Endace Unveils EndaceProbe Deep Storage Network Recorders for Data Breach and Security Incident Analysis

Auckland, New Zealand, April 13, 2016. Endace, a world leader in high-speed network monitoring and recording technology, today announced the availability of its updated EndaceProbe 9000 Series Network Analytics Platform. The new 9000-XS Series EndaceProbe models extend industry-leading storage capacity for capturing and recording network traffic to enable detailed, back-in-time forensic analysis of data breaches and security incidents.

With the frequency, severity and cost of data breaches on the increase globally, and threats becoming ever more sophisticated, an accurate history of network activity is rapidly becoming a critical requirement for responding to security incidents.

“Our customers always want to go further and further back in time for security, breach, or network investigation. So we’re always looking to extend retrieval depth to meet their needs,” says Endace CEO Stuart Wilson. “The 9000-XS series EndaceProbes allows them to go twice as far back in time as our existing 9000 series.”

Multiple EndaceProbes can be connected to form a distributed, network-wide monitoring and recording fabric capable of delivering 100% accurate capture and storage of network traffic on even the fastest, busiest networks. With up to 192TB of storage on each appliance, the new EndaceProbe 9000-XS Series network recorders provide a highly scalable network recording solution, offering Petabytes of clustered and/or distributed storage, capable of storing weeks, or even months, of back-in-time history. Security analysts can use this historical information to accurately identify, investigate, quantify and resolve network and security incidents such as data breaches with nanosecond accuracy.

EndaceVision, the browser-based network visualization tool bundled with every EndaceProbe, offers centralized search and retrieval of network history across an entire monitoring fabric. Easily integrated with applications such as Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM) and Network Performance Management (NPM) tools, EndaceVision allows analysts to pivot from security alerts and other events directly to the relevant packets captured by EndaceProbes. This enables fast, accurate root cause analysis and reduces the time required to investigate network security or performance issues and distinguish false positives from real issues.

A detailed history of network activity allows analysts to reconstruct exactly what happened, so that they can understand any vulnerabilities that an attack exploited, the data and systems compromised, and the organization’s incident exposure. Without this network history, security analysts are forced to rely on information from multiple disparate sources (such as application and server log files), which makes accurately correlating and reconstructing events extremely difficult. As enterprise systems become more distributed, historical network data has become accepted as the only single source of truth about what is happening across networks and applications.

The depth of storage offered by EndaceProbe 9000-XS Series Network Analytics Platform makes them ideal as a cost-effective “always-on” packet capture and storage solution that ensures organizations always have an accurate record of all network activity. This improves the productivity of security teams, enhances the capability of IDS and SIEM tools, and ensures a detailed history of activity is recorded and available for back-in-time investigation and event reconstruction in the event of a data breach.