Intelligent Technology Responds to Constant Changes so that Enterprise can Protect its Networks

Enterprises must respond to continuous changes to keep networks efficient and secure. Threats are continuously evolving, and security solutions need to detect and mitigate new threats at a similar pace. Allot achieves this with web security and URL filtering technology that employs advanced learning techniques and intelligence from multiple sources that together with its integrated application control, DDoS protection, Host Behavior Anomaly Detection (HBAD) and network analytics enable you to make your business environment both safer and more productive. The technology is based on Allot’s Intelligent Content Analysis and Knowledge Base that powers both the Enterprise Allot Secure Service Gateway and the Service Provider Web Safe family of platforms. Allot employs advanced artificial intelligence techniques to achieve high levels of effectiveness, of over 99% and multi-dimensional modelling to adapt the solution to the dynamic nature of the Web. These are based on two components; GIANT™ and MIDAS™

Allot’s GIANT™ leap forward in network security

GIANT™ is Allot’s Global Intelligence Acquisition Network for Threats. It maintains a knowledge-base of threats and URL categories that is constantly updated from an extensive network of data sources that identifies and protects against the newest threats to IT security as they arise, and updates Allot web security products so that our customers remain protected at all times. The sources of data are from various in-house and external feeds, including:

  • Licensed external information, obtained through strategic alliances with companies who are leaders in their field including;
    • Phishtank
    • Clean-mx (including Malware Patrol)
    • Malware Bytes
    • Easylist
    • Adaway
  • Information compiled from clients. Allot has in excess of 15 million protected end-users, who constantly add to its web and mail threat knowledge-base.
  • Probes and Honey Pots. Systems that serve as bait to collect data on attacks, such as E-mail traps, false e-mail accounts created exclusively to receive junk, spam and phishing email; and Honey Pots that make it possible to trace the activities of botnets. Allot’s E-mail traps collate hundreds of spam attacks every day that feed into a database that is subsequently analyzed by Allot security experts.
  • Crawlers: the system looks for the most visited sites per country in order to analyze and classify the URLs and then update Allot’s database

These sources of data are analyzed by Allot’s Multi-content Inspection & Dynamic Analysis System, MIDAS and Allot security analysts to create a knowledge-base on viruses and malware, phishing and spam email, inappropriate and harmful websites, etc., in an integral system that tackles emerging blended threats. Specifically, it hosts over 110 categories of web and e-mail content, to block malware, inappropriate, harmful and fraudulent content and to implement granular enterprise acceptable use policies. GIANT™ updates all of Allot’s web security solutions in real time for its customers.

The MIDAS™ touch for threat detection and analysis

MIDAS™ is Allot’s Multi-content Inspection & Dynamic Analysis System that intelligently analyses content in real time. MIDAS performs analysis of all the content delivered to GIANT in order to create a consistent knowledge base of categories and threats that are sourced from the web and third party feeds. A subset of MIDAS also runs in all web security products to detect threats and apply additional granular categorization to requested web pages. This granular categorization provides additional information for a more precise decision on how to handle the content. MIDAS™ analyses text and images that are present in web pages and e-mails, and uses machine learning techniques to build multidimensional models that make it possible to classify, target and block inappropriate content and identify phishing attacks. Incorporated in the process is Allot’s 24/7 service to handle end user re-classification requests and contributions and new web sites that the web security products identify during normal operation. These requests are handled by human classifiers, making it possible to reclassify URLs in less than 10 minutes with a 15 minute SLA.