Trisul NSM

Trisul Network Security Monitoring

PACKET LEVEL MONITORING

Full spectrum collection and correlation of network alert events, flows, metadata artifacts, traffic profiles, down to packets. Gain visibility, Identify potential security threats, and conduct investigations with confidence.

START MONITORING NOW

Watch Our Video!

Explore Trisul Network Security Monitoring Solution's powerful features providing real-time traffic monitoring, raw packet analysis, hundreds of metrics and much more.

#

NETWORK SECURITY MONITORING WITH TRISUL

THREE KEY BENEFITS OF NETWORK SECURITY MONITORING

Visibility

Gain unparalleled insight into your network with Trisul’s extensive range of advanced metrics, including Unique Peers per Host, TLS Ciphers in use, and the cross product of Internal Hosts x External Hosts x Apps. This comprehensive visibility is further enhanced by automatic metadata extraction, such as files transferred, DNS records, HTTP URLs, and Certificate Chains.

Detection

Detect potential threats with Trisul’s advanced intrusion detection capabilities. Millions of indicators of compromise are scrutinized against your objects in network traffic, including IP addresses, Domains, HTTP hosts, SSL hosts, and SSL certificates. More, our flexible rule-based packet capture and storage engine ensures that relevant packets are captured and retained, providing valuable evidence when needed.

Investigation

Reconstruct, compress, and store network flows with Trisul, enabling efficient querying and investigation. Discover complex relationships between metric items such as whether  a TLS Cipher Suite used was related to an IP Address, a TLS Organization, or a Country using Trisul Edge, a powerful streaming graph analytics.

One Integrated Solution Lets You Focus On Visibility

Traffic Monitoring from a Security Perspective. This sets Trisul NSM apart from tools that only offer either traffic monitoring or security detection. By working on raw packets and extracting different data types in addition to deep traffic views gets you the full picture. The special feature is a sophisticated raw packet storage which gives you access to the actual packets.

Deep and wide traffic metrics and top talkers

Raw packet analysis gives you wide visibility across layers

  • Real Time Traffic Metrics
  • 200+ metrics in 40+ counter groups out of the box
  • Time series data stored for each item at 1 min resolution
  • Advanced metrics like Unique-N, Top-N, Bottom-N, CrossKeys
  • Point and click to create your own metrics

Real-Time IDS Alerts Dashboard

Integrated with signature-based intrusion detection

  • Websockets powered real time alert dashboard
  • Visualize large quantities of alerts with smooth, intuitive, dynamic animations
  • Investigate further with drilldowns to visualize all event-related data in an interactive graph, showing related alerts and impacted IPs.
  • Download complete packet capture (PCAP) files directly from the dashboard for in-depth analysis.
  • View all flows associated with the alert, auto-tagged with IDS and country tags for efficient identification.

Edge Graph Streaming Analytics

Discover hidden relationships between various network metrics beyond traditional flow connections for deeper insights into network behavior!

  • Explore how network entities like IP addresses, ports, protocols are interconnected.
  • Go beyond basic flow connections by enriching flows with tags that reveal if TLS cipher suites, organizations, and countries are related.
  • As Trisul captures packets, it generates an "Edge stream" in real-time, linking related entities for on-the-fly analysis.

PRIORITIZE MY NETWORK'S SAFETY!

SECURE NOW

Raw Packet Analysis

Analyze raw packets with Trisul not only for improved network security monitoring but also for performance troubleshooting!

  • Access full packet content in a single click for security applications, enabling you to analyze threats and anomalies effectively.
  • Quickly retrieve ARP and Spanning Tree packets to diagnose Layer 2 issues and optimize network performance.
  • Utilize the Trisul LUA API to customize packet storage policies at the flow level, tailoring your data retention strategy to fit specific needs.

Advanced SSL/TLS metrics

Gain great visibility into the SSL encrypted traffic in your network!

  • Most traffic is carried over SSL/TLS these days
  • Deep TLS metering provides enhanced visibility into majority of the packet traffic
  • Measure TLS versions, TLS cipher suite, TLS organization, TLS CA, TLS public key algorithm, and TLS signature algorithm.
  • Using SNI measure traffic in depth by server names for cloud computes
  • Hashes all TLS certificates and checks them against threat indicators

Track each flow

Store every flow to aid investigation

  • Flow is a record of communication
  • Construct flows from packets and store them
  • Query flows for any IP for as long as you want
  • Query flows for any IP for as long as you want, this provides a solid record which you can rely on when conducting investigations
Flow analysis

Trisul Network Analytics

Download

Trisul Network Security Monitoring

Datasheet

I'M READY TO GAIN MAX VISIBILITY.

LET'S GO!