Sangfor Launches SIP Falcon Edition: A Lightweight and Cost-Effective Full-Flow Threat Analysis System

In recent years, with the deepening of informatization and digital transformation, enterprise users have transferred more and more key assets online, facing increasingly serious security threats, such as APT attacks/ransomware/crypto mining, etc. Hackers focus on key business data of enterprise users (such as office materials, business databases, emails, etc.). Once an attack is launched on the business, it will bring a devastating blow to the enterprise.

However, the current situational awareness products on the market are complex to implement and deliver, difficult to operate and maintain, and costly. Enterprise users have demand for them, but are limited by budget and personnel expertise and can only look away. To this end, Sangfor has launched a "lightweight" and "cost-effective" full-flow threat analysis system - SIP Falcon Edition.

Sangfor visited several users to understand the current status of enterprise network security and heard the "amazing complaints" from three representatives: It's not the work itself that is difficult, but the lack of strong product support. Our work is too "insecure"!

Don’t panic if you encounter the above problems. Sangfor has “patted” its enterprise users: the SIP Falcon version tailored for you is now on the market!

Different from the situational awareness products on the market that are "high cost" and "difficult to operate and maintain", Sangfor SIP Falcon Edition combines the original SIP probe and platform into one, so users no longer need to purchase two products separately. At the same time, within a limited budget, it not only meets the compliance requirements of security threat detection, but also has the ability to detect advanced threats such as APT attacks/encrypted mining/hidden tunnels/rebound shells/0day vulnerability exploits/fileless attacks/new variants of ransomware, and can respond in a coordinated manner to meet the needs of three-dimensional protection.

A cost-effective and lightweight full-flow threat analysis system. Isn’t it great?

So, how does this falcon soar into the sky and catch its prey?

Gaining a keen understanding of threats and catching new threats

Lightweight three-dimensional protection automatically handles threats in three steps

Broad field of vision, accurate detection in six dimensions

With full-traffic collection technology, AI intelligent analysis technology, and threat intelligence technology as its core capabilities, the SIP Falcon version has built-in file detection system, email detection system, ransomware detection system, mining detection system, and vulnerability detection system.

SIP Falcon Edition has built-in special detection algorithms for APT attacks, ransomware, and mining viruses. Through real-time processing, it achieves high detection and low false alarms, providing users with multi-faceted business security capabilities.

SIP Falcon Edition simplifies the workflow and transforms the complex processing process into three simple modules: "Detection - Discovery - Solution". Users can easily use it and handle and solve complex security issues without the need for professional network security technicians.

Three-step automatic closed-loop threat handling:

1. Synchronize threat intelligence on the cloud, collect traffic from the entire network, and quickly perceive potential risks on the intranet

2. Issue instructions, link boundaries, and block with one click

3. Issue instructions, link EDR, one-click detection, micro-isolation, investigation and evidence collection

The SIP Falcon version has 6 built-in multi-dimensional visualization screens, covering comprehensive situation, security events, vulnerabilities, network attacks, etc., showing business risks in all directions, making security operation and maintenance work lightweight, simplified, and intuitive!

It is worth mentioning that the SIP Falcon version refines the powerful detection and response capabilities of Sangfor's security perception platform SIP. It uses multi-source data collection and combines machine learning, behavioral analysis, correlation analysis and other technologies to effectively discover advanced threats and abnormal behaviors. Through algorithm model iteration, grayscale operation optimization, and two-way traffic detection, the detection rate is greatly improved and the false alarm rate is reduced. The accuracy rate of compromised hosts reaches more than 98%.

As of 2020, Sangfor's SIP product line has more than 300 examined patents, was selected into the "China Network Traffic Monitoring and Analysis Product Research Report", and won titles such as "2020-2021 China Network Information Security Excellent Product". It also participated in the formulation of situational awareness industry standards, including the formulation of industry standards for safety testing in the transportation industry, the formulation of industry standards for situational awareness in the human resources and social security industry, and the formulation of industry standards for situational awareness in the power industry.

While ensuring that all capabilities meet user needs and are effective, SIP Falcon Edition simplifies the complex process modules of previous medium and large network situational awareness solutions, greatly reducing the difficulty of use. The improvement in cost-effectiveness is also intended to help the digital development of various industries.