Why Trisul Network Analytics
In todays bandwidth unconstrained, encrypted, cloud centric networks you can no longer separate traffic analytics from security and investigation activities. Trisul helps organizations of all sizes deploy full spectrum deep network monitoring which can serve as a single goto source of truth for performance monitoring, network design, security analytics, threat detection, and compliance. Traditional approaches based on SNMP, Netflow, Agents, or Packet Capture have narrow focus and rigid vendor supplied analytics. Trisul is the only platform that provides a rich and open platform you can innovate upon.
Send us your Raw Packets, NETFLOW, SNMP, agent measurements, or use our input filter API to send any type of data. A single place to analyze it all.
Dont depend on vendor for features. Anyone can learn to use the simple Trisul APIs to add analytics capabilities to Trisul.
Includes a tightly integrated backend datastore and a web UI. Yet, open enough to plug into a different backend or to drive Kibana, Grafana UIs.
Recall how you always go to Wireshark to nail down an issue? Trisul gives you powerful packet storage capabilities and sophisticated methods to just store what you need.
Our design goal is to pack as much performance as we can in a single node. For larger networks scale out by adding more probes and hubs.
In addition to traffic and flows. Use metadata, objects, resources like TLS Certs, files, IDS alerts, and more. Drill up down, and sideways to complete your tasks.
Metrics provide the baseline
You can neither optimize nor detect anomalous behavior in patterns if you have no idea of their existence. Deep metrics collection collects simple metrics like app and host bandwidth but also hundreds of new ones like TLS certificate algorithms, Ethernet, Geo, HTTP errors, etc. A 360 degree view of metrics along with tooling like flows and graph analytics gives teams great investigation and detection capabilities.
- Hundreds of metrics for millions of entities
- Powerful built in algorithms. Top-K, Bottom-K,Cardinality, First-seen
- Powerful retrospective analysis tools for IR
- Ingest packets, netflows, snmp, or logs.
Never miss a flow
A flow is a unit of transaction between two network endpoints. Storing a record of every single flow is a foundation capability for investigations. Trisul Netflow makes it easy for organizations of every size to roll this out. You can mix and match - send packets at security perimeters and Netflow at internal core switches to track lateral traffic.
- Ingest Netflows or reconstruct flows from packets
- Flexible query language
- Flow Taggers : add searchable text labels to flow records
- Dont compromise ! no summarization or rollups
Are you ready to really open up your network traffic?
We include a free license that allows monitoring a rolling 3-day window. All you need to do is arrange a way to send traffic, netflow, or PCAP dumps to us. Our docker image makes it effortless to install on any linux platform.
Just sign up and download, no credit cards or other commitments required.