Why Trisul Network Analytics
In todays bandwidth unconstrained, encrypted, cloud centric networks you can no longer separate traffic analytics from security and investigation activities. Trisul helps organizations of all sizes deploy full spectrum deep network monitoring which can serve as a single goto source of truth for performance monitoring, network design, security analytics, threat detection, and compliance. Traditional approaches based on SNMP, Netflow, Agents, or Packet Capture have narrow focus and rigid vendor supplied analytics. Trisul is the only platform that provides a rich and open platform you can innovate upon.
Send us your Raw Packets, NETFLOW, SNMP, agent measurements, or use our input filter API to send any type of data. A single place to analyze it all.
Dont depend on vendor for features. Anyone can learn to use the simple Trisul APIs to add analytics capabilities to Trisul.
Includes a tightly integrated backend datastore and a web UI. Yet, open enough to plug into a different backend or to drive Kibana, Grafana UIs.
Recall how you always go to Wireshark to nail down an issue? Trisul gives you powerful packet storage capabilities and sophisticated methods to just store what you need.
Our design goal is to pack as much performance as we can in a single node. For larger networks scale out by adding more probes and hubs.
In addition to traffic and flows. Use metadata, objects, resources like TLS Certs, files, IDS alerts, and more. Drill up down, and sideways to complete your tasks.
Metrics provide the baseline
You can neither optimize nor detect anomalous behavior in patterns if you have no idea of their existence. Deep metrics collection collects simple metrics like app and host bandwidth but also hundreds of new ones like TLS certificate algorithms, Ethernet, Geo, HTTP errors, etc. A 360 degree view of metrics along with tooling like flows and graph analytics gives teams great investigation and detection capabilities.
- Hundreds of metrics for millions of entities
- Powerful built in algorithms. Top-K, Bottom-K,Cardinality, First-seen
- Powerful retrospective analysis tools for IR
- Ingest packets, netflows, snmp, or logs.
Never miss a flow
A flow is a unit of transaction between two network endpoints. Storing a record of every single flow is a foundation capability for investigations. Trisul Netflow makes it easy for organizations of every size to roll this out. You can mix and match - send packets at security perimeters and Netflow at internal core switches to track lateral traffic.
- Ingest Netflows or reconstruct flows from packets
- Flexible query language
- Flow Taggers : add searchable text labels to flow records
- Dont compromise ! no summarization or rollups
Are you ready to really open up your network traffic?
We include a free license that allows monitoring a rolling 3-day window. All you need to do is arrange a way to send traffic, netflow, or PCAP dumps to us. Our docker image makes it effortless to install on any linux platform.
Just sign up and download, no credit cards or other commitments required.
What our users say
Head Financial IT CloudHead Infra at Thomson Reuters
Trisul is an invaluable tool that helps us keep track of every single byte on our financial services cloud. We use its flexible capabilities for service accounting, security, planning, and as a portal to our end users.
Timothy Howard, City of Delaware - I was using tshark to capture all the packets and then having to carve a 15 GB pcap down to just the packets I wanted to look at and then re-assemble the document. That particular task would have taken me around thirty minutes to accomplish without Trisul
Mark MaunuNetwork Security
Trisul is an amazing product with a strong emphasis on network and security monitoring. Trisul's integration of the two enables us to leverage existing IDS tools and network traffic and flows into visualizations putting them in context immediately.