Whether you are trying to troubleshoot a networking issue or responding to a security incident, SentryWire can provide you full visibility into your network traffic, past & present.
Capturing just Metadata does not
produce a high fidelity record of Traffic.
Search Petabytes of Network Traffic
in Minutes.
Network Traffic Stored for Weeks,
Months or Years.
Capture Speeds from 1Mbps to +1Tbps.
Present Day Intrusion Detection limits Breaches.
3D Visualization + Integrated Commercial, Open Source & Custom Analytics.
Use IDS signatures to search back across previously recorded packets to forensically detect & identify events using attributes and indicators relevant to today.
Collect packets and produce a variety of logs to track network performance metrics.
SentryWire does not truncate or slice any packets it captures, this allows for the return of fully sessionized PCAPs & provides the ability to extract file artifacts with ease via the UI.
SentryWire is a Full Packet Capture Appliance and Network Security Platform that is based on a unique capture and storage architecture which breaks the performance, scalability and expense barriers of existing frameworks. SentryWire supports capture rates from 1Mbps to +1Tbps, while providing real-time filtering and allowing retention of network traffic for weeks, months and even years at price points that can be less than 50% the cost of other systems.
Imagine a Hadoop like architecture that is engineered to scale out compute and storage to provide the fastest search in the industry even in packet stores of +100PB's. The SentryWire system has high-speed packet recording with real-time analytics, visualization, and BPF-syntax filters. The system detects intrusions, minimizes damage caused by breaches and enables complete packet level analysis of any incident.
The SentryWire Packet Capture Platform allows an extended timeline of traffic to be recorded and analyzed at commodity prices using new or existing analytics. Why is it important to have an extended timeline of packet traffic stored? Because we know on average it takes 146 days to detect certain state sponsored intruders in a network and without a high fidelity recording of the network traffic enterprises cannot make a definitive determination of when intruders got in, how they got in or exactly what data was ex-filtrated.