Wedge Adds AI for Better Malware Blocking

Carol Wilson
9/22/2016
100%
0%

Wedge Networks today introduced what it is calling an entirely new approach to blocking malware that is yielding strong results in stopping zero-day attacks and other malware in real time.

The new Wedge Networks Advanced Malware Blocker uses artificial intelligence from Cylance to detect and block advanced threats such as ransomware at the network level and prevent them from ever entering the enterprise. It is the first in a series of products that Wedge is introducing as part of a new product family, the Wedge Absolute Real-Time Production Series, that packages capabilities it has been delivering from a cloud-based service into products that can be sold through the channel to the enterprise.

"Advanced threats -- both zero-day and targeted threats -- are getting through the best available next-gen firewalls and intrusion prevention systems," says Frank Wiener, vice president of marketing for Wedge. "They are blocking most of the threats, but I can demonstrate all day long the ability to pass malware through those systems. The bad guys know how to do that."

Industry experts on a recent security panel at Light Reading's NFV and Carrier SDN event agreed with that statement, and the pressure now on service providers to help block those threats. (See Security & Virtualization: 'We Are All Screwed'.)

That is why Wedge is bringing artificial intelligence to the network layer, licensing technology from Cylance that was previously used at end points, Wiener says. In the process, Wedge is addressing the enterprise challenge of having to constantly upgrade firewall and intrusion protection system (IPS) capacity to match network traffic.

"They can offload those requirements onto our box, and when they do so, the throughput of their next-gen firewall will basically double in capacity," he comments. Removing anti-malware protection from the firewall can increase its performance by 50%, he claims.


Want to know more about security strategies? Check out our Service Provider and Enterprise Security Strategies event scheduled for December 1 in New York City.


The new Wedge product also automates the analysis of the data flood through a centralized data analytics engine and generates understandable intelligence on which security personnel can act, Wiener says. "Today, they are all complaining about the same thing: they get hundreds of thousands of alerts every day, and they have a small team of security experts, who have no idea which ones are the important ones," he comments.

There are actually four different processes at work within the WedgeAMB: First, traffic goes through an IPS system which blocks worms and passes traffic to a Data Content Inspection engine where content is examined by type and policies are applied that allow some traffic (voice, video) to bypass further scans; signature scans and heuristic scans are then applied to block known threats and polymorphic viruses and malware; finally, the remaining traffic goes through the Cylance AI engine for detection based on patterns and other intelligence.

All of that happens in 20 milliseconds or less.

Wedge is excited about the way the system is already performing in its earliest deployments, Wiener says.

"With only a couple of weeks of hands on testing with WedgeAMB in our labs, the initial results far and away exceed the real-time malware blocking ability that we've seen with traditional network based solutions," Jason Robohm, cybersecurity practice manager and solutions architect for Computex, a national IT service provider, said via a Wedge-provided email. "WedgeAMB has all the ingredients to be a disruptive force for network malware prevention."

Computex had been working with Cylance on its customer endpoints in the past and views Wedge Networks' addition of the AI technology at the network layer as a major step forward, he said.

— Carol Wilson, Editor-at-Large, Light Reading

(0)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
Featured Video
From The Founder
John Chambers is still as passionate about business and innovation as he ever was at Cisco, finds Steve Saunders.
Flash Poll
Upcoming Live Events
June 26, 2018, Nice, France
September 12, 2018, Los Angeles, CA
September 24-26, 2018, Westin Westminster, Denver
October 9, 2018, The Westin Times Square, New York
October 17, 2018, Chicago, Illinois
October 23, 2018, Georgia World Congress Centre, Atlanta, GA
November 7-8, 2018, London, United Kingdom
November 8, 2018, The Montcalm by Marble Arch, London
November 15, 2018, The Westin Times Square, New York
December 4-6, 2018, Lisbon, Portugal
All Upcoming Live Events
Hot Topics
NFV Is Down but Not Out
Iain Morris, News Editor, 5/22/2018
What VeloCloud Cost VMware
Phil Harvey, US News Editor, 5/21/2018
Verizon CEO Says LA Is Second 5G City
Dan Jones, Mobile Editor, 5/16/2018
TM Forum Sea-Change Overcomes That Sinking Feeling
Iain Morris, News Editor, 5/17/2018
Animals with Phones
Live Digital Audio

A CSP's digital transformation involves so much more than technology. Crucial – and often most challenging – is the cultural transformation that goes along with it. As Sigma's Chief Technology Officer, Catherine Michel has extensive experience with technology as she leads the company's entire product portfolio and strategy. But she's also no stranger to merging technology and culture, having taken a company — Tribold — from inception to acquisition (by Sigma in 2013), and she continues to advise service providers on how to drive their own transformations. This impressive female leader and vocal advocate for other women in the industry will join Women in Comms for a live radio show to discuss all things digital transformation, including the cultural transformation that goes along with it.

Like Us on Facebook
Twitter Feed