Packet Recording & Network Forensics

In our opinion the best way of finding out what exactly happened in case of a breach of information is to simply rewind the tape that recorded the entire event before the actual breach. The NIKSUN solution can help organisations in just doing this. Next to this the solution is also equipped with a state of the art search engine to look for more specific information surrounding the breach. The advanced software applications within NIKSUN can help organisations further analyse the data.

NIKSUN

NIKSUN

Whatever the task, from forensically reconstructing network activity to getting complete situational awareness of your network, NIKSUN NetDetector Suite with capture rates of 100 Gbps, is up to it. Simply plug it in and know the Unknown.

  • Integration with best-of-breed products
  • Intelligent capture and correlation
  • Enables fast root-cause analysis

Depending on which software modules are activated on the system, the appliance becomes a powerful investigative and forensic tool with the following capabilities:

  • Playback of network sessions associated with intrusion, compliance, and/or network events
  • Service Level Monitoring including Network-Use Policy enforcement
  • Discovery of network anomalies and correlate the anomaly to security events
  • Identify regulatory violations (e.g., SOX, PCI, HIPAA)
  • Provide detailed reporting for both internal (i.e., management) and external (i.e., regulatory bodies) needs

NIKSUNĀ“s cybersecurity solution provides in-depth and real time forensics that go beyond firewalls and IDS/IPS systems to identify, resolve, and help prevent cyber attacks. It efficiently creates rich meta-data from full packet captures of all network traffic at line rate in real time. Integrated network behavior based alarms are provided in addition to signature based alarms for fast and accurate detection of intrusions and zero day attacks. Rules-based content alerts proactively monitor email traffic, file leakage (specific file names or types), and blacklisted URL activity. We maintain a complete history of what transpired so a detailed retrospective, forensic analysis can be done at any time. Unknown security threats move out of the shadows and into the bright light of gotcha, making it a critical solution in use by our customers.

NetDetectorLive offers comprehensive, flexible alarms on corporate policy violations and security threats. Out-of-the-box rules provide immediate notification when breaches occur. NIKSUN provides an unprecedented ability to "drill down" in real time so you can rapidly determine all the details required to investigate whatever threat is posed. And NetDetectorLive makes it very easy to add customized monitoring rules to immediately identify security policy violations, sensitive document exfiltration, and other suspicious traffic flows.

If you wishes, we can demonstrate you on NIKSUN Lab Network the NIKSUN Network Security and Performance Monitoring Solutions & Modules (live technical demonstrations on real-time contextual visibility of performance on Network infrastructure and incidents as they occur and application performance monitoring, and troubleshooting. How we captures, inspects, mines, correlates, and stores every packet traversing the network, at multi-gigabit rates and provides comprehensive alarming and reporting capabilities for your system management and data center analyst team.

For more information, call our security consultants at +31(0)345 506 105 or send an email to info@isoc24.com

Vendors

Sourcefire, Niksun, Netwrix, Redsocks, Rapid 7, Unomaly, Logpoint, Isight Partners