<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

Datashield's Resource Library

Read all of our news, articles, reviews, and more in our company blog

All Posts

ExtraHop Reveal(x) Deployed on Microsoft Azure

extrahop reveal(x) deployment on microsoft azure

ExtraHop Reveal(x)’s Network Detection and Response (NDR) technology stands as a leader in the space. Recognized by Gartner in their annual Market Guide, Reveal(x) can be deployed on most leading cloud infrastructures, including Microsoft Azure. 

Azure is Microsoft’s leading cloud deployment service. It is known for its compatibility with other Microsoft apps and services. 

The two solutions together form the basis for a strong cloud security infrastructure. If your company is looking to implement Reveal(x) with Microsoft Azure, make sure to consult with experienced security engineers who can help find the best fit for you, along with provide leading managed detection and response services. 

 

Features 

Complete Visibility 

ExtraHop allows security teams to discover and classify each asset across their cloud infrastructure. This is essential for detecting things like misconfigurations, insecure APIs, and unauthorized access. Reveal(x) provides visibility with full payload analysis, making it a leader in network detection and response. 

 

Real-Time Detection 

Detect anomalous behaviors and malicious activities in real-time with Reveal(x). Unauthorized access, misconfiguration exploits, and insecure APIs are some of the most common threats that need to be detected quickly. ExtraHop’s platform accurately identifies threats across cloud workloads, leveraging over 5,000 wire data features and over 70 protocols. 

 

Intelligent Response 

A network detection and response tool requires automation features to be useful to security teams. Reveal(x) uses data from Azure and other leading tools to provide rapid threat response. Reveal(x) integrates with Azure Security Center and Structured Threat Information Expression (STIX) data to prioritize resources and provide confident response in the cloud and on the ground. 

 

Deployment 

Reveal(x) can be deployed in two ways: Saas-based or self-managed Reveal(x) VM for Azure. Reveal(x) VM for Azure sensors offer the option to conduct machine learning-powered analysis and threat detection from inside your Azure Virtual Network (VNet). 

Extrahop lists the following differences between their self-managed solution and Reveal(x) VM for Azure: 

 

Reveal(x) 360 

Reveal(x) VM for Azure 

SaaS-based deployment 

X 

 

Self-managed sensor 

 

X 

On-demand sensors billed hourly 

X 

 

Simplified sensor deployment via Cloud Console 

X 

 

Cloud-scale ML 

X 

X 

ExtraHop-managed record warehouse 

X 

 

Control plane for unified visibility (hybrid and multicloud) 

X 

 

Announced vTAP integration 

X 

X 

 

VTap Integration 

Reveal(x) utilizes Azure’s virtual network tap to take teams beyond flow logs. ExtraHop’s platform analyses and decodes over 50 protocols at 10 Gbps of data per virtual machine, including Azure SQL Databases and Azure Blob Storage Protocols. 

Threats in cloud environments generally fall into three primary categories: misconfiguration, malicious data access, and application security. By specifically targeting these categories and integrating real-time wire data detections with Azure Security Center metrics and Structured Threat Information Expression (STIX) data, Reveal(x) helps teams prioritize security resources for quick, confident response in the cloud and on the ground. 

 

The Datashield Advantage  

Datashield has helped our clients implement ExtraHop using our proprietary orchestration tool, SHIELDVision. Our security engineers can architect and deploy Reveal(x) in multiple cloud and hybrid environments.  

Take your security to the next level with managed security services, provided by Datashield and backed by security leader ADT. Our US-based SOC has eyes on glass 24x7x365, providing clients with world-class results and white-glove service.  

Learn more about our cloud-native managed detection and response (MDR) service here 

If your organization is considering Reveal(x), contact us for a no-cost consultation to see if Datashield is right for you.  

Contact Us Today 

Topics from this Article

Microsoft Azure Sentinel, SIEM, Cloud Security, Microsoft Azure, Cloud SIEM, NDR, Network Detection and Response, ExtraHop

Cassidy Trowbridge
Cassidy Trowbridge
Cassidy is a marketing specialist at Datashield. She manages Datashield's content and social marketing strategies.

Related Posts

Detecting and Preventing UNC1878

Recently, The FBI, the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency (CISA) released an alert that warned that the healthcare industry was being targeted by hackers.

What is Microsoft Azure Virtual Network?

Azure Virtual Network (VNet) is a platform enabling you to create and maintain private networks in the context of Azure cloud and services. VNet works in a similar fashion a network in a data center works while introducing added advantages such as scale, availability, and isolation. 

What is Microsoft Azure Traffic Manager?

Azure Traffic Manager is a DNS-based load balancer to manage user traffic distribution of service endpoints in different data centers. This tool can service any of the Azure global regions and secure an optimal level of availability and responsiveness for your services.