Endace offers high-speed packet capture technology, open development environments and multi-function network monitoring Probes. Endace solutions are built to capture and analyse every packet, of any size, on any standard LAN/WAN network interface, up to speeds of 40Gb/s.

Endace technologies enable DoD, Intel and Civilian agencies as well as the systems integrators who assist them, to gain highly accurate visibility into their networks using a distributed ‘fabric’ of multi-application Probes. Endace's DAG® interface cards, which power their Probes, guarantee to capture 100% of packets – regardless of packet size and line rate. Endace Probes are purpose built to give government agencies the capability to run multiple applications from a wide selection of leading open-source security and performance monitoring applications.

Endace Platform

The Endace platform combines highly optimised industry standard hardware with the latest firmware and software to create a highly resilient, high performing packet capture and analysis multi-application capable platform. It supports:

• Packet Capture
  Ideal for bulk network forensics and post analysis of events. Endace Probes support sustained write-to-disk speeds up to 7Gb/s and can store up to 32TB of captured packet data – making it an elegant solution for forensic packet capture and analysis
• NetFlow Exporting Component
  From network analysis and traffic engineering to accounting and security, NetFlow is playing an ever increasing role in all areas of network monitoring and Endace Probes can generate a netflow record for every single packet if required.
• Data Forwarding API Component
  An open data forwarding application programming interface (API) enables any trusted third-party application or service to quickly and easily access the full packet capturing capabilities of the Endace platform.

The Endace platform operates as a distributed passive monitoring system, typically comprising multiple network sensors, a central management appliance and client consoles. Endace Probes can be deployed across the most demanding network architectures, with capabilities to detect, record and analyze network events. This provides a safety net to catch complex threats, reconstruct incidents, and drill down to packet level for efficient incident response.

Endace Applications

The Endace platform allows multiple applications to leverage the same source of captured packet data.

• Endace Analytics
  Based on Pilot from Cace Technologies (the guardians of Wireshark), Endace Analytics supports over 900 LAN / WAN protocols decoded along with its comprehensive filtering functions. It offers users an easy to use graphical interface and is purpose built to work on, heavily loaded network segments up to 10Gb/s.
• Endace IDS
  Based on SNORT, Endace's IDS has been deployed extensively for protecting global networking infrastructures against security violations and malicious attacks. Open Source SNORT is widely recognized as a preeminent intrusion detection system. Leveraging unique application acceleration techniques, Endace Probes can enable standard open source SNORT to effectively operate on heavily-loaded 10Gbps segments. Integrated with Endace Analytics and Endace Security Manager, the Endace IDS solution delivers a world-class secure and manageable high-speed sensor solutions.

For more information visit www.endace.com/rsignia