EndaceProbe Open Recording and Analytics Platform

Definitive, packet-level evidence at your fingertips.

Packet Capture and Analytics Hosting
in One Platform

Faced with the need to diagnose and fix security and performance issues on large-scale, high-speed networks, organizations need data sources that go beyond log files and metadata.

The EndaceProbe™ Analytics Platform provides full packet capture and recording, with zero packet loss, on network links from 10Mbps to 100Gbps, allowing organizations to capture, index and store a 100% accurate record of network activity.

EndaceProbes are the industry's only, truly, open packet capture platform, allowing both hosting of, and integration with, commercial, open-source and custom analytics applications.

Accelerate response times and reduce costs by hosting and integrating with analytics solutions from Cisco, Palo Alto Networks, Dynatrace, Splunk and Plixer, and custom or open-source tools such as SNORT, Bro IDS, Suricata, Argus or Nagios. Hosted applications can access live network traffic at line rate, or use Playback™ to analyze recorded Network History.

Find out more about the benefits of our Open Platform approach.

Learn more

Find Out How our Customers Commonly Deploy Endace Probes

The EndaceProbe Analytics Platform can solve a range of visibility problems and be deployed in a number of scenarios. See how you can deploy the EndaceProbe to redefine network visibility.

Deployment Scenarios

Endace Fusion

Endace's open platform approach to security and network analytics gives NetOps and SecOps teams the flexibility to deploy third party analytics and security software when and where it's needed. We call this Endace Fusion.

The Fusion Partner Program brings together solutions from leading security and performance analytics vendors who leverage the EndaceProbe's Application Dock hosting and workflow API to integrate Network History into their applications.

Learn more

EndaceProbe Key Features

Continuous, 100% accurate, line-rate recording of network traffic, any speed, any network.

Dedicated packet capture hardware ensures lossless capture with nanosecond accurate timestamping.

Playback Network History on-demand to hosted or external analytics tools for back-in-time analysis.

Built-in EndaceVision™ and EndacePackets™ investigation tools for fast, accurate issue investigation.

Provenance™ augments recorded Network History with rich contextual data.

APIs provide integration with commercial, open source and custom analytics applications for streamlined issue investigation.

Host third-party analytics applications and give them access to both real-time and recorded traffic for analysis.

Host and integrate with market-leading, cybersecurity and performance analytics tools from
Fusion Partners.

The EndaceProbe Family

EndaceProbes are available in a range of models to suit every deployment requirement.

EndaceProbe Models:

Models EP-9000 Series EP-8100 Series EP-4100 Series EP-4000 Series EP-124 EP-114
Dimensions 4 RU 2 RU 1 RU 1 RU 1 RU, short-depth 1 RU, short-depth
Port Count Up to 8x 1/10GbE
or 2x 40GbE
Up to 8x 1/10GbE
or 2x 40GbE
Up to 8x 1/10GbE or
2x 40GbE
Up to 8x 1/10GbE 4x 1/10GbE
or 1x 40GbE
1000BASE-T or 1GE
Local storage 192TB Up to 46TB SSD 7.68TB SSD 32TB 3.8TB SSD 3.8TB SSD
Sustained write-to-disk performance 20Gbps 40Gbps 15Gbps 3Gbps 1Gbps 0.5Gbps
Max concurrent flows 1 million 1 million 1 million 500K 200K 200K
Max flows/sec 100K 100K 100K 50K 20K 20K
Max Application Dock instances 4 4 4 4 2 2
Typical Deployment Core network, data centers Core network, data centers Core network, data centers Branch offices, WAN gateways Remote locations, branch offices Remote locations, branch offices
Compact yes yes yes yes
High-performance yes yes yes
Deep storage yes
Downloads Datasheet Datasheet Datasheet Datasheet Datasheet Datasheet

NOTE: write-to-disk performance is influenced by the number of flows-per-second. Actual performance could be as much as 30% higher than the stated figure.