<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

ExtraHop Reveal(x) Deployment on Amazon Web Services (AWS)

extrahop reveal(x) deployment on AWS

As business operations expand and move to the cloud, so does security. ExtraHop’s Reveal(x) platform can be deployed on a variety of cloud infrastructures. It makes sense for ExtraHop, leader in Network Detection and Response, to partner with tech giant Amazon Web Services (AWS).

ExtraHop Reveal(x) Cloud offers a turnkey, zero-infrastructure solution to AWS customers.

Use Reveal(x)’s deep insights and transaction fluency with event data from AWS CloudWatch to deliver complete visibility at cloud scale. Discover anomalies including rogue instances, disabled log systems, and suspicious file execution.

 

Features

Complete Visibility

Organizations need continuous visibility and situational intelligence across hybrid, multi-cloud, IoT and remote work environments from a single management source. Reveal(x) provides the ability to see into all of these sources as well as SSL/TLS encrypted traffic.

Real-Time Detection

Immediately detect anomalous behaviors and malicious activity, including unauthorized access, misconfigurations, and insecure APIs. Reveal(x) uses machine learning to utilize over 5,000 wire data features.

Intelligent Response

Work smarter, not harder. Raise efficiency of response time and investigative workflows with Reveal(x). Integrations with AWS include EC2, S3, Amazon CloudWatch and CloudTrail, Amazon VPC Flow Logs, and Lambda.

 

Deployment

Reveal(x) can be deployed in two ways. The first is through Reveal(x) 360 and the second is by Reveal(x) AMI for AWS. Both provide a unified security platform across on-premises and cloud environments with a low management burden.

Reveal(x) AMI for AWS sensors offer the option to conduct machine learning analysis and threat detection from inside an Amazon Virtual Private Cloud (VPC).

Differences

Extrahop lists the following differences between Reveal(x) 360 and Reveal(x) AMI for AWS:

  Reveal(x) 360 Reveal(x) AMI for AWS
SaaS-based deployment  X  
Self-managed sensor    X
On-demand sensors billed hourly  X  
Simplified sensor deployment via Cloud Console  X  
Cloud-scale ML  X  X
ExtraHop-managed record warehouse  X  
Control plane for unified visibility (hybrid and multicloud)  X  
Amazon VPC Traffic Mirroring integration X X

 

Pricing

ExtraHop is also a member of the AWS Consulting Partner Private Offer (CPPO) Program. The CPPO program enables ExtraHop to resell AWS enterprise contracts and their products through the marketplace.

Datashield is also able to package ExtraHop, AWS, and managed security services in a single bill. Contact us to receive a quote.

 

The Datashield Advantage

Datashield has helped our clients implement ExtraHop using our proprietary orchestration tool, SHIELDVision. Our security engineers can architect and deploy Reveal(x) in multiple cloud and hybrid environments.

Take your security to the next level with managed security services, provided by Datashield and backed by security leader ADT. Our US-based SOC has eyes on glass 24x7x365, providing clients with world-class results and white-glove service.

Learn more about our cloud-native managed detection and response (MDR) service here.

If your organization is considering Reveal(x), contact us for a no-cost consultation to see if Datashield is right for you.

Topics from this Article

SIEM, Amazon AWS, Cloud Security, Cloud SIEM, NDR, Network Detection and Response, ExtraHop

Cassidy Trowbridge
Cassidy Trowbridge
Cassidy is a marketing specialist at Datashield. She manages Datashield's content and social marketing strategies.

Related Posts

Detecting and Preventing UNC1878

Recently, The FBI, the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency (CISA) released an alert that warned that the healthcare industry was being targeted by hackers.

What is Microsoft Azure Virtual Network?

Azure Virtual Network (VNet) is a platform enabling you to create and maintain private networks in the context of Azure cloud and services. VNet works in a similar fashion a network in a data center works while introducing added advantages such as scale, availability, and isolation. 

What is Microsoft Azure Traffic Manager?

Azure Traffic Manager is a DNS-based load balancer to manage user traffic distribution of service endpoints in different data centers. This tool can service any of the Azure global regions and secure an optimal level of availability and responsiveness for your services.