World’s highest rate platform for
traffic monitoring, intrusion detection
and analytics.
What is Network Detection and Response?
Network Detection and Response, or NDR, is a security solution that provides comprehensive visibility of the data traversing a network, enabling security teams to extract and retain information regarding communications across their entire digital estate, which supports Digital Forensic and Threat Hunting investigations.
NDR not only provides the visibility of all communications traversing a network at multiple-Tbps, with such rates commonly seen in backbone infrastructure but also extracts the relevant metadata within these communications in order to support digital forensics and threat hunting investigations.
Network Detection and Response for Internet backbones
Total visibility of traffic and threats on the communications and data backbones of networks is essential for ensuring real-time threat detection, 12-month forensics and views of customers, country, infrastructure and services.
This provides decision-makers with a view of the interconnected world – enterprise, IoT, cloud, industry, 5G, global internet – applied with up to date cyber intelligence for deep forensic analysis and threat hunting across the network infrastructure and network data.
Key features of Network Detection and Response
- Enables deep security operations at Tbps
- Single view of entire digital estate
- Drill-down from assets and customers to metadata and raw network traffic
- Reduced noise with pre-grouped data
- Real-time alerting and forensics
- Low OPEX per 100G
- Standardised data formats for interoperability
- On premises data storage and secure access
- ISO 9001 responsive and agile engineering
- World-class maintenance & support services
- UK designed hardware and software
How does backbone NDR work?
A single huge data lake of metadata, raw network traffic and real-time indicators of compromise is made available to operational teams for incident response and proactive threat hunting. Data is analysed, enriched, correlated and presented in real-time reducing time and resources to act on events and observations.
Highly accurate, unsampled network metadata is provided by the 400G Telesoft FlowProbe with targeted content capture and alerts provided by the 100G CERNE IDS.
Related Products
400GBPS FlowProbe: Network Traffic Monitoring
Monitor real time traffic information and network performance whilst using anomaly detection to maintain cyber security with our ultra high performance 4x 100GbE network traffic monitor.
View
100GBPS CERNE: INTRUSION DETECTION
100 Gbps IDS engine and alert driven packet recorder that enables 24/7 real-time network threats monitoring and access control.
View
400GBPS TRITON: CYBER WARFARE SIMULATION
Prove and enhance your cyber security posture with our Cyber Warfare Simulation tool and our world class SLA and advanced on-site/ off-site support.
View
TDAC: Digital Forensics
Unlocks network visibility and threat identification
ViewAdditional Content
Scalable Network Visibility
Discover how our TDAC helped one the largest technology providers in the US market by streamlining the SOC team’s day to day security monitoring
Read More
Threat Visibility for High Rate Traffic
Telesoft assisted this large retailer by deploying our FlowProbe, CERNE and TDAC to detect and prevent possible attacks, whilst providing sufficient historical data for forensic analysis.
Read More