• IT security in 3 steps:
  • Select item
  • Complete order
  • Enjoy IT security
Phone call Mail
Now free initial consultation by mail or phone: +49 228 - 33 88 89 0

sycope Security Modul

Up to 30,000 flows per second

Product information "sycope Security Modul"

Begrenztes Budget? - Fordern Sie jetzt Ihr attraktives Angebot an!

Please note that when purchasing this license, a mandatory support contract is required in the amount of 20% of the list price per year.
The outcomes of cyber-attacks entail significant costs. Your security team can use the Sycope Security module to identify the attacks faster and reduce their scope. This will save money and reduce your stress.

Sycope is a network monitoring and security solution using real-time flow analysis, enriched with business context, to help businesses assess performance and protect IT infrastructure. It records, processes, and analyses all parameters contained in flows, enhanced by SNMP, geolocation, and security feeds. Sycope is designed to discover network events and issues, measure delays and identify security threats. The security feature of Sycope is created based on the MITRE ATTACK methodology. Rules and security incident detection mechanisms make it possible to detect attacks and undesirable activities on the network.

Key benefits

Smarter network monitoring

Ensure optimal network and application performance

Analysing data having context

From generality to forensic detail

Avoiding downtime, while it is still possible

Reduce risk and avoid costs

Reducing time to response

Comfort of work during peak times, thanks to high efficiency

Flexibility & Customisation

Contextual search bar, Custom dashboards and widgets

System coherency

3 modules, one informative GUI

Key Features

Real-time flow analysis

  • NetFlow v5/9, IPFIX, NSEL, sFlow, sampling supports
  • Enhanced by SNMP, geolocation, security feeds
  • Data deduplication
  • NQL proprietary language
  • Support for IPv4, IPv6
  • Non-standard fields analysis including NAT, MPLS

Big Data dedicated for network observability

Analyse data choosing from many fields:

AS Name by IP, IP Address Name, AS Names, Application Name, Protocol Name, Server IP, Name, Client IP Name, AS Name, ToS Names, Interface Name, Exporter IP (Name), Exporter Location, Exporter Description, ToS Name, Direction, Application ID, Server TCP Flags, Client TCP Flags, Bytes, Packets.

Analyse non-standard flow fields:

PostNatSrcIp, postNatSrcPort, applicationId, firewallEvent, fwExtEvent, minPacketLength, maxPacketLength, flow- Label, clientMaxTtl, srcVlan, dstVlan, ipv6OptionHeaders, mplsLabel1-5, retransmittedInPackets, retransmittedOut- Packets, retransmittedInBytes, retransmittedOutBytes, clientNetworkTime, serverNetworkTime, initialServerResponseTime.

Choose from multiple calculated metrics (calculated based on flow fields):

Sum Flows/s; Sum Out Bits/s, Sum In Bits/s, Sum Bits/s, Sum Server Bits/pkt, Sum Client Bits/pkt, Sum Bytes/ packet, Sum Packets/flow, Sum Packets/second, Sum Client Bits/flow, Sum Server Bits/flow, Sum Bytes, Sum Server Packets/flow, Sum Client Packets/flow, Unique Client Ips, Sum Avg Packets/s, Sum Client Bits/s, Sum Server Bits/s, Sum Server Packets/s, Sum Client Packets/s, Sum Packets, Unique Server Ports, Unique Server Ips, Unique ASNs, Avg Out Packets/s, Avg In Packets/s, Avg Packets/s, Packets/s, Avg Flows/s, % Out Retransmitted Packets, Avg Server Packets/flow, Avg Server Bits/flow, % In Retransmitted Packets, Avg Client Packets/flow, Avg Client Bits/flow, Avg Server Bits/pkt, Avg Client Bits/pkt, Bits/s, Bits.

Select date/time range over standard values:

Choose from predefined or custom timeframes.

Fast access to critical information

The system has been provided with interactive diagrams, tables and maps containing critical data, statistics and indicators, enabling the analysis of network behavior patterns and supporting the incident handling of discovered issues.

Extensive filtering:

  • Maintain the time context and filters between views.
  • Easily move filters between the views.
  • Save complex search filters and time context (bookmarks).

Automatic mapping of values in the system:

  • User configurable sets of names, terms, values.
  • Out-of-the-box: application names, countries, AS, MITRE techniques.

Easy top-down access:

drilldown mechanisms enable viewing of data for a specific port, interface or IP address.

Access to external services:

  • The system enables access to external services, such as VirusTotal, directly from the view under analysis (using right click button) and further analysis of data.
  • Feeds server – dynamic identification of the global threats based on integration with the Sycope Cyber Threat Intelligence (CTI) platform.

Key modules features

VISIBILITY

L3 and L4 data analysis, network data mining, lists of connections per IP address, protocol, port, country, ASN or QoS. Network traffic analysis at the level of a single TCP/ UDP port UDP port, out of the box anomaly detection, dedicated dashboards.

PERFORMANCE

L7 analysis, dedicated Sycope probe (including measurements of fields: % Client Retransmitted Packets, % Server Retransmitted Packets). Response time measurement, real-life app performance measurement, retransmissions detection, combine network applications and metrics, additional data sources (DPI for L7), dedicated performance dashboards.

SECURITY

More than 45 security detection rules, detection rules customization. Active mitigation using NAC system, MITRE ATT&CK Framework mapping, Sycope CTI (Actively monitors number of sources, analyses, and generates a unified list of current Indicator of Compromises (IoCs), ability to create custom rules, dedicated security dashboards including SOC.

0 of 0 reviews

Leave a review!

Share your experiences with other customers.


Your benefits:

Reliability
Expert advice
Transparency

Get free advice now!

+49 228 - 33 88 89 0
info@enbitcon.de
Monday- Friday from 8:30 - to 17:00
Your price

only ‏10,999.50 €*

Gross price: ‏13,089.41 €
Product number: SYC-2-SEC-B-COM
  • Available in 1 day, delivery time 1-3 days

Please select your desired variant by clicking on the button below to display the respective product information.

Questions to the product?

Get free advice now! +49 (0)228-338889-0
  • Go the secure way
    Go the secure wayFrom the 1st order - purchase on invoice
  • Secure shopping
    Secure shoppingThanks to SSL Encryption
  • Free advice
    Free advice+49 228 - 338889-0
  • Certified employees
    Certified employeesBoth our consultants and our technicians are certified by the manufacturer.
  • Quality management
    Quality managementOur company is certified according to ISO 9001. This guarantees, among other things, a smooth process.
  • Information management
    Information managementOur company is certified according to ISO 27001. Among other things, this guarantees secure handling of your data.
  • Satisfied customers
    Satisfied customersRead our reviews.