Microsoft has announced that its new Advanced Threat Analytics has reached general availability. The system allows you to monitor your network for suspicious behavior such as compromised credentials.
This cyber security solution can help protect your organization even as your network expands from your local data center to the cloud. You can view the pricing for Microsoft’s ATA and the following video for a walkthrough on how to deploy Advanced Threat Analytics.
The release notes on TechNet also offers documentation for Advanced Threat Analytics.
What’s new in this version?
- Support for Windows Event Forwarding (WEF) to send events directly from servers and workstations to the ATA gateway.
- Pass-The-Hash detection enhancements on corporate resources by combining DPI (Deep Packet Inspection) and Windows event logs.
- Enhancements for the support of non-domain joined devices and non-Windows devices for detection and visibility.
- Performance improvements to support more traffic per ATA Gateway.
- Performance improvements to support more ATA Gateways per ATA Center.
- A new automatic name resolution process was added which matches computer names and IP addresses – this unique capability will save precious time in the investigation process and provide strong evidence for security analysts
- Improved ability to collect input from users to automatically fine-tune the detection process.
- Automatic detection for NAT devices.
- Automatic failover when domain controllers are not reachable.
- System health monitoring and notifications now provide the overall health state of the deployment as well as specific issues related to configuration and connectivity.
- Visibility into sites and locations where entities operate.
- Multi-domain support.
- Support for Single Label Domains (SLD).
- Support for modifying the IP address and certificate of the ATA Gateways and ATA Center.
- Telemetry to help improve customer experience.