sycope Security Modul
Up to 30,000 flows per second
Product information "sycope Security Modul"
Begrenztes Budget? - Fordern Sie jetzt Ihr attraktives Angebot an!
Sycope is a network monitoring and security solution using real-time flow analysis, enriched with business context, to help businesses assess performance and protect IT infrastructure. It records, processes, and analyses all parameters contained in flows, enhanced by SNMP, geolocation, and security feeds. Sycope is designed to discover network events and issues, measure delays and identify security threats. The security feature of Sycope is created based on the MITRE ATTACK methodology. Rules and security incident detection mechanisms make it possible to detect attacks and undesirable activities on the network.
Key benefits
Smarter network monitoring
Ensure optimal network and application performance
Analysing data having context
From generality to forensic detail
Avoiding downtime, while it is still possible
Reduce risk and avoid costs
Reducing time to response
Comfort of work during peak times, thanks to high efficiency
Flexibility & Customisation
Contextual search bar, Custom dashboards and widgets
System coherency
3 modules, one informative GUI
Key Features
Real-time flow analysis
- NetFlow v5/9, IPFIX, NSEL, sFlow, sampling supports
- Enhanced by SNMP, geolocation, security feeds
- Data deduplication
- NQL proprietary language
- Support for IPv4, IPv6
- Non-standard fields analysis including NAT, MPLS
Big Data dedicated for network observability
Analyse data choosing from many fields:
AS Name by IP, IP Address Name, AS Names, Application Name, Protocol Name, Server IP, Name, Client IP Name, AS Name, ToS Names, Interface Name, Exporter IP (Name), Exporter Location, Exporter Description, ToS Name, Direction, Application ID, Server TCP Flags, Client TCP Flags, Bytes, Packets.
Analyse non-standard flow fields:
PostNatSrcIp, postNatSrcPort, applicationId, firewallEvent, fwExtEvent, minPacketLength, maxPacketLength, flow- Label, clientMaxTtl, srcVlan, dstVlan, ipv6OptionHeaders, mplsLabel1-5, retransmittedInPackets, retransmittedOut- Packets, retransmittedInBytes, retransmittedOutBytes, clientNetworkTime, serverNetworkTime, initialServerResponseTime.
Choose from multiple calculated metrics (calculated based on flow fields):
Sum Flows/s; Sum Out Bits/s, Sum In Bits/s, Sum Bits/s, Sum Server Bits/pkt, Sum Client Bits/pkt, Sum Bytes/ packet, Sum Packets/flow, Sum Packets/second, Sum Client Bits/flow, Sum Server Bits/flow, Sum Bytes, Sum Server Packets/flow, Sum Client Packets/flow, Unique Client Ips, Sum Avg Packets/s, Sum Client Bits/s, Sum Server Bits/s, Sum Server Packets/s, Sum Client Packets/s, Sum Packets, Unique Server Ports, Unique Server Ips, Unique ASNs, Avg Out Packets/s, Avg In Packets/s, Avg Packets/s, Packets/s, Avg Flows/s, % Out Retransmitted Packets, Avg Server Packets/flow, Avg Server Bits/flow, % In Retransmitted Packets, Avg Client Packets/flow, Avg Client Bits/flow, Avg Server Bits/pkt, Avg Client Bits/pkt, Bits/s, Bits.
Select date/time range over standard values:
Choose from predefined or custom timeframes.
Fast access to critical information
The system has been provided with interactive diagrams, tables and maps containing critical data, statistics and indicators, enabling the analysis of network behavior patterns and supporting the incident handling of discovered issues.
Extensive filtering:
- Maintain the time context and filters between views.
- Easily move filters between the views.
- Save complex search filters and time context (bookmarks).
Automatic mapping of values in the system:
- User configurable sets of names, terms, values.
- Out-of-the-box: application names, countries, AS, MITRE techniques.
Easy top-down access:
drilldown mechanisms enable viewing of data for a specific port, interface or IP address.
Access to external services:
- The system enables access to external services, such as VirusTotal, directly from the view under analysis (using right click button) and further analysis of data.
- Feeds server – dynamic identification of the global threats based on integration with the Sycope Cyber Threat Intelligence (CTI) platform.
Key modules features
VISIBILITY
L3 and L4 data analysis, network data mining, lists of connections per IP address, protocol, port, country, ASN or QoS. Network traffic analysis at the level of a single TCP/ UDP port UDP port, out of the box anomaly detection, dedicated dashboards.
PERFORMANCE
L7 analysis, dedicated Sycope probe (including measurements of fields: % Client Retransmitted Packets, % Server Retransmitted Packets). Response time measurement, real-life app performance measurement, retransmissions detection, combine network applications and metrics, additional data sources (DPI for L7), dedicated performance dashboards.
SECURITY
More than 45 security detection rules, detection rules customization. Active mitigation using NAC system, MITRE ATT&CK Framework mapping, Sycope CTI (Actively monitors number of sources, analyses, and generates a unified list of current Indicator of Compromises (IoCs), ability to create custom rules, dedicated security dashboards including SOC.
only 10,999.50 €*
Gross price: | 13,089.41 € |
Product number: | SYC-2-SEC-B-COM |
- Available in 1 day, delivery time 1-3 days
Please select your desired variant by clicking on the button below to display the respective product information.