A Complete Packet Capture Appliance
& Network Security Platform

Whether you are trying to troubleshoot a networking issue or responding to a security incident, SentryWire can provide you full visibility into your network traffic, past & present.

 
SentryWire-Packet-Capture-Appliance-230-1.png
 

Overview

SentryWire is the Next Generation Packet Capture Appliance and Network Security Platform that is based on a unique capture and storage architecture which breaks the performance, scalability and expense barriers of existing frameworks. The system supports capture rates from 1Mbps to +1Tbps, while providing real-time filtering and allowing retention of network traffic for weeks, months and even years at price points that can be as little as 20% of the cost of other systems.

Imagine a Hadoop like architecture that is engineered to scale out compute and storage to provide the fastest search in the industry even in packet stores of 100PB's. The SentryWire system has high-speed packet recording with real-time analytics, visualization, and BPF-syntax filters. The system detects intrusions, minimizes damage caused by breaches and enables complete packet level analysis of any incident.

The SentryWire Packet Capture Platform allows an extended timeline of traffic to be recorded and analyzed at commodity prices using new or existing analytics. Why is it important to have an extended timeline of packet traffic stored? Because we know on average it takes 146 days to detect certain state sponsored intruders in a network and without a high fidelity recording of the network traffic enterprises cannot make a definitive determination of when intruders got in, how they got in or exactly what data was ex-filtrated.


Packet Capture Lines Circles 1 54 54 1.png
 

Full Packet Capture

Capturing just Metadata does not
produce a high fidelity record of Traffic.

Magnify Glass Icon 1 54 54 1.png
 

Powerful & Fast Search

Search Petabytes of Network Traffic
in Minutes.

Calendar Icon 1 54 54 1.png
 

Extended Timeline

Network Traffic Stored for Weeks,
Months or Years.

 
Orange Speed Icon 1 54 54 1.png
 

Fast Capture Speed

Capture Speeds from 1Mbps to +1Tbps.

Intrusion Detection Icon 1 54 54 1.png
 

Intrusion Detection

Present Day Intrusion Detection limits Breaches.

Analytics Icon 1 54 54 1.png
 

Visualization & Analytics

3D Visualization + Integrated Commercial, Open Source & Custom Analytics.


Full Network Packet Capture

Packet Capture Lines Circles 1 54 54 1.png

Line rates 1Mbps to +1Tbps, lossless and continuous capture. This isn't just packet inspection and retention of the meta data from that inspection - we capture and store all the network IP Packets so it can be filtered against known signatures and also be continuously inspected and analyzed for signatures that materialized after the traffic was filtered, collected and stored. We know, on average, perpetrators are in the network for 146 days before being discovered, so it's critically important to have an extended timeline of packets available for analysis.

 
 
SentryWire Basic Overview Diagram 1 Overview Page 1.png
 
 

Powerful & Fast Search

Magnify Glass Icon 1 54 54 1.png

Because of our architecture, we scale search when we scale compute and storage, meaning that our searches occur over smaller data stores, dramatically increasing search results. Searches often produce a very large PCAP file that we tranche down to digestible bites so that search results are streamed almost immediately and don't bog down the network. SentryWire’s Federation Manager is a Single Pane of Glass management console that monitors and initiates searches across the entire infrastructure.

SentryWire Search Graphic 1 Landscape SentryWire Search 1 No PB 1 Combined 2 (4).png
 
 

Extended Packet Capture Timeline

Calendar Icon 1 54 54 1.png

Forensics for incident response and post-breach activities. Even with the best enterprise security tools deployed in multiple layers and depth, organizations that are breached find they need to reach back more than 146 days from the discovery of the breach to get to the root of the problem and determine which data were accessed and exfiltrated. Or for the non-security use cases, unscheduled outrage root cause analysis often requires a similar timeline of high fidelity data to be accessible. SentryWire provides real-time filtering and retention of network traffic for weeks, months and even years at price points that can be as little as 20% of the cost of other systems.

 
 
Sentrywire Storage Days Months Years Graphic Black 1.png
 
 
 
Sentrywire Capture Capacity Graphic 1 (1).png
 

Fast Capture Speeds

Orange Speed Icon 1 54 54 1.png

We guarantee the best lossless capture performance on the market. Our capture rates, as well as the rates we move the packets around inside the appliance and the cluster nodes, have been architected and engineered to continuously capture, even the burstiest traffic. We can scale to the fastest current market bandwidths (100Gbps to +1Tbps) and our architecture will continue to grow with network bandwidth capabilities.

 
 

Intrusion Detection

Intrusion Detection Icon 1 54 54 1.png

We include the open source and SNORT-centric Security Onion as our IDS, leveraging the rich intrusion visualization capabilities of this suite and instrumenting our filtered data flows so that the various Security Onion components have the best data feeds for their intended purposes. We also provide connections to the industry's leading IDS platforms.

 
SentryWire-Packet-Capture-Appliance-230-1.png
 
 
 
 
SentryWire Overview Compliance Page 1.png
 

Compliance

SentryWire Checklist Icon 54 x 54 1.png

SentryWire can help support an organization’s audit and compliance requirements by maintaining an authoritative record of network activity.  Whether focusing on North/South or East/West network traffic, SentryWire’s ability to capture and store hundreds of day’s worth of traffic provides auditors with definitive evidence of what took place in your network.

 
 

Visualization & Analytics

Analytics Icon 1 54 54 1.png

With SentryWire's Application Node and our RESTful API you can instrument to the world's leading commercial, open source and custom visualization platforms including 3D interfaces that allow security engineers to isolate anomalous activity. SentryWire's instrumentation to existing tools provides log correlation and aggregation visualization solutions with fast and seamless access to metadata logs.

 
SentryWire+Application+Node+Diagram+1+493+x+293+1 (1).png
 

Technology Partners

SentryWire-+-Splunk-1 (1).png

SentryWire partners with the leading Security Solution Providers to extend the power of our Packet Capture Platform. This ecosystem of partner technologies includes Governance, Risk Compliance Management Platforms, Intrusion Detection Systems, Behavior Based solutions, hardware and OS providers, other security and industry solutions. SentryWire’s industry standard RESTful API allows for easy integration to any commercial, custom or open source application. An example of our integration with our technology partners is Splunk. SentryWire’s integration to Splunk provides a powerful enhancement to your organizations ability to effectively identify, analyze, and act on network issues. Leveraging the comprehensive capture of organization packets from SentryWire and Splunk’s unparalleled ability to correlate and analyze machine data from a variety of sources allows your organization to handle the investigative process in the lowest possible time to resolution.

SentryWire_SOC_Dashboard___Splunk_7_2_4_2_and_Mail_-_chris_roffe_alliance-it_com_and_Slack_-_Alliance_Technology_G.png
Splunk-Screenshot-1 - Copy.PNG


Other Technology Partners


Pick your SentryWire System!

Browse the different SentryWire Solutions to find the one that is perfect for your organization.

SentryWire-Packet-Capture-Solution-500.png