Introducing Endace Analytics
Good analytics tools are the mainstay of your monitoring and security tool kit - they enable you to understand what's happening on your network at any point in time and pinpoint service-affecting issues quickly and effectively. When used in conjunction with other applications such as IDS or latency measurement tools, the right analytics suite can create huge improvements in accuracy, security, performance and time to resolution.
By leveraging our unique 5 layer Probe Architecture we are able to provide you with a new level of insight into the behaviour and use of your network - from the core to the edge and back again - in real time.
Working with CACE Technologies (the originators of Wireshark) we have developed Endace Analytics. A unique suite of tools based on the Pilot Console that has been specifically developed to work in high-speed, heavily utilised, SONET and Ethernet environments.
What it does
Endace Analytics provides accelerated and simplified workflow from monitoring network key performance indicators (KPIs) through protocol analysis right down to the lowest level deep-packet forensics.
Ours is the only solution to provide you with the comfort that every individual packet is being captured, stored, measured and analysed. It is simple to deploy, highly scalable and a powerful enabler for network administrators and security teams alike.
Who is benefiting?
Endace Analytics has proven invaluable for customers in a range of different industries. We have successfully deployed it to:
- help organisations in the financial sector analyse their market and trading data in near real time
- Give Government Security Agencies a new level of forensic insight into online activity and threat analysis
- Give Service Providers insight into SIP VoIP trunking quality and usage
- Provide large Enterprises with new visibility into and understanding of the HTTP/Web traffic on their networks
A quick overview
Our Analytics application makes use of the extensive data capture and storage capability that exists onboard all our Probes to give you rich 'timeshifting' capability - the ability to drill down and analyse specific events by the minute, second and packet.
It provides CACE Pilot's rich graphical interface and powerful analytical tools to let you:
- Filter and view traffic data in ways that suit you
- Set and monitor specific KPIs and get alerted when KPIs are breached
- Construct in-depth custom views and reports for your network
- Go back in time (timeshift) and analyse events / alerts / issues in complete context after the event
- Quickly drill right down to packet level using fully integrated Wireshark - even on multi-gigabyte trace files
- Take feeds from third party systems such as Endace Security Manager
Learn more about the features and functions of Endace Analytics.
The power of real-time forensics
The full power of Endace Analytics is realised when it is integrated with your other network applications.
For example your IDS solution triggers an alert on a potential threat. With a fully integrated analytics tool, you can quickly and easily drill down to investigate that threat and determine its risk - right down to packet level. To demonstrate this point we've recorded three videos that show Endace Analytics being used as a tool for investigating security threats.
Our Probe Architecture provides the ability to tightly integrate analytics and other Network applications - for instance our IDS solution - using a single, comprehensive source of captured network traffic.
When used in conjunction with other network applications - such as our Latency Measurement solution - Endace Network Analytics delivers an unrivalled network monitoring, forensics and analytics toolkit.
