-
Introduction
-
Verizon challenges the way organizations secure Benefits their networks with Network Detection and Response, a cloud-delivered security platform that is more intuitive, comprehensive and immersive than legacy products that came before it. Lightweight software sensors record complete traffic from any network segment from the DMZ to the core, on cloud networks, and even industrial environments, to establish a high-fidelity memory of the network in the cloud.
These sensors capture complete network data and send it to Network Detection and Response for storage and analysis. The platform acts as a network defense tool, allowing analysts to explore historical data retrospectively with the most up-to-date threat intelligence. Visualizations in Network Detection and Response can be used for real-time situational awareness or as a forensic workbench for incident response teams and threat hunters. It provides actionable intelligence, including a correlated view of threats, and packet-level forensic capabilities to speed incident response and threat hunting.
Download the solution brief
-
Like what you’re reading?
-
If you’d like to receive new articles, solutions briefs, whitepapers and more—just let us know.
Key benefits
-
Overview
- Delivers pervasive visibility across the network
- Provides unlimited, full-fidelity forensic window
- Reduces detection noise and alert fatigue
- Replay network traffic against the latest threat intelligence to uncover previously unknown latent threats
- Simplifies security and frees up incident responders to hunt for threats
- Complements existing infrastructure through secure APIs
- SaaS model deploys rapidly
-
Cloud-based network memory
Record traffic from multiple networks into a single haystack for centralized analysis with unlimited, full fidelity retention windows.
- Enables long-term retention and analysis of network traffic
- Unlimited network packet capture, replay and storage into a single haystack
- Choose to capture what matters to your risk profile.
- Adaptive capture options for flows, metadata, or full packet capture (PCAP)
- Purpose-built for distributed networks
- Can be deployed on any network segment for unlimited coverage models
- Enables long-term retention and analysis of network traffic
-
Intelligence from sensor-driven data
Network data delivered in context.
- Deep packet inspection of data from thousands of protocols and applications
- Network data compared with proprietary and third-party intelligence for community– scaled detection
- Network data compared with proprietary and third-party intelligence for community– scaled detection
- Advanced traffic threat analysis performs correlation, heuristics and machine learning
-
Retrospection
Analysis done in real time.
- Analysis engine powered by centralized repository of full–fidelity network data allows for continuous detection and prioritization of threats
- New indicators of compromise from network intelligence trigger automatic smart retrospection to analyze past network behavior for newly discovered, latent threats
-
Intuitive data visualization
- Compresses dwell time and incident response with deep forensic exploration using cutting edge visualization tools.
Give security teams an easy-to-navigate system to more quickly act on threat intelligence.
- Advanced forensics visualization allows analysts to interact with data through kill-chain analysis, network connection graphics and event timelines
Powerful security console with customizable flexibility.
- Integration capabilities to feed threat data into custom SOC and forensics dashboards
- Quick management of policies for sensor deployment, packet capture, user management and alert notification
-
Technical requirements
Recommended requirements for sensor (physical or virtual):
- CPU: Intel Xeon with 4+ Cores
- Memory: 8GB or more free
- Disk space: 8GB disk space (required for buffering)
- Internet connectivity for the Relay and Management Interface
- 2 network interfaces
- Monitoring NIC: 10/100/1000 Ethernet connected to a SPAN/Tap/Mirror port Relay and Management NIC: 10/100/1000 Ethernet for relaying optimised and encrypted data and sensor management
Related offerings
-
Network Detection and Response
Perform near real-time and retrospective threat detection and visualization with our full packet capture solution delivered from the cloud.
-
Cyber Security Incident Response Team Services
Respond quickly to cyber attacks by enhancing your incident management resources with our team of experts.
Let's get started.
Choose your country to view contact details.
- Select Country...
- United States
- Argentina
- Australia
- Austria
- Belgium
- Brazil
- Canada
- Chile
- China
- Colombia
- Costa Rica
- Denmark
- Finland
- France
- Germany
- Hong Kong
- India
- Ireland
- Italy
- Japan
- Korea
- Luxembourg
- Mexico
- Netherlands
- New Zealand
- Norway
- Panama
- Portugal
- Singapore
- Spain
- Sweden
- Switzerland
- Taiwan
- United Kingdom
- United States
- Venezuela
-
Call for Sales.
Or we'll call you.
Existing customers, sign in to your business account or explore other support options.