected from the deployed applications and assign the labels that are most critical to your environment needs.
Managed threat hunting services
With today’s dynamic threat environment, threat hunting is becoming increasingly important for any company wishing to stay ahead of threats and swiftly respond to potential attacks. Guardicore Hunt, a new managed threat hunting service offering from Guardicore Labs, can help you detect threats that go undetected by standard defense solutions and better protect your organization. Read more about our Guardicore Hunt services.
Here’s how the Guardicore Hunt team works:
Ransomware response and recovery templates
Introduced 8 months ago, Guardcore’s ransomware recovery and response templates allow users to ring-fence critical applications, backups, file servers and databases, including all the necessary labels and rules required to achieve this.