EndaceProbe and EndaceProbe Cloud: Always-on, enterprise-class packet capture for deep, unified visibility in public cloud, private cloud, and on-prem environments
Photo Gallery
 |
EndaceProbe and EndaceProbe Cloud: Always-on, enterprise-class packet capture for deep, unified visibility in public cloud, private cloud, and on-prem environments
Additional Info
| Company | Endace |
| Website | https://www.endace.com |
| Company size (employees) | 100 to 499 |
| Headquarters Region | North America |
Overview
Packets provide crucial, tamper-resistant evidence of network activity. But enabling always-on, enterprise-class packet capture with deep network-wide visibility in public cloud, private cloud and on-prem environments is challenging. Firstly, you need to be able to record all the packets. And secondly you need to enable analysts to quickly find the specific packets they need to analyze from within potentially petabytes of recorded data.
EndaceProbe and EndaceProbe Cloud address these barriers to adopting always-on packet capture at scale. Endace’s modular architecture and decentralized data storage enable customers to cost-effectively deploy packet capture across large, complex hybrid cloud environments. Recording this critical forensic evidence gives SecOps and NetOps teams a better, faster, more efficient way to investigate and resolve network security threats and performance issues
Endace’s free InvestigationManager search and datamining component provides fast, easy access to packet data across the entire network from a single pane of glass. The free EndaceCMS component enables easy configuration and maintenance of an entire EndaceProbe estate from a central management console for easy estate management.
EndaceProbes provide pre-built integrations with many leading security and network monitoring tools — enabling SOC and NOC teams to get from alerts in their tools directly to the relevant packet data with a single click. On-prem EndaceProbe appliances also offer hosting for a wide range of 3rd-party monitoring tools – such as IDS, NPM, AL/ML and other tools. This can dramatically simplify tool deployment and reduce infrastructure costs.
When high-speed, ultra-reliable packet capture is combined with the ability to integrate with best-of-breed analytics and performance monitoring tools, SecOps and NetOps gain access to the definitive evidence they need to accelerate threat investigation and response. EndaceProbe and EndaceProbe Cloud give customers the surety and confidence of seamless, always-on packet capture, enabling unified visibility across any infrastructure.
Key Capabilities / Features
EndaceProbe and EndaceProbe Cloud are the industry’s only open packet capture platform, offering ultra-reliable, always-on packet capture with zero packet loss. The unique modular architecture and decentralized data storage gives customers the ability to deploy packet capture across large, complex hybrid cloud environments and scale as needs evolve. No other packet capture solution provides the same unlimited scalability and packet-level visibility across all public cloud, private cloud or on-prem infrastructure.
Endace’s search and data mining component (InvestigationManager) provides fast, easy access to packet data across the entire network from a single pane of glass. EndaceCMS enables easy configuration and maintenance of the entire EndaceProbe estate from a central management console. EndaceVision is a browser-based traffic analysis tool within InvestigationManager. It gives teams a top-level view of the health of the network and provides a wide range of visualizations (including accurate microburst detection, traffic over time, and top talkers) for powerful analysis of network traffic and activity.
EndaceProbe and EndaceProbe Cloud seamlessly integrate with a range of security and performance monitoring tools, open-source tools, and custom applications via a powerful API. Security solutions that can be integrated include IDS/IPS, SIEM, SOAR, performance monitoring, next generation firewalls, threat detection and AI/ML-based security, and open-source or custom analytics solutions. Integration puts accurate forensic evidence at an analyst’s fingertips, enabling them to go directly from an alert in their monitoring tools directly to the related packets with a single click. This reduces investigation time from potentially hours or days to just minutes. Recorded packet data can also be replayed to analytics tools, to deliver powerful back-in-time “re-investigation” and enable accurate reconstruction of historical network activity to identify the root cause of issues.
How we are different
• EndaceProbes are the only packet capture solution that have passed DISA’s rigorous testing and stringent military-grade cybersecurity criteria. In December 2024, the US Defense Information Systems Agency (DISA) certified EndaceProbes on its Department of Defense Information Network Approved Products Lists (DoDIN APL). The certification means that EndaceProbes can be freely adopted and deployed at US federal agencies and defense departments with no further testing required.
• The EndaceProbe is the world’s most scalable packet capture solution, leading the industry with groundbreaking speed, depth, and capacity. Recently-launched models offer sustained 100 GbE packet capture in a compact 1RU form factor, accurately capturing real-world traffic 24/7/365 with nanosecond resolution. EndaceProbe Cloud delivers unified visibility across public cloud infrastructure, and works seamlessly with EndaceProbe appliances for single-pane-of-glass control and access from a central management console. Teams can remove the visibility blind spots that have made protecting cloud assets challenging and apply their tried-and-true workflows and investigation processes across all services and assets regardless of whether they are deployed in on-prem, private or public cloud environments.
• EndaceProbe is the industry’s only open platform, having the ability to integrate and host third-party security and performance monitoring tools. This ensures all tools have access to a common, accurate source of network data for analysis and enables hardware consolidation and rapid tool deployment. The ability to integrate a common packet capture technology across tools from multiple vendors - as well as with custom or open-source solutions - lets customers choose best-in-class security tools without being locked-in to a single-stack vendor solution. This enables flexibility, freedom of choice and the ability to quickly change or upgrade tools in the future without having to rip-and-replace existing hardware.
-
Vote for this Nomination
(click the thumbs-up icon to cast your vote)
(7 votes)
Loading...