Security Program Controls/Technologies, Channel partners, Channel markets, Content, Vertical markets

ExtraHop Offers Intrusion Detection System (IDS) for Government Agencies

ExtraHop has introduced ExtraHop IDS for Government to help government agencies adopt the U.S. Cybersecurity Infrastructure and Security Agency (CISA) Zero Trust Maturity Model as a part of White House directive M-22-09, the company announced.

White House directive M-22-09 requires government agencies to achieve specific zero trust security goals by the end of fiscal year 2024.

These goals align with the five pillars of CISA's Zero Trust Maturity Model:

  • Identity. Agency staff members must use managed identities to control access to their applications.
  • Devices. Agencies must establish and maintain an inventory of their devices.
  • Networks. Agencies must encrypt DNS requests and HTTP traffic.
  • Applications and Workloads. Agencies must treat applications as if they are connected to the internet.
  • Data. Agencies must categorize and protect their data.

What ExtraHop IDS for Government Offers

ExtraHop IDS lets security analysts view every device, user and asset on a government agency's network, the company stated. The solution provides role-based access controls, allowing government agencies to restrict employees' access to their data and networks. It also offers multiple deployment options for agencies with restricted cloud access or isolated networks.

ExtraHop IDS uses physical sensors that are preloaded with thousands of curated security rules that are updated daily, the company noted. The solution lets users configure the ExtraHop REST API so they can upload resources to disconnected sensors as well.

Commenting on his company's new release and how government agencies can benefit from it, ExtraHop Chief Information and Security Risk Officer Mark Bowling said:

"With ExtraHop IDS for Government, organizations can benefit from an up-to-date security solution that unifies detection, incident response and network forensic evidence collection in a single tool, while also integrating seamlessly with tools popular among government customers such as Splunk and CrowdStrike."

A Closer Look at ExtraHop IDS

Organizations can use ExtraHop IDS to analyze east-west and north-south network traffic and look for exploits, the company said.

Key features of ExtraHop IDS include:

  • Detections of known malware and exploits with thousands of signatures
  • Risk scoring, correlation and investigation
  • Native and turnkey integrations with Splunk, CrowdStrike and other security providers

ExtraHop launched ExtraHop IDS in April 2023, and the company looks poised to continue to explore ways to further enhance this solution moving forward.

Meanwhile, MSSPs, MSPs and other technology providers can join the Panorama Partner Program to integrate ExtraHop IDS and other ExtraHop network detection and response (NDR) capabilities into their offerings.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.