Endace
Endace, a leader in network connectivity, monitoring, and management, provides hardware and software solutions enabling unrivaled end-to-end data center visibility, optimization, and acceleration for global networks that support enterprise, cloud, government, andtelecommunications. Endace network recorders and NetFlow generators are placed on the network in strategic locations to gather traffic details with 100% accuracy, which are exported as high fidelity, 1:1 unsampled NetFlow or IPFIX records.
Together Scrutinizer and EndaceProbes offer a uniquely powerful flow and packet analytics solution that speeds the identification, investigation, and resolution of security threats and network and application performance problems.
Total accuracy
Complementing the powerful monitoring, reporting, and alerting capabilities of Scrutinizer, EndaceProbe Network Recorders provide 100% accurate recording of network traffic regardless of network speeds or loads. Recorded network packets are time-stamped with nanosecond-level accuracy allowing network events to be reconstructed with complete accuracy.
The high-fidelity network history recorded by EndaceProbes offers an unparalleled source of evidence for analysts investigating the security or performance issues that Scrutinizer detects. Analysts can quickly and conclusively establish the root cause of issues and respond appropriately, dramatically reducing the time to investigate and resolve critical issues. False positives can be quickly identified and flagged so detection rules can be tuned.
The benefits of using EndaceProve Network Records alongside Scrutinizer include:
- Accurate, detailed, and complete network history that provides definitive evidence for investigations
- Streamlined investigation workflow that improves SecOps and NetOps efficiency and reduces OPEX costs
- Faster, more conclusive investigations and quicker issue response and resolution
- More effective detection tuning that reduces false positives
- Network packets that provide a definitive trail of evidence
Solution Details
Scrutinizer leverages the Pivot to Packets functionality on EndaceProbes to provide a streamlined investigation workflow for Network Operations (NetOps) and Security Operations (SecOps) teams. Analysts can click on an alert in the Scrutinizer console to quickly find and retrieve related packets from the network history recorded on EndaceProbes. Relevant packets can be downloaded as a packet capture file for analysis using Wireshark® or other tools, or archived for evidentiary purposes. Scrutinizer’s flow and metadata monitoring combined with the deep, contextual network history recorded by EndaceProbes delivers a powerful end-to-end monitoring and investigation solution for network and application performance and security. Integrating the two technologies gives SecOps and NetOps teams broader and deeper visibility into network activity and optimizes the detection, investigation, and resolution of network security and performance issues. Contact Plixer to start a Scrutinizer trial and experience greater visibility into your Endace investment.
EndaceProbe and Scrutinizer joint solution brief
Complementing the powerful monitoring, reporting, and alerting capabilities of Scrutinizer, EndaceProbe Network Recorders provide 100% accurate recording of network traffic regardless of network speeds or loads. Analysts can quickly and conclusively establish the root cause of issues and respond appropriately, dramatically reducing the time to investigate and resolve critical issues.
