Most advanced traffic and visibility platform

Practical solution to Network Security Monitoring strategy

Network security monitoring involve monitoring tons of metrics , metadata, flows, down to the packet level. Trisul leverages cutting edge streaming algorithms to bring full blown monitoring using a minimum amount of resources.

The benefits
  • Gain full visibility into network traffic and security threats
  • Advanced streaming analytics helps your teams resolve traffic and security incidents
  • Save upto 80% of hardware and TCO of equivalent RDBMS or Search based solutions

Respond to new and evolving requirements

Our rich and open Lua API lets your build your own tooling with minimal programming

As a customer you are justifiably wary of vendor lock-in. For every small tweak to adjust your business requirements you end up requesting a call. Using the simple Trisul API you can create powerful custom tooling of your own.

The benefits The LUA API (Live Analysis) The TRP API (Retro Hunting)
  • No special language to learn, just plain LUA or Ruby
  • Build upon Trisul's packet processing, reassembly, file extraction, storage
  • A rapidly growing set of Trisul APPS

Miss nothing with multi layer traffic metrics

Supercharge your threat hunting, surveillance, and anomaly detection

Trisul goes beyond SNMP or Netflow to present you with a dramatically enhanced range of metrics. We do this by analyzing packets, reconstructing their content and extracting hundreds of relevant metrics from them.

The benefits More on Metrics

  • Monitor and alert on metrics from L2 to L7 such as HTTP, SSL/TLS, DNS metrics
  • Create your own metrics by simple point and click
  • 200+ metrics including advanced traffic statistics available out of the box

Discover patterns and detect threats before they hit

Tools to help you test your hypothesis. Across metrics, flows, alerts, resources, packets

Trisul continously scans your network traffic against known threats such as malware, spam and phishing sites. You can then use any of the built in tools to investigate the alert all the way down to the packet level.

The benefits More on Flows and Metadata

  • Alerts are automatically correlated with flows, traffic patterns, and packets
  • Meta data extraction of URLs, TLS Certificates, HTTP Headers, DNS Records, and File hashes
  • We dont tie you to our backend - export everything to Elastic Search, Splunk or others

Packets are the ultimate 'truth', we help you find it

Fine grained pruning policies that make PCAP retention viable for everyone

The ability to drill down all the way to packet level is a key capability of Network Security Monitoring. Instantly cut through to packets from any spot to complete your investigation.

The benefits More on packet indexing

  • Fine grained, easy to use policies cut down packet storage requirements
  • Packets are stored encrypted and locally on each trisul-probe
  • Advanced indexing technology lets you retrieve packets very quickly
How is Trisul different

Trisul puts fine grained metrics at the centre of a network monitoring strategy. The other pieces of a full NSM stack are arranged around the metrics model. Trisul is based on a real time stream processing architecture rather than traditional RDBMS or Search. This allows of real time analysis of large time windows, which can be challenging with non-streaming approaches.

What users are saying..

"I was using tshark to capture all the packets and then having to carve a 15 GB pcap down to just the packets I wanted to look at and then re-assemble the document. That particular task would have taken me around thirty minutes to accomplish without Trisul." Timothy Howard, City of Delaware
"Trisul has been monitoring our VSAT (satellite) and internet links, our team gets an email everyday with a summary of issues with our network. We were able to cut down our multicast VSAT traffic with help from Trisul" CIO - ITI Financial
"Trisul is an amazing product with a strong emphasis on network and security monitoring. Trisul's integration of the two enables us to leverage existing IDS tools and network traffic and flows into visualizations putting them in context immediately" Mark Maunu, Network Security Analyst, USA