Network Defender Plus

What is Network Defender Plus?

Several businesses fall targets to hackers in spite of deploying firewalls and intrusion detection systems (IDS). This is because both these systems read packet header and do signature matching, and are oblivious to advanced security attacks such as DDoS and zero-day attack. Today, businesses need advanced security analysis and protection measures that helps them to safeguard their network and data centers against such sophisticated attacks.

Network Defender Plus is flow-based network behavior anomaly detection (NBAD) software that analyzes the packet flows to detect malicious traffic hitting the network. The flow technologies supported by NDP are Cisco NetFlow version 5, version 7 & version 9 exports, sFlow, cFlow, J-Flow, IPFIX and NetStream. This exported flow data is collected & analyzed to identify intrusions or attacks by applying advanced rules and patterns on the malicious traffic.

Network Defender Plus helps you:

  • Monitor network security in real-time
  • Monitor internal and external threats
  • Classify threats into Bad Src-Dst, DDoS, Scan/Probe, and Suspect Flows problem classes
  • Find anonymous traffic hitting your network
  • Carry out detailed forensic investigation
  • Send alert notification via Email or SMS

Download 30-day trial with All Features!

Features

Entire security snapshot of your network

View event details in-depth & carry out forensics

Event details gives a thorough detail about the problem. The details include problem name, offender IPs, target IPs, unique connections, port, protocol and much more. Clicking on the router name gives details with mapped destination- source IP and the application, port, protocol etc. Dials provides information on Source & Destination Occupancy as well as Span to trace patterns based on how end point are distributed (dense) and nature of scan (host/port).

Filter events and generate Reports

Generate Reports for a specific time period based on requirement to view suspicious flow and set criteria to view the path of flow and trace the exact location of the fault. It saves time to analyze the generated data easily with the help of advanced reports.

Identify advanced attacks in real-time

Network Defender plus continuously analyses the packet flow using its Continuous Stream Mining Engine to find out malicious traffic hitting your network. It does pattern matching and find outs attacks and classifies them under appropriate problem classes namely DDoS, Bad Src-Dst, Scan/Probes, and Suspect Flows.

At-a-glance view on all events

Event list Dashboard gives a list of all the events along with details, such as problem name, offenders, target, hits, severity, and time of the attack. From this view, you can ignore certain events by giving criteria. You can also discard trusted flows to be harmless and that will not be taken into account.

Send alert notification via Email or SMS NEW

Alert profile configuration is possible to create email and SMS notifications for attacks. Add alert configuration from settings and generate alerts which satisfy defined criteria, thus notifying users about attacks in real time. Thus, save your datacenter from outage by taking suitable actions against the attack.

Request For Proposal