Network Traffic Analysis to secure your IT operations
GREYCORTEX and their MENDEL, a Network Traffic Analysis tool helps enterprise, government, and critical infrastructure users make their IT operations secure and reliable through advanced artificial intelligence, machine learning, and big data analysis.
Using advanced artificial intelligence methods, MENDEL goes beyond known threats to detect and identify symptoms of malicious behavior at the atomic level. Threats are identified in their early stages, decreasing incident response time, preventing further damage, and reducing overall risk.
MENDEL monitors a very rich set of network flow data also in IoT devices, and it is able to identify not only traffic in and out of the network but also communication flows between devices within the network. These are the types of anomalies MENDEL can detect:
The web user interface presents comprehensive information about network traffic: From management overviews, through aggregated information on communication of the network, subnetworks, users and applications, communication of peers, to details concerning individual flows and their content to precisely investigate interesting events.
MENDEL Analyst collects several times more information on network traffic than NetFlow, IPFIX or similar protocols. NetFlow or IPFIX records are enhanced with security parameters and performance analysis. These include frequency, spectral and traffic content features which are crucial for more sensitive behavioral detection.
Instead of relying on older and limited SNMP polling, MENDEL leverages flow-based and content-based monitoring. Flow-based monitoring provides near real-time (1 minute intervals) visibility into network statistics and other summary and detailed issues. Deep content inspection (DCI) extends this information with real-time comprehensive contextual metadata (user identity, applications, for example).
MENDEL Analyst constantly monitors communication of users and network applications of all ports and on TCP, UDP, ICMP and many other protocols. This enables monitoring of current and average bandwidth, response times, transit times, delay, jitter, ports in use, connection peers and more.
MENDEL Analyst generates metadata of network communication providing full contextual awareness – for example destination and source, user’s identity and application protocol. Unlike technologies based on full packet capture, it allows the metadata on network traffic to be stored for a much longer time with low demands on storage capacity.
Read the GREYCORTEX MENDEL product overview for more information on: