Endace Probe and EndaceProbe Cloud – National Cyber Defense
Photo Gallery
 |
 |
Endace Probe and EndaceProbe Cloud – National Cyber Defense
Additional Info
| Company | Endace |
| Website | https://www.endace.com |
| Company size (employees) | 50 to 99 |
| Headquarters Region | Asia |
| Type of solution | Hybrid |
Overview
For more than 20 years, Endace has specialized in scalable high performance, 100% accurate packet capture technology — working closely with governments and defense organizations within the NATO alliance to defend critical infrastructure, protect confidential information, and ensure essential services are reliable and accessible.
When lives are at stake, teams managing national defense, utilities, and transportation must be able to quickly monitor, reconstruct and remediate network threats. Always-on packet capture provides the deep history and information needed to conclusively investigate and resolve anomalies and performance issues. It also enables customers to adhere to the White House mandate requiring 72 hours of full packet capture to be available on request by the FBI or CISA.
Last year, Endace launched EndaceProbe Cloud. EndaceProbe Cloud brings the same deep level of visibility to public cloud infrastructure that government customers have come to expect from EndaceProbes, and operates seamlessly alongside EndaceProbe appliances and EndaceProbe vProbes to deliver unified, packet-level visibility across all parts of an enterprise’s hybrid cloud network.
One of Endace’s customers is the United States’ Defense Information Systems Agency (DISA). DISA depends upon EndaceProbes’ continuous packet capture to defend critical networks and infrastructure while supporting hundreds of analysts working to neutralize threats, around the clock and across the globe.
Endace enables DISA analysts to work with team members worldwide to quickly investigate and resolve security incidents. Analysts can access full packet data from within their existing security and network tools, enabling seamless workflow integrations.
DISA Division Chief Tinisha McMillan, said, “The Endace team are experts in their field, understood our infrastructure and supporting technologies, and enabled the mission to be completed ahead of schedule. We’ve been able to speed investigations, create global access, and free up analysts that had been tasked with time-consuming maintenance and support of our legacy, in-house system.”
Key Capabilities / Features
EndaceProbe and EndaceProbe Cloud offer powerful integration capabilities, enabling fast, centralized search and datamining to be integrated directly into a wide range of leading security and performance tools, putting accurate forensic evidence at an analyst’s fingertips. This ability to quickly find and analyze the crucial packet evidence related to specific incidents speeds investigations and enables SecOps and NetOps teams to respond to issues quickly without guesswork. Recorded packet data can also be replayed to analytics tools, delivering powerful back-in-time “re-investigation” and enabling accurate reconstruction of historical network activity to identify the root cause of issues.
The EndaceProbe is the industry’s only open packet capture platform, offering highly-scalable, always-on packet capture and recording, across on-premise, private and public cloud environments. With industry-leading speed, density, and storage capacity, EndaceProbes can cost-effectively record weeks or months of network traffic; allowing teams to go further back in time to accurately reconstruct and investigate threats and performance issues.
The unlimited scalability of EndaceProbes means customers can seamlessly expand the throughput and/or storage capability of their monitoring infrastructure easily as needs evolve, by adding EndaceProbes wherever they need them – whether on-premise or in hybrid cloud environments.
Endace enables customers to have complete network layer visibility across their entire hybrid cloud network: Enterprise Management Associates’ VP of Research Shamus McGillicuddy said, “Too many enterprises lack network layer visibility in the cloud today. With the rapid growth of cloud vulnerabilities, hijacked cloud credentials, and APTs targeting cloud infrastructure, this status quo is untenable. Cybersecurity teams need the ability to record network packet data across their hybrid, multi-cloud architecture. EndaceProbe Cloud delivers packet-level visibility that is essential for threat hunting and incident response. It enables a unified approach to packet capture and analysis across public and private infrastructure, enabling unified and seamless visibility across the entire network.”
How we are different
• EndaceProbes provide a common platform, enabling integration of full packet history into security tools (such as IDS/IPS, Firewalls, SIEM and SOAR tools and AI threat detection) so customers can streamline and standardize investigation workflows. This dramatically increases analyst productivity and efficiency. Analysts can follow a common investigative process from any of their tools, making it easy to access relevant packet evidence. Endace helps teams gain deeper visibility and history into their networks, and assists these agencies in adhering to the White House Executive Order that requires at least 72 hours of network history.
• EndaceProbes are the industry's only open packet capture platform, combining high-performance network recording with the ability to integrate with performance and security solutions from Endace’s Fusion Partners including Cisco, Darktrace, Gigamon, Fortinet, IBM Security, Palo Alto Networks, Splunk, and many others (see endace.com/fusion-partners for the full list), open-source tools, and customer-built solutions.
• As governments migrate their critical data to the cloud, the need for unified visibility into hybrid-cloud environments has become essential for security. Released in July 2023, EndaceProbe Cloud offers the same deep visibility, enterprise-class reliability, seamless scalability, and lossless performance as the award-winning EndaceProbe appliances, with the same highly accurate, always-on packet capture that enables teams managing critical infrastructure and national defense to search across weeks to months of recorded traffic in seconds.
