Network Traffic Analysis to secure your IT operations

 

 GREYCORTEX MENDEL

  • Provides round-the-clock security monitoring
  • Gives you powerful rapid detection & response capabilities
  • Take advantage of the solution’s powerful detection capabilities
  • Let’s you gain a deep visibility into the internal network
  • Powerful and easy to use

GREYCORTEX and their MENDEL, a Network Traffic Analysis tool helps enterprise, government, and critical infrastructure users make their IT operations secure and reliable through advanced artificial intelligence, machine learning, and big data analysis.

The benefits of GREYCORTEX MENDEL

Identify Threats Before Damage Happens

Using advanced artificial intelligence methods, MENDEL goes beyond known threats to detect and identify symptoms of malicious behavior at the atomic level. Threats are identified in their early stages, decreasing incident response time, preventing further damage, and reducing overall risk.

Identifying Threats in IoT Devices

MENDEL monitors a very rich set of network flow data also in IoT devices, and it is able to identify not only traffic in and out of the network but also communication flows between devices within the network. These are the types of anomalies MENDEL can detect:

  • Communication flows between devices
  • Additional anomalous devices,
  • Excessive communication from one device to another,
  • Communication from one device to a host outside the network,
  • Periodic communication of the type common in advanced persistent threats.

Easy to Use

The web user interface presents comprehensive information about network traffic: From management overviews, through aggregated information on communication of the network, subnetworks, users and applications, communication of peers, to details concerning individual flows and their content to precisely investigate interesting events.

Much More Capable than NetFlow

MENDEL Analyst collects several times more information on network traffic than NetFlow, IPFIX or similar protocols. NetFlow or IPFIX records are enhanced with security parameters and performance analysis. These include frequency, spectral and traffic content features which are crucial for more sensitive behavioral detection.

Features

Flow-based and Packet-based Technology

Instead of relying on older and limited SNMP polling, MENDEL leverages flow-based and content-based monitoring. Flow-based monitoring provides near real-time (1 minute intervals) visibility into network statistics and other summary and detailed issues. Deep content inspection (DCI) extends this information with real-time comprehensive contextual metadata (user identity, applications, for example).

Detection Methods

  • Signature based detection
  • Deep packet inspection
  • Network Behavior Analysis
  • Specialized algorithms
  • Network performance monitoring
  • Application performance monitoring

Application Monitoring and More

MENDEL Analyst constantly monitors communication of users and network applications of all ports and on TCP, UDP, ICMP and many other protocols. This enables monitoring of current and average bandwidth, response times, transit times, delay, jitter, ports in use, connection peers and more.

Powerful Forensics

MENDEL Analyst generates metadata of network communication providing full contextual awareness – for example destination and source, user’s identity and application protocol. Unlike technologies based on full packet capture, it allows the metadata on network traffic to be stored for a much longer time with low demands on storage capacity.

Related information

Read the GREYCORTEX MENDEL product overview for more information on:

  • More details on how the solution works
  • Detection methods
  • Traffic processing and analysis
  • Outputs and Inputs
  • Appliance

Want to know more ?

 

Get in touch