World’s highest rate platform for
traffic monitoring, intrusion detection
What is Network Detection and Response?
Network Detection and Response, or NDR, is a security solution that provides comprehensive visibility of the data traversing a network, enabling security teams to extract and retain information regarding communications across their entire digital estate, which supports Digital Forensic and Threat Hunting investigations.
NDR not only provides the visibility of all communications traversing a network at multiple-Tbps, with such rates commonly seen in backbone infrastructure but also extracts the relevant metadata within these communications in order to support digital forensics and threat hunting investigations.
Network Detection and Response for Internet backbones
Total visibility of traffic and threats on the communications and data backbones of networks is essential for ensuring real-time threat detection, 12-month forensics and views of customers, country, infrastructure and services.
This provides decision-makers with a view of the interconnected world – enterprise, IoT, cloud, industry, 5G, global internet – applied with up to date cyber intelligence for deep forensic analysis and threat hunting across the network infrastructure and network data.
Key features of Network Detection and Response
- Enables deep security operations at Tbps
- Single view of entire digital estate
- Drill-down from assets and customers to metadata and raw network traffic
- Reduced noise with pre-grouped data
- Real-time alerting and forensics
- Low OPEX per 100G
- Standardised data formats for interoperability
- On premises data storage and secure access
- ISO 9001 responsive and agile engineering
- World-class maintenance & support services
- UK designed hardware and software
How does backbone NDR work?
A single huge data lake of metadata, raw network traffic and real-time indicators of compromise is made available to operational teams for incident response and proactive threat hunting. Data is analysed, enriched, correlated and presented in real-time reducing time and resources to act on events and observations.
400GBPS FlowProbe: Network Traffic Monitoring
Monitor real time traffic information and network performance whilst using anomaly detection to maintain cyber security with our ultra high performance 4x 100GbE network traffic monitor.
100GBPS CERNE: INTRUSION DETECTION
100 Gbps IDS engine and alert driven packet recorder that enables 24/7 real-time network threats monitoring and access control.
400GBPS TRITON: CYBER WARFARE SIMULATION
Prove and enhance your cyber security posture with our Cyber Warfare Simulation tool and our world class SLA and advanced on-site/ off-site support.
TDAC: Digital Forensics
Unlocks network visibility and threat identification
Scalable Network Visibility
Discover how our TDAC helped one the largest technology providers in the US market by streamlining the SOC team’s day to day security monitoring
Threat Visibility for High Rate Traffic
Telesoft assisted this large retailer by deploying our FlowProbe, CERNE and TDAC to detect and prevent possible attacks, whilst providing sufficient historical data for forensic analysis.