Endace and the EndaceProbe Analytics Platform

Additional Info

CompanyEndace
Websitehttp://www.endace.com
Company size (employees)100 to 499

Overview

EndaceProbes are the industry’s only open packet capture platform. As well as recording a 100% accurate history of network activity, they can also integrate with, and host multiple third-party security and performance monitoring solutions. Customers can deploy security solutions (such as SOAR, IDS or AI-based tools) or performance monitoring tools directly to where packet data is recorded, where they can analyze real-time traffic or replay recorded traffic for historical analysis. Integration allows analysts to go from alerts in their monitoring tools to related packet data with a single click.

An example: a large public university recently chose Endace to gain complete visibility of network traffic. With more than 45,000 students, this university’s IT department had to manage huge amounts of concurrent flows and traffic (up to 10 Gbps) traversing its network. With its existing solution, NetOps and SecOps teams had minimal packet-level or user visibility and they faced challenges finding and analyzing network and security anomalies. They were using third-party security and network performance tools, and wanted to gain complete visibility of network traffic, standardize and unify workflows, and streamline incident response.

Together with its Fusion Partners, Endace provided a solution that enabled the university to filter, sort, forward and record traffic and quickly search and analyze packet data from within existing workflows. The university now has complete visibility into user activity, sessions, and traffic. With multiple third-party applications integrated with their EndaceProbes, the team now has a unified packet capture solution that enhances the power of each solution.

EndaceProbes let organizations cost-effectively record traffic and deploy and host their preferred analytics applications. This helps them overcome previous cost barriers to deploying always-on, network-wide packet capture and gives them the flexibility to deploy new or upgraded analytics tools on demand where and when they need them.

How we are different

• The EndaceProbe Analytics Platform is the industry’s open packet capture platform, offering a full range of full packet capture and recording solutions, with zero packet loss, so enterprises of all sizes can capture, index and store a 100% accurate record of network traffic and activity -- allowing total network visibility. With industry-leading benchmarks for speed, density, and storage capacity, EndaceProbes can cost-effectively record weeks or months of network traffic; allowing teams to go further back in time to accurately reconstruct and investigate threats, breaches or performance issues.


• EndaceProbes offer API integration with a wide variety of security and network performance tools from Endace Fusion Partners, as well as with open-source applications, and custom solutions. Analysts can go directly from an alert in these monitoring tools directly to the related packets with a single click-- reducing investigations from potentially hours or days to just minutes.


• EndaceVision™, a browser-based traffic analysis tool, is included on every EndaceProbe. EndaceVision gives teams a top-level view of the health of the network and provides a wide range of visualizations (including accurate microburst detection, traffic over time, and top talkers. Using EndaceVision, NetOps and SecOps analysts can quickly isolate and examine the packets relating to an incident, accelerating investigation and response to security threats or performance problems.