Home » News & Events » News » Endace Demonstrates the Power of Network Monitoring and Recording Systems Combined with Network Forensics at DoDIIS Show

News & Events

01 May 2011

Endace Demonstrates the Power of Network Monitoring and Recording Systems Combined with Network Forensics at DoDIIS Show

Combination of Endace’s EndaceProbe™ and Offerings from New Application Dock Partner Dejavu Technologies Provides Highly Effective Network Intelligence Solution

Detroit—DoDIIS Worldwide Conference (Booth 225) — Endace (LSE: EDA), world leaders in network monitoring and recording, today announced it is teaming with new partner Dejavu Technologies to demonstrate unprecedented network forensics capabilities at the Department of Defense Intelligence Information Systems (DoDIIS) Worldwide Conference, held May 1-5 in Detroit. By deploying Dejavu’s TrafficScape™ full content network forensic data management software on top of Endace’s packet-capture fabric, government agencies can dramatically improve the results of cyber-security investigations, particularly when uncovering advanced persistent threats.

The demonstrations at Endace’s DoDIIS booth (booth 225) follow Dejavu Technologies joining Endace’s Application Dock Partner program, which enables a variety of vendors to benefit from Endace’s ability to capture and record 100-percent of network traffic. Endace’s systems are capable of complete packet capture, even at network speeds from 10 Gb/s to 100 Gb/s, and that information is the primary input into a large number of systems that are central to helping organizations manage compliance, risk and corporate reputation; including trade latency measurement tools, quality of service measurement apps, risk management applications and network security tools.

“Companies deploy Endace’s systems once, and then they can integrate them with any network and security application that evaluates network traffic, and in this way they don’t need to deploy redundant network capture infrastructure, saving significant sums,” said Tim Nichols, vice president of global marketing at Endace. “Dejavu has truly unique session reconstruction technology that takes full advantage of Endace systems. The combination of Endace and Dejavu is in high demand within government agencies, which are always looking for more methods to extract actionable intelligence from computer networks.”

IT security professionals rely on software from Dejavu Technologies to provide what it calls "full content" forensics, which includes indexing and cross-referencing any and all information traversing a network, reconstructing all sessions, and retaining all artefact files in native file formats – with trace-back to the original source appropriate for digital evidence. Dejavu's TrafficScape software converts packet-level transactions into rich documents that can be instantly searched like Google, on a massive scale. No other competitive product provides as rapid an analysis against as large an amount of data from as wide a set of unstructured data sources, including network intercept, log files, computer/phone forensics, user documentation, etc.

“Dejavu provides a distributed analytical data fabric for investigators that layers smoothly over the solid foundation of the Endace packet capture fabric,” said John Ricketson, chief executive officer at Dejavu Technologies. “The Endace Application Dock provides these unique benefits: 100-percent packet capture confidence, truly virtualized software containers for easy hosting, and many third-party security applications (like SNORT) which generate the events we use to dynamically prioritize TrafficScape forensic processing. On behalf of other network application vendors such as Dejavu, this approach benefits us all.”

Endace recently introduced the EndaceProbe 3820, which is designed to meet the demanding monitoring needs of government intelligence agencies and other organizations responsible for passively capturing large volumes of data from heterogeneous network environments without packet loss. Like all Endace Systems, the Endace 3820 is designed to be deployed in secure environments as part of an integrated data acquisition and analytics “fabric.”

The Endace Application Dock Partner program, which Dejavu has just joined, allows third-party, custom and open source software vendors to utilize the Endace Application Dock™ and to realize the 100-percent packet capture and hardware consolidation benefits of Endace systems. The Endace Application Dock enables multiple applications to coexist alongside the native Analytics and Security tools delivered via the Endace Application Suite.

About Dejavu Technologies

Dejavu Technologies provides open network forensic software for instant, full-content searchability on a massive scale. The TrafficScape product delivers unprecedented usability for a new breed of cyber-investigators, who need to get the job done fast, with a minimum of low-level packet inspection training.

Fast, full-content search enables key features that speed investigations like advanced network session reconstruction, including websites as targets saw them. Examples include http-based WebMail applications and social network sites like Facebook, which are difficult to reconstruct, and change often. In addition, the unique ePersona cross-referencing feature discovers who is talking to whom, who is disguising their activity, and how to track suspicious activity when IP Addresses constantly change.

Dejavu Technologies, Inc. is based in Marlborough, Massachusetts.

About Endace

Endace provides open network monitoring and recording systems that form the basis for mission-critical network security, monitoring and measurement solutions. Endace Systems are designed to be deployed from the edge to the core of the network, creating a complete monitoring and recording fabric on top of which a range of custom, open-source or commercial applications can be deployed.

One hundred percent packet capture is now widely accepted as a non-negotiable input to applications that are being used to help organizations manage risk, reputation and compliance. Based on proprietary DAG technology, Endace’s systems have a global reputation for consistently monitoring and recording 100-percent of network traffic at speeds up to 40 Gb/s.

Based in Auckland, New Zealand, Endace also has of­fices in the U.K. and the United States. Quoted on London's AIM, the stock code is LSE: EDA.

Contacts:

Tim Nichols
Endace Ltd.
+64 9 926 2884
tim.nichols@endace.com

John Ricketson
Dejavu Technologies, Inc.
+1 (978) 692-7229
jricketson@dejavutechnologies.com

Ross Levanto
Schwartz Communications
+1 (781) 684-0770
endace@schwartzcomm.com

Upcoming Events

19-20 June 2012 SIFMA
5 - 7 June, 2012 TIA 2012: Inside the Network

Regulatory Announcements

12 April 2012 Trading Update
19 March 2012 Trading Update
13 March 2012 Notification of Major Interest in Shares
29 February 2012 Total Voting Rights and Capital
20 February 2012 Notification of Major Interest in Shares
02 February 2012 Notification of Major Interest in Shares