SentryWire Packet Capture

Gain Full Visibility into your Network Traffic,
Past & Present

SentryWire is a Full Packet Capture Appliance & Network Security Monitoring Platform with line rate capture and fast retrieval storage architecture which breaks through the performance, scalability and cost barriers of existing frameworks. SentryWire supports capture rates from 1Mbps to +1Tbps, while providing real-time logging, filtering and compression, allowing retention of network traffic for weeks, months and even years at price points that can be less than 50% the cost of other systems.

 

SentryWire Solutions

 

Threat
Hunting

Incident
Response

Network Troubleshooting

Carrier Grade Solutions

 

Featured Capabilities

 
Packet Capture Lines Circles 1 54 54 1.png
 

Full Packet Capture

Full packet capture is the only way to fully recreate user activity.

Magnify Glass Icon 1 54 54 1.png
 

Powerful & Fast Search

Search Petabytes of Network Traffic
in Minutes.

Calendar Icon 1 54 54 1.png
 

Extended Timeline

Network Traffic Stored for Weeks,
Months or Years.

 
Orange Speed Icon 1 54 54 1.png
 

Fast Capture Speeds

Capture speeds from 1Mbps to +1Tbps at line rate.
 

Intrusion Detection Icon 1 54 54 1.png
 

Intrusion Detection

Present Day intrusion detection limits breaches.

Analytics Icon 1 54 54 1.png
 

Security Analytics & Visualizations

Attacks are common, threats are rare; high quality network event logs & cleanly presenting the data is integral to fast identification of past, present and potential future threat impacts.

 
SentryWire IDS Search Icon V2 54 x 54-01-01.png
 

IDS Search Back

Use IDS signatures to search back across previously recorded packets to forensically detect & identify events using attributes & indicators relevant to today.

SentryWire Network Operations Icon 1 54 x 54 2-01.png
 

Network Operations

Collect packets and produce a variety of logs to track network performance metrics.

SentryWire Recording Icon 1 54 x 54-01.png
 

Artifact Extraction

SentryWire does not truncate or slice any packets it captures, this allows for the return of fully sessionized PCAPs and provides the ability to extract file artifacts with ease via the UI or from the PCAP itself in Wireshark.

 

SentryWire can help with
the Maturity Model for Event Log Management (M-21-31)

SentryWire is a comprehensive and flexible solution that can help organizations meet the requirements of the Federal Government’s Maturity Model for Event Log Management. With its powerful logging and analytic capabilities, SentryWire provides organizations with the tools they need to ensure the security and reliability of their IT systems and data.


How SentryWire helps Secure
ICS/OT Networks

SentryWire has been designed as a cost-effective long term packet store with full Network Security Monitoring (NSM) for on-demand or live examination of network activity with an on system Intrusion Detection System (IDS), file carving engine and advance network analysis by generating and reviewing logged events of interest.


Bolster Your Defenses & Hunt Down APTs
How SentryWire Can Help

The threat landscape is ever-changing and organizations need to be prepared to react to breaches. Organizations need to be prepared to identify attack tactics, techniques, and Indicators of Compromise (IOCs) relating to Advanced Persistent Threats (APTs) activities.

SentryWire leverages a combination of network detection mechanisms to provide flexible, lightweight, and adaptable Network Security Monitoring capabilities for analysts tasked with hunting for intrusions and monitoring their networks for anomalies. These types of intrusions are often hard to detect with signatures and rules alone.


In-line File Carving (Two Methods)

SentryWire gives you the ability to do live file carving that allows analysts to set specific file types to carve automatically. Search based/On-demand file carving where any files returned as part of a search are identified, viewable and exportable as fully reconstructed files. In addition to the carved files SentryWire logs every file that is captured, the file logs included MIME type, hash and rich contextual metadata.


Single Management Pane

SentryWire collects and analyzes massive amounts of data generated by your network infrastructure. Easily see everything you need from a single management pane.

New-Screenshots-2.png

Partners with industry leaders

SentryWire partners with the leading security solution providers to extend the power of our Packet Capture Platform. This ecosystem of partner technologies includes governance, risk compliance management platforms, intrusion detection systems, behavior-based solutions, hardware and OS providers, other security and industry solutions.

 
Splunk Logo 3.png
Hewlett Packard Enterprise Logo 1 142 49 (1).png
Magnet Forensics and SentryWire Joint Solution Brief

Why Is Packet Capture Important?

 

Why is it important to have an extended timeline of packet traffic stored? Because we know on average it takes 146 days to detect certain state sponsored intruders in a network and without a high fidelity recording of the network traffic enterprises cannot make a definitive determination of when intruders got in, how they got in or exactly what data was ex-filtrated.

 
 
 
 

Gain Full Visibility into your Network History

On average it takes 146 days to detect a breach in your network. Most companies only store 4 days of packets so this leaves 142 days with no visibility into what was happening on your network during the breach. The SentryWire Packet Capture Tool and Network Security Platform will provide you with visibility into your network and not leave you in the dark as to when a breach has occurred.

 

Adding SentryWire to Your Defense & Depth Strategy

Victor Hazlewood, Chief Operating Officer at UT/JICS, Oak Ridge National Laboratory, talks about how adding SentryWire to their Defense & Depth Strategy has helped them better protect their network and organization.

 

Get Started Today!
Schedule a Free Demo