packet level monitoring

Network Security Monitoring

Network Security Monitoring is about full spectrum collection and correlation of network alert events, flows, metadata artifacts, traffic profiles, and packets. Such broad collection enable three powerful capabilities as your benefit. They are better visibility, tougher detection, and deeper investigation. Trisul Network Analytics is designed to make the practice of Network Security Monitoring feasible for all organizations.

Maximum monitoring

  • Never miss a thing about your network
  • Deploy such deep monitoring at security perimeters
  • Hundreds of metrics monitor every parameter
  • Custom database to handle diverse data types
  • Fully scriptable with an open API

One integrated solution lets you focus on monitoring

Trisul starts with a familiar metrics centric view of network visibility.  In addition to basic metrics like per host bandwidth numbers, you get hundreds of metrics such as  Unique Peers per Host  TLS Ciphers in use,  cross product of Internal Hosts x External Hosts x Apps.  To this Trisul adds metadata extraction such as files transferred, DNS records, HTTP URLs,  certificate chains. Flows are reconstructed, compressed and stored for querying.  A flexible rule based packet capture and storage engine ensures just the packets you need are around when you need them.  Trisul is the only product with an Open API covering generation, analytics, and query so you can write your own business specific visibility without depending on a vendor.  The diverse datatypes demand custom built backends such as a column store for flows, a timeseries for metrics. Trisul pulls everything together and presents a single system which can serve as your goto source for any visibility, detection, or investigation needs.

Metrics, metrics

Hundreds of metrics provide tracking visibilty from all angles


Ingest IDS, IPS, Firewall alerts with metrics and flows

Flow monitoring

Flows are indispensible for investigations

Explore with graphs

EDGE analytics let you explore network relationships

Script and extend

Trisul evolves with your changing needs with Open APIs

Packets storage and recall

Rules to optimize packet storage and tools to recall

Take control of every situation

Network Security Monitoring is all about high speed extraction of datapoints, the analytics, and storage at large scale.  Trisul is the only tool that takes away the pain of finding suitable databases for each datatype.  You can focus on the task at hand rather than selecting and optimizing a suitable backend for storing timeseries, flow data,  text search,  graphs and packets.  Trisul puts powerful tools at your disposal that let you pivot and navigate these databases until you complete the task and collect packet based evidence.

Download Trisul

Sign up to download Trisul Network Analytics packages for free