Overview

TDAC (Telesoft Data Analytics Capability) is a cost effective, field-proven ultra-high-rate data monitoring, analytics and forensics platform. As networks expand and security threats rise, CISOs and IT security professionals are losing visibility, knowledge and control. Ingest un-sampled network flow metadata from multiple 100G fibres and network infrastructure components whilst maintaining low latency querying. This enables full network monitoring, highly-responsive threat management and un-sampled data forensics.

TDAC scales horizontally according to the resources allocated to it, enhanced database features allow all network data, including that from different geographical locations to be queried as an entire mass or sliced by source/site.

TDAC’s integrated database allows full storage of collected flow metadata, taking in a range of formats such as IPFIX, IDS alerts and access/system logs. Enriched metadata provides up to L7 application visibility whilst maintaining 1:1 (zero-loss) visibility of network events to ensure precision accuracy in forensic investigations on multi-petabyte of stored network data.

TDAC’s intuitive and secure dashboard enables exploration of trends and patterns in your data by using our in-built queries, configuring your own or combining both for flexible control of multitenant capable search and analytics, returning search results in seconds. This advanced insight is invaluable for determining whether an issue stems from an application, the network itself, or from a security incident.

Easily drill down into massive amounts of network data and automate alerts to the security operations team to enable rapid incident response, performance monitoring and reporting.

Automatic ‘forensic pathway’ tracking allows for investigative route tracing through the data lake in order to be post analysed, replayed and downloaded as a report. This enables auditing and enhanced intelligence during incident management and response.

Options available include role-based access by data type, key, or geographical/physical source.

Interactive GUI

Reporting and Monitoring

Investigation: Virology Spread by Host

Investigation:DDoS Sources/Botnet Activity

The platform is available as an appliance or as software-only to run on your own Commercial off the Shelf (COTS) infrastructure.

Key Features

Analysis of multi 100Gbps network

Cost effective visibility and analysis of ultra-scale networks

Low latency query (typically > 2 minutes)

Works with Incident response work flow

Pre-built queries and user definable

Works out-of-the-box (no programming required) but also flexible

Analytics software runs on users infrastructure

Use existing datacenter resources or benefit from existing supply pricing for server provisioning

Scales to multiple 100Gbps monitoring

Have visibility of ultra-scale networks where SOC is currently blind

Contact Us