Rsignia’s CyWarfius® product line is a family of secure, locked-down, passive or inline monitoring appliances powered by the Endace DAG card technology.  The CyWarfius® products acquire, record, analyze, filter, modify, send, and store data while delivering real-time flow statistics and full packet payloads to independent monitoring applications.  

The CyWarfius® product line is a scalable hardware platform combined with security software configured under a hardened real time Unix environment.  It is available in myriad configurations from 1U to 4U including field deployable, ruggedized packaging.  With up to 96GB RAM, up to 32 internal disks, optional solid state mass storage and NAS/SAN support, the CyWarfius® line can scale to any requirement.  

Hardware specifications include:

• 100% packet capture at 40Gbs
• Traffic generation capability in excess of 20Gbs
• Significant parallel processing with multi-processor configurations
• Integrated processor load balancing features
• Data stream replication
• Complete compatibility with libpcap environment

The CyWarfius® Joint Forces Sensor is a cost effective, COTS based system providing powerful and flexible data manipulation capabilities.  Once each packet is hardware time stamped, it then can be replicated or load balanced.  Data replication allows multiple applications to analyze the same data stream at the same time.  Time stamping insures accurate replay of the data as well as assisting with forensic analysis.  For CPU intensive applications such as IDS, the data stream can be load balanced across multiple CPU cores to increase performance.

The CyWarfius® CyberScope™ is an offensive capable cyber weapon specifically designed to address the unique requirements of the cyber warrior.  With the ability to conduct a surgical offensive strike on a specific target, the CyberScope™ is the first offensive tool of its kind to provide pseudo-kinetic countermeasures against cyber threats.

Other CyWarfius® configurations are tailored to the user's specific requirements such as rich network testing for firewall protocol security testing, lawful intercept for GigE, 10GbE, OC3, OC12, OC48, and OC192 networks, and line rate stateful filtering of internet traffic used to link and speed adapt current systems to 10G and optical networks.

The GUI front-end is designed to be customized to user requirements and specifications.  In the bandwidth reduction module, you capture and forward only traffic containing certain criteria.  The deep packet inspection module utilizes a string search up to a 100K word dictionary.  The TCP session reconstruction and replay module offers further analysis.  Storage configurations offer multi-terabyte RAID/JBOD and can interface with external storage architecture for large storage/archival requirements.

These highly flexible systems are designed for rapid deployment and rapid re-configuration to meet new threats as they emerge.  Ruggedized models are available with EMI/RFT sheilding, chassis shock-mounting and extended temperature operation.  All CyWarfius® modules can be clustered using standard Ethernet switches, and adapt to enterprise SAN or NAS network file servers and offers a simple Windows GUI. 

CyWarfius® Joint Forces Sensor

• Full packet capture at line rate to 40Gb with no dropped packets
• No MAC address - Receive only, "stealth mode"
• Each packet is hardware time-stamped
• Data is load balance across multiple CPU cores
• Simultaneous applications support
  • Example - Run Snort balanced across  4 CPUs
  • TCPDump and YAF can each run on their own CPU
  • Leaving 2 CPU's for management and future growth
• Reduced TCO
  • Eliminate stovepipe deployments
  • Reduce power, cooling and maintenance requirements
• Cost effective, COTS based design
• Scalable chassis configurations 

The CyWarfius® CyberScope™ offensive technology combines key features of the Joint Forces Sensor to provide custom offensive capabilities.

Key Offensive Features 

• Deep Content Inspection
• Conduct Surgical Offensive Strike on a Specific Target (up to 1 million)
• Full Packet Capture powered by Endace DAG card Technology at Line Rate
• Email Search and Modify
• Rewrite Packet Length Fix Checksums
• String Search and Replace
• Search and Replace of Domain Names
• Filter on Radius User Login
• Time Stamped Evidence and Warrants
• No MAC Address – Receive only, “Stealth Mode”
• Each Packet is Hardware Time Stamped
• Scalable Clustered Configurations
• PoS to Ethernet Conversion
• Malicious Activity Identification
• Pseudo-Kinetic Countermeasures