LightCyber Magna Platform

An Attack Detection Architecture Built for Accuracy and Efficiency

LightCyber Magna supports a wide range of deployments, both on premises and in the cloud, to find, hunt, and stop advanced threats.

Network-Centric Attack Detection

With LightCyber Magna, attackers inside the network have nowhere to run and nowhere to hide. Magna leverages its powerful behavioral attack detection technology to learn expected network behavior and spot anomalous attack activities. This network-focused model catches attacks at any point in the attack lifecycle, especially early in the reconnaissance and lateral movement stages, which most other solutions miss.

The heart of Magna’s Behavioral Attack Detection Platform is the Magna Detector, a physical or virtual appliance that performs behavioral profiling and attack detection directly from raw network packets or flow data and from metadata collected from associated Magna Probes and the Magna Pathfinder service.

Endpoint Analysis to Augment Network Findings

Investigating security alerts often used to involve hours of analysis and hands-on access to compromised endpoints. Not anymore. Magna Pathfinder accelerates incident analysis by automatically identifying the source executable on an endpoint that was responsible for network attack behavior using LightCyber’s patent-pending Network to Process Association (N2PA) technology. Then the executable can be automatically examined by Magna Cloud Expert System to find malware or riskware.

Based on this information, cybersecurity hunters automatically gain additional context on alerts and quickly remediate live attacks. But the real benefit of Magna Pathfinder is that security teams can verify incidents and even terminate malicious processes without needing to install agents on all endpoints.

Threat Intelligence and Malware Analysis 

To improve the actionability and accuracy of alerts produced, the Magna Cloud Expert System automatically investigates artifacts associated with each alert, including classification of malware, riskware, and malicious domain names. When analyzing suspicious files found by Magna Pathfinder, Magna Cloud Expert System compares files against anti-virus hashes, analyzes them with a multi-engine anti-virus scanner, and finally runs them in a sandbox. This threat intelligence helps to differentiate between known malware, zero-day malware, and benign software.

The result is a highly actionable detection system that enables security analysts to quickly resolve malware infections and dedicate more time to critical incidents.

Flexible Deployment On-Premises and in the Cloud

Organizations need security solutions that adapt to their business, whether they host their servers in their own data center or the cloud. The LightCyber Magna platform, available as a hardware or virtual appliance, allows organizations to catch attackers wherever they may be—in physical, virtual and public cloud environments. In addition, Magna Pathfinder agentless endpoint service can find malware and suspicious artifacts on data center servers, including Windows and Linux platforms, whether they are deployed on-premises or in cloud data centers.

Magna Architecture

LightCyber finds targeted attacks, malware, insider threats and risky behavior while avoiding burdensome manual configuration or requiring hefty logging and storage demands. With LightCyber, organizations can detect and stop attackers early, before data is compromised

Magna Detector
Available as a network appliance or virtual appliance, Magna Detector inspects internal and outbound network traffic and also aggregates metadata from Magna Pathfinder and Magna Probe. Magna Detector builds a profile of “normal” user and device activity by monitoring sources, destinations, protocols and learning over one thousand attack dimensions. Based on these dimensions, it accurately detects the anomalies indicative of attack.

Magna Pathfinder
Magna Pathfinder unlocks the full power of the Magna platform by ensuring endpoint context is accurately and efficiently incorporated into attack detection. Pathfinder is an agentless software subscription service that quickly uncovers the root cause of the attack and thus automates what would otherwise be time-consuming analysis, dramatically improves the fidelity of findings, and saves security operations hours of manual investigation.

Magna Cloud Expert System
Magna Cloud Expert System augments Magna’s behavioral attack detection with threat intelligence and malware analysis. This increases detection accuracy and it provides detailed investigative data associated with each detected breach to streamline forensics. Magna Cloud Expert System applies a multi-stage analysis of suspicious files uncovered by Pathfinder by comparing files against anti-virus hashes, analyzing them with a multi-engine anti-virus scanner, and finally running them in a sandbox.

Magna Master
Magna Master provides consolidated management of multiple Magna Detectors and Probes across an organization. Magna Master also integrates with third-party security and identity services for one-click remediation. Supported capabilities include quarantine or isolation of a compromised device with a firewall or Network Access Control (NAC) or account lock or reset with Active Directory. Magna Master run on the same hardware as Magna Detector in smaller environments, while the Enterprise Edition can be deployed as hardware appliance or a virtual appliance for larger environments and to enable enterprise management features.

Magna Probe
Magna Probe is an optional hardware or virtual appliance that extends security visibility to multiple sites or separate network segments. A Magna Probe performs network inspection and metadata extraction, but then forwards aggregated metadata to a Magna Detector for full processing and attack detection. Magna Probes are a great way to support smaller locations where an additional Magna Detector is not warranted.

LightCyber  Magna  Appliance Specifications

Magna Detector & Probe Overview

ModelMagna Detector D-150VMagna Detector-AWS D-150Magna Detector
D-300
Magna Detector
D-500
Magna Detector D-1000Magna Probe P-50TVMagna Probe-AWS P-50TVMagna Probe P-50T
Form FactorVMware Virtual MachineAmazon Machine Image1U, Full-Depth1U, Full-Depth2U, Full-DepthVMware Virtual MachineAmazon Machine Image1U, Full-Depth
Capturing InterfacesDedicated Physical ESXi PortGigamon Visibility Fabric or AWS VPC Flow Logs3 x 1 Gbps (copper)4 x 1 Gbps (copper/fiber)Up to 4 Extension CardsDedicated Physical ESXi PortGigamon Visibility Fabric or AWS VPC Flow Logs1 x 1 Gbps (copper)
Maximum Effective 500 Mbps500 Mbps1 Gbps2 Gbps4 Gbps500 Mbps500 Mbps500 Mbps
Maximum Endpoints1,5001,5003,0005,00010,000N/AN/A5,000

Additional Specifications – Hardware

ModelMagna Detector D-300Magna Detector D-500Magna Detector D-1000Magna Probe P-50T
Management Interface1 x 1 Gbps Copper*4 x 1 Gbps Copper4 x 1 Gbps Copper1 x 1 Gbps Copper
Max Power Consumption233 W316 W431 W200W
Ac Power Supply460 W460 W600 W300W
Weight25 Kg30 Kg40 Kg10.5Kg
Operating Temperature32° to 104° F (0° to ° C) 32° to 104° F (0° to 46° C) 32° to 104° F (0° to 46° C) 50° to 95° F (10° to 35° C)

Additional Specifications – Virtual

ModelMagna Detector D-150Magna Probe P-50V
Minimum CPU Cores84
Minimum Memory32GB16
Minimum Storage500GB50
Management InterfaceAdmin Web UI, LightCyber Remote SupportAdmin Web UI, LightCyber Remote Support
Emulation PlatformESXi V5.1 & UpESXi V5.1 & Up

Extension Cards

Model4x1C2x10C2x1F2x10F
NicN/AN/ASPF+SPF+
Ports4222
ConnectorRJ-45 Copper 1G (1000BASE-T)RJ-45 Copper 10G (10GBASE-T)Fiber 1G (1000BASE-SX, 850nm, SR)Fiber 10G (10GBASE-SR MM LC)
Cable SupportCAT 5eCAT 6/6aN/AN/A

No Agent, No Storage, No Configuration

Data Sheet

Magna Behavioral Attack Detection

LightCyber Magna closes the gap in breach detection by modeling user and device activity to detect attack behaviors. Download the datasheet to view Magna’s benefits and technical specifications.

view

White Paper

The New Defense Against Targeted Attacks

Organizations are spending millions to protect their network with a variety of security solutions. This paper explains why traditional solutions are failing and what can be done to close the detection gap.

view

Case Study

Orange
Telecommunications

Orange deployed LightCyber to find active attackers in their network. “The visibility was so good that we immediately completed our evaluation and dropped the other POCs that were in process.”

view