Various Forensic Traffic Analysis Applications
Analyze captured data for suspicious traffic (such as non-DNS traffic over port 53, encrypted traffic over port 80, etc.), alert the security practitioners of what they deem as suspicious user behavior, sessionizing the suspicious network traffic for view and analysis in the SentryWire UI.
Network Access Control (NAC) Analysis
Receive real-time alerts of unauthorized network connectivity through 5-Tuple indexing and logging, allowing the security practitioner or network manager to compare the data to a known list of approved network access points.
Network Behavior Anomaly Detection (NBAD)
Detect anomalies from normal network traffic behavior and correlate to a 5-Tuple index for root cause review.
User Anomalous Behavior
Identify employees using unapproved applications or using applications in ways that violate policies, correlating meta-data about users, files and sessions with real-time threat information and using the correlations to provide situational awareness and alerts.
Encryption Visibility
Gain visibility into TLS / SSL encrypted sessions. Log and extract sessionized network traffic via timestamp, capture node and session information to recover encrypted session, view in any packet viewer (e.g., WireShark) using customer provided keys.
Pick your SentryWire System!
Browse the different SentryWire Solutions to find the one that is perfect for your organization.
