Is Lumu similar to an IDPS?
For starters, Lumu is a technology that was built from the ground up with a single objective: help measure and understand your unique compromise level in real time. This is done via Lumu’s patent-pending
Illumination Process
which systematically collects, normalizes, and analyzes your company’s network metadata, resulting in the identification of enterprise assets in contact with adversarial infrastructure. Simply put, Lumu identifies confirmed compromises.
On the other hand, Gartner defines IDPS as “stand-alone physical and/or virtual appliances that inspect network traffic, either on-premises or in virtualized/public cloud environments. They are often located in the network to inspect traffic that has passed through perimeter security devices, such as firewalls, secure web gateways, and secure email gateways.”
Intrusion Detection System (IDS) is a legacy technology that was created in the early 1980s with the goal of protecting confidential assets from internal users. Over time this technology pivoted to Intrusion Prevention System (IPS) but retained many disadvantages and limitations, including:
-
Focusing on north-south traffic, leaving blind spots in the movement of the attacker within the organization.
-
Not being designed to detect evolving threats.
-
Only detecting intrusions, but not the context around the compromise.
- Legacy technologies, and as such, there is plenty of information about how to bypass this technology.
Related Articles
What is the difference between Lumu Free, Lumu Insights and Lumu Defender?
Lumu Free offers a starting point for understanding your compromise level. It is always free and provides network-level visibility of confirmed IoCs (Indicators of Compromise) and retains incident data for 45 days. With Lumu Insights you can ...What is Lumu Insights?
Your network traffic is your ground zero for illuminating threats and adversaries. Using existing network data sources, Lumu Insights continuously assesses the entire enterprise to determine the level of compromise. Implementing Lumu’s patent-pending ...How can I increase the storage of a Lumu Virtual Appliance?
It is strongly recommended to save a Snapshot of the current state of the VA in your hypervisor before you begin. First, shut down the appliance, then increase its capacity using the hypervisor. To shut down the Lumu Virtual Appliance execute the ...Which Internet Browser versions can I use to access the Lumu Portal?
The Lumu Portal is designed to fully function on the most common and widely used browsers. It is worth noting that each browser is frequently updated and maintained by its respective developer. This means that accessing the Lumu Portal from older ...I’m Afraid the Lumu Agent will have a Negative Impact on the performance of my organization’s devices, what should I do?
The Lumu Agent is an extremely lightweight application and it will put very little load on the end user’s device as it doesn’t require much processing power to function. Remember that installing the Lumu Agent is a simple and straightforward process, ...