Most advanced traffic and visibility platform

Practical solution to the 'monitor all the things' strategy

Network security monitoring involve monitoring tons of metrics , metadata, flows, down to the packet level. Trisul leverages cutting edge streaming algorithms to bring full blown monitoring using a minimum amount of resources.

The benefits
  • Gain full visibility into network traffic and security threats
  • Advanced streaming analytics helps your teams resolve traffic and security incidents
  • Save upto 80% of hardware and TCO of equivalent RDBMS or Search based solutions

Respond to new and evolving requirements

Our rich and open Lua API lets your build your own tooling with minimal programming

As a customer you are justifiably wary of vendor lock-in. For every small tweak to adjust your business requirements you end up requesting a call.

The benefits
  • No special language to learn, just plain LUA or Ruby
  • Build upon Trisul's packet processing, reassembly, file extraction, storage
  • An ecosystem of Trisul APPS is slowly building on GitHub
The LUA API (Live Analysis) The TRP API (Retro Hunting)

Miss nothing with multi layer traffic metrics

Supercharge your threat hunting, surveillance, and anomaly detection

Most organizations today run blind when it comes to network traffic monitoring. Typically, they use SNMP or basic Netflow to monitor bandwidth and top users on selected uplinks. Trisul presents you with a dramatically enhanced range of metrics. We do this by analyzing packets, reconstructing their content and extracting hundreds of relevant metrics from them.

The benefits

  • Monitor and alert on metrics from L2 to L7 such as HTTP, SSL/TLS, DNS metrics
  • Create your own metrics by simple point and click
  • 200+ metrics including advanced traffic statistics available out of the box
  • More on Metrics

Discover patterns and detect threats before they hit

Tools to help you test your hypothesis. Across metrics, flows, alerts, resources, packets

Trisul continously scans your network traffic against known threats like malware, spam and phishing sites. You can then investigate your hypothesis of the historical impact of any attack by querying Trisul's well indexed metadata of alerts, resource, full text search documents, and finally down the packets.

The benefits

  • Alerts are automatically correlated with flows, traffic patterns, and packets
  • Meta data extraction of URLs, TLS Certificates, HTTP Headers, DNS Records, and File hashes
  • We dont tie you to our backend - export everything to Elastic Search, Splunk or others
  • More on Flows and Metadata

Packets are the ultimate 'truth', we help you find it

Fine grained pruning policies that make PCAP retention viable for everyone

The ability to drill down all the way to packet level is a key capability of Network Security Monitoring. Without this ability you will stop at the flow level and will be blind to what was actually happening. Trisul enables this powerful capability by giving you the tools to instantly pull up packets from any context and policies to optimize the packet storage to make the scheme practical to deploy.

The benefits

  • Fine grained, easy to use policies cut down packet storage requirements
  • Packets are stored encrypted and locally on each trisul-probe
  • Advanced indexing technology lets you retrieve packets very quickly
  • More on packet indexing
How is Trisul different

Trisul puts fine grained metrics at the centre of a network monitoring strategy. The other pieces of a full NSM stack are arranged around the metrics model. Trisul is based on a real time stream processing architecture rather than traditional RDBMS or Search. This allows of real time analysis of large time windows, which can be challenging with non-streaming approaches.

What users are saying..

"I was using tshark to capture all the packets and then having to carve a 15 GB pcap down to just the packets I wanted to look at and then re-assemble the document. That particular task would have taken me around thirty minutes to accomplish without Trisul." Timothy Howard, City of Delaware
"Trisul has been monitoring our VSAT (satellite) and internet links, our team gets an email everyday with a summary of issues with our network. We were able to cut down our multicast VSAT traffic with help from Trisul" CIO - ITI Financial
"Trisul is an amazing product with a strong emphasis on network and security monitoring. Trisul's integration of the two enables us to leverage existing IDS tools and network traffic and flows into visualizations putting them in context immediately" Mark Maunu, Network Security Analyst, USA