Network Security Monitoring
Network Security Monitoring is about full spectrum collection and correlation of network alert events, flows, metadata artifacts, traffic profiles, and packets. Such broad collection enable three powerful capabilities as your benefit. They are better visibility, tougher detection, and deeper investigation. Trisul Network Analytics is designed to make the practice of Network Security Monitoring feasible for all organizations.
- Never miss a thing about your network
- Deploy such deep monitoring at security perimeters
- Hundreds of metrics monitor every parameter
- Custom database to handle diverse data types
- Fully scriptable with an open API
One integrated solution lets you focus on monitoring
Trisul starts with a familiar metrics centric view of network visibility. In addition to basic metrics like per host bandwidth numbers, you get hundreds of metrics such as Unique Peers per Host , TLS Ciphers in use, cross product of Internal Hosts x External Hosts x Apps. To this Trisul adds metadata extraction such as files transferred, DNS records, HTTP URLs, certificate chains. Flows are reconstructed, compressed and stored for querying. A flexible rule based packet capture and storage engine ensures just the packets you need are around when you need them. Trisul is the only product with an Open API covering generation, analytics, and query so you can write your own business specific visibility without depending on a vendor. The diverse datatypes demand custom built backends such as a column store for flows, a timeseries for metrics. Trisul pulls everything together and presents a single system which can serve as your goto source for any visibility, detection, or investigation needs.
Take control of every situation
Network Security Monitoring is all about high speed extraction of datapoints, the analytics, and storage at large scale. Trisul is the only tool that takes away the pain of finding suitable databases for each datatype. You can focus on the task at hand rather than selecting and optimizing a suitable backend for storing timeseries, flow data, text search, graphs and packets. Trisul puts powerful tools at your disposal that let you pivot and navigate these databases until you complete the task and collect packet based evidence.