SOC

Capabilities

More features of the components will be explained that includes:

  • Network Intrusion detection sensor
  • network traffic flow analysis sensor
  • event collector
  • Log management
  • correlation & response engine
  • graphical user interface
  • support services

Features

application-layer detecting of more than 170 protocols, regardless of the port being used. This means that it is possible to both detect known protocols on non-standard ports (e.g. detect http on ports other than 80), and also the opposite (e.g. detect Skype traffic on port 80). This is because nowadays the concept of port=application no longer holds. Auto detect application-layer protocols

 

defines charts of packet rate, flow rate and volume usage in various time periods for different application layer protocols and add them to dashboards. Network traffic monitoring
Receives and processes netflow reports Support netflow
analyzesthe traffic flow information and extracts new attack evidences. Traffic flow analysis
Up to 10Gbe Throughput
Signature based sensors problemis the lack of predefined signatures existance for detecting Zero-day attacks and malwares. Most of this attacks could cause effect on the network traffic flows.Analyzing these effects as the evidences of malicious activities, helps detecting zero-day attacks. Detect Zero-day attacks