Endace – EndaceProbe Cloud

Additional Info

Company size (employees)50 to 99
Headquarters RegionAsia
Type of solutionCloud/SaaS


For more than 20 years, Endace has provided high-speed, network recording and visibility solutions to monitor and protect some of the world’s largest, most complex networks. The award-winning EndaceProbe Analytics Platform has set industry benchmarks for speed, storage, and accuracy. Customers choose Endace technology because of its highly-scalable, always-on packet capture that provides lossless recording at full line rate.

In July 2023, Endace launched EndaceProbe Cloud for public cloud deployments. EndaceProbe Cloud brings the same deep level of enterprise-class reliability, scalability and visibility to public cloud infrastructure that customers have come to expect from EndaceProbes. EndaceProbe Cloud operates seamlessly alongside hardware-based EndaceProbe appliances and EndaceProbe vProbes (for private cloud deployments) to deliver unified, packet-level visibility across all parts of an enterprise’s hybrid cloud network. It allows teams to search across weeks to months of recorded traffic in seconds. Like EndaceProbe, EndaceProbe Cloud integrates with leading security and performance monitoring tools and puts packet evidence at analysts’ fingertips from the monitoring tools they use every day – streamlining and accelerating incident response, investigation and resolution.

Shamus McGillicuddy, VP of Research at Enterprise Management Associates said, “Too many enterprises lack network layer visibility in the cloud today. With the rapid growth of cloud vulnerabilities, hijacked cloud credentials, and APTs targeting cloud infrastructure, this status quo is untenable. Cybersecurity teams need the ability to record network packet data across their hybrid, multi-cloud architecture. EndaceProbe Cloud delivers packet-level visibility that is essential for threat hunting and incident response. It enables a unified approach to packet capture and analysis across public and private infrastructure, enabling unified and seamless visibility across the entire network.”

Key Capabilities / Features

Organizations have been increasingly migrating data to cloud environments. This “rush to the cloud” compromised network visibility and created blind spots for SecOps and NetOps teams.
Endace developed EndaceProbe Cloud based on conversations with customers who were contending with these challenges. They wanted:
• deep visibility across their entire hybrid network with the ability to store weeks to months of recorded history.
• to increase efficiency and reduce alert fatigue by being able to quickly find and analyze packets of interest during investigations.
• to leverage the proven investigation workflows and playbooks they use in their on-premise environments.
• to centrally manage and monitor their packet capture infrastructure from a single console.
With EndaceProbe Cloud, Endace brought these capabilities and features to public cloud environments, giving SecOps and NetOps teams what they’ve asked for in an enterprise-class solution:
• always-on, 100% accurate packet capture in all environments.
• unified visibility across all network infrastructure: on-premise, private and public cloud.
• capacity for weeks or months of easily accessible recorded traffic.
• fast, centralized search to analyze recorded data from a single pane of glass, regardless of where the data resides.
• ability to deploy in multiple public cloud environments.
• retaining complete control over the recorded traffic data in their own VPC/Virtual Network using a deployable solution (rather than SaaS).
• integration with leading security and performance monitoring tools, including IDS/IPS, SOAR, SIEM, next generation firewalls, AI/ML security, as well as open source and custom solutions (see endace.com/fusion-partners for a full list).

How we are different

• With the rapid growth in cyberattacks on cloud infrastructure, EndaceProbe Cloud levels the playing field for teams tasked with protecting critical cloud assets and ensuring reliable performance of cloud-based systems, while enabling them to leverage the proven workflows and processes they have developed for securing on-premise network infrastructure. NetOps and SecOps teams have the ability to collect and analyze network activity across their public network infrastructure in the same way as they do on-premise. This means that they can apply their well-honed investigation and resolution processes and workflows to their cloud assets too.

• EndaceProbe Cloud also seamlessly integrates with a range of security and performance monitoring tools, open source tools, and custom applications via a powerful API. Security solutions that can be integrated include IDS/IPS, SIEM, SOAR, performance monitoring, next generation firewalls, threat detection and AI/ML-based security, and open-source or custom analytics solutions. Endace Fusion Partners include Cisco, Palo Alto Networks, Splunk, Elastic, IBM and many others (see http://www.endace.com/fusion-partners for a complete list), to provide pre-built integrations which customers can deploy quickly and easily to streamline, accelerate and automate workflows

• Customers can maintain complete control over their recorded cloud network traffic because it is stored within their own VPC/Virtual Network, unlike SaaS solutions. This minimizes expensive cloud operator egress charges and allows customers to keep full control of their data.