Endace demonstrates how network-wide monitoring and recording delivers greater visibility to security tools and speeds breach investigation
LAS VEGAS, Aug. 2, 2016 /PRNewswire/ -- Endace, a world leader in high-speed network monitoring and recording technology, announced at Black Hat today the release of new EndaceProbe™ 114 Network Recorders designed specifically for deployment in branch offices as part of a network-wide monitoring and recording fabric.
Remote offices are attractive targets for attackers looking to gain access to the enterprise network by exploiting less secure remote locations and gaining access to sensitive PCI information. Traditionally, the lack of visibility into branch office traffic has made it challenging for security operations (SOC) teams to monitor and investigate security threats across distributed networks. Without this capability, quantitative breach analysis is often impossible.
As part of a network wide Endace fabric, the EndaceProbe 114 allows network traffic recorded on a remote office network to be centrally mined and analyzed using EndaceVision™, the browser-based application bundled with every EndaceProbe, alongside traffic recorded on high-performance EndaceProbes in core network locations.
"Recorded network traffic provides authoritative evidence for fast and conclusive investigation of security alerts and breaches," says Endace CEO, Stuart Wilson. "The ability to record branch office traffic and enable head office analysts to seamlessly search and mine that traffic gives SOC teams, and the tools they use, complete network-wide visibility, eradicating blind spots and speeding the investigation of security breaches."
The EndaceProbe 114 is fully SSD-based, ensuring ultra-high reliability and performance, and its compact, short-depth form factor makes it easy and cost-effective to deploy in remote office locations. Leveraging Endace's proven, 100% accurate DAG™ data capture card technology, the EndaceProbe 114 offers four 10/100/1000BASE-T or optical 1GbE monitoring ports and 3.8TB of onboard RAID storage supporting a sustained 500Mbps write-to-disk rate.
Like all EndaceProbes, the 114 model also supports Application Dock™, allowing it to host a wide range of network security and performance tools, including IDS tools such as SNORT®, Bro™ or Suricata™, and provide them with real-time access to recorded traffic as well as traffic replay for historic analysis. Powerful monitoring, configuration and management through EndaceCMS™ Central Management Server allows EndaceProbes to be centrally managed from head office, reducing the cost and management overhead of deploying a network-wide recording and monitoring fabric.
The new EndaceProbe 114 is on show at Black Hat 2016, booth 1572, where Endace will also be demonstrating how EndaceProbe Network Recorders can be tightly integrated with security tools such as Cisco® FireSIGHT™ Management Center and Splunk™.
For more than 15 years, Endace has provided high-speed, network recording and visibility solutions to monitor and protect some of the world's largest, most complex networks. Customers include global banks, telcos and service providers, media and broadcast companies, health organizations, retailers, e-commerce and web giants, governments and large enterprises. Customers choose Endace technology because it can monitor and capture network traffic with 100% accuracy regardless of network speeds or loads. It can scale to meet the needs of the fastest networks and is built on an open architecture that enables integration with a wide variety of custom, open source and commercial solutions.