Packet storage

packets are truth

Packet storage and recall

As Trisul meters network traffic, it continuously saves raw packets for future analysis.The ability to call upon raw packets, or full content, is key to the practice of Network Security Monitoring. Raw packets is not just useful for security applications but also for network performance troubleshooting. For example, you can pull up ARP/Spanning Tree packets which can help you nail a layer 2 issue.Packet Capture Basics describes the design of in greater detail.

Optimized packet storage requirements

One of the major challenges of real time packet storage is concerns about the disk throughput and storage requirements when handling busy links.  Make use of Trisul’s sophisticated techniques to dramatically reduce the packets you need to store.  Using the Trisul LUA API you can even control packet storage policy at a granularity of flow.

Streamlined PCAP drilldown workflows

Most objects in Trisul can be drilldown to raw packets with the click of a single button.

Quickly dive to PCAPs

Flows, alerts, resources to PCAP

Merged PCAP

Consolidate results of investigation into a single merged PCAP automatically

Reduce disk of older PCAPs

Built in pruning tool compresses older PCAPs by flow size

Encrypted by default

Stay secure ! Trisul stores packets encrypted