Endace Introduces Next Generation Carrier-Grade Intrusion Detection Solution
Auckland, New Zealand — February 22, 2010 — Endace, a provider of security and IT solutions based on its DAG® (Data Acquisition and Generation) high speed packet capture technology, today introduced its carrier grade Intrusion Detection System (IDS), an IT security offering that identifies potential vulnerabilities by analyzing network traffic. Unlike competitive offerings, Endace’s solution is based on analysis of 100% of network traffic — giving “the power to see all” — at speeds up to 40 Gigabits per second (Gb/s).
Endace’s IDS combines multiple critical (and typically independently purchased) IT security systems into a single, fully integrated workflow. Endace IDS supports threat detection, rules policy management, alerting and forensic analysis based on the product’s ability to capture and replay traffic. As a result, IT security professionals benefit from a more reliable operating environment (as a result of the 100% capture) and an improved mean-time-to-resolution.
“Security teams want to increase risk assessment accuracy and reduce redundancy to make their programs more efficient,” said Diana Kelley, partner at IT research analyst and consulting company SecurityCurve. “Moving forward, I think solutions that help security professionals eliminate duplicate or little used tools in the data center and on the network will see increased adoption.”
Key features of the Endace IDS include:
- High-performance with Endace Probes. The foundation for the solution is a network traffic packet-analysis engine that is capable of 100% packet inspection at any speed, up to 40 Gb/s. Endace Probes have been purpose-built to “surgically” replace failing IPS/IDS sensors that are part of existing security implementations and can be easily integrated with all major SIM / SIEM vendors.
- Packet analysis using the de facto industry standard open source SNORT® inspection engine. By using an open source engine, organizations are able to benefit from the combined effort of thousands of security professionals around the globe.
- Endace Security Manager (ESM) alerts appropriate personnel to threats with an elegant graphical interface. ESM also enables centralised control of the IDS rule sets, policies and configurations.
- Endace’s Analytics application (powered by CACE Pilot®) provides the forensic tools. IT security professionals can understand what really happened on their networks. The 32 terabyte onboard traffic buffer enables back-in-time contextual analysis of events — the ability to record, store and playback all traffic — which is vital to the accurate and timely identification and resolution of threats.
By combining threat detection, alert management and network forensics into one solution, Endace’s IDS approach eliminates separate machines, lowering heat and reducing space and power requirements. Moreover, Endace Probes are built to handle up to 20 separate monitoring ports on a single Probe, making it a highly cost-effective and scalable monitoring solution.
“Without 100% packet capture, there is a very real risk of anomalous traffic getting through. In our view, an IDS that misses a single packet cannot be trusted,” said Neil Livingston, chief product officer at Endace. “Our research shows that competitive IDS solutions can miss up to 40 percent of traffic, which is shocking. Our 100% packet capture technology is the foundation for our IDS approach.”
Latest News & Announcements
9 November 2023
Endace WINS Most Innovative Cloud Threat Detection Investigation and Response
Endace Wins Most Innovative Cloud Threat Detection Investigation & Response (TDIR) in InfoSec Innovator Awards 2023
11 October 2023
Endace Wins 2023 Incident Forensics Solution of the Year Award
The EndaceProbe™ Analytics Platform has won the “Incident Forensics Solution of the Year” award in the 7th annual CyberSecurity Breakthrough Awards program
12 September 2023
Endace and Elastic Partner to Deliver Greater Network Observability and Enhanced Forensics
Elastic Stack and Elastic Security seamlessly integrate with EndaceProbe’s always-on packet capture to accelerate cyber threat response and network performance.
26 July 2023
Endace Scalable Packet Capture Delivers Unified Visibility Across Hybrid Cloud
EndaceProbe Cloud provides scalable packet capture for unified visibility across on-premise, private-cloud and public cloud environments
31 May 2023
Endace Wins 2023 Fortress Cyber Security Award
Endace has won the 2023 Fortress Cyber Security Awards in the Network Security category.