Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

2/23/2010
01:26 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Endace Introduces Next Generation, Carrier-Grade Intrusion Detection Solution

Endace IDS combines multiple critical IT security systems into a single, fully integrated workflow

Auckland, New Zealand—February 22, 2010— Endace, a provider of security and IT solutions based on its DAG' (Data Acquisition and Generation) high speed packet capture technology, today introduced its carrier grade Intrusion Detection System (IDS), an IT security offering that identifies potential vulnerabilities by analyzing network traffic. Unlike competitive offerings, Endace’s solution is based on analysis of 100 percent of network traffic—giving “the power to see all”—at speeds up to 40 Gigabits per second (Gb/s).

Endace’s IDS combines multiple critical (and typically independently purchased) IT security systems into a single, fully integrated workflow. Endace IDS supports threat detection, rules policy management, alerting and forensic analysis based on the product’s ability to capture and replay traffic. As a result, IT security professionals benefit from a more reliable operating environment (as a result of the 100 percent capture) and an improved mean-time-to-resolution.

“Security teams want to increase risk assessment accuracy and reduce redundancy to make their programs more efficient,” said Diana Kelley, partner at IT research analyst and consulting company SecurityCurve. “Moving forward, I think solutions that help security professionals eliminate duplicate or little used tools in the data center and on the network will see increased adoption.”

Key features of the Endace IDS include:

* High-performance with Endace Probes. The foundation for the solution is a network traffic packet-analysis engine that is capable of 100-percent packet inspection at any speed, up to 40 Gb/s. Endace Probes have been purpose-built to “surgically” replace failing IPS/IDS sensors that are part of existing security implementations and can be easily integrated with all major SIM / SIEM vendors.

* Packet analysis using the de facto industry standard open source SNORT' inspection engine. By using an open source engine, organizations are able to benefit from the combined effort of thousands of security professionals around the globe.

* Endace Security Manager (ESM) alerts appropriate personnel to threats with an elegant graphical interface. ESM also enables centralized control of the IDS rule sets, policies and configurations.

* Endace’s Analytics application (powered by CACE Pilot') provides the forensic tools. IT security professionals can understand what really happened on their networks. The 32 terabyte onboard traffic buffer enables back-in-time contextual analysis of events—the ability to record, store and playback all traffic—which is vital to the accurate and timely identification and resolution of threats.

By combining threat detection, alert management and network forensics into one solution, Endace’s IDS approach eliminates separate machines, lowering heat and reducing space and power requirements. Moreover, Endace Probes are built to handle up to 20 separate monitoring ports on a single Probe, making it a highly cost-effective and scalable monitoring solution.

“Without 100 percent packet capture, there is a very real risk of anomalous traffic getting through. In our view, an IDS that misses a single packet cannot be trusted,” said Neil Livingston, chief product officer at Endace. “Our research shows that competitive IDS solutions can miss up to 40 percent of traffic, which is shocking. Our 100 percent packet capture technology is the foundation for our IDS approach.”

About Endace

For organizations that rely on their data networks to do business, Endace provides high performance network security, traffic analysis, latency measurement and application acceleration solutions that capture, inspect and report on every single data packet.

Our product portfolio, based on patented DAG technology, includes multi-function, multi-application Probes and a comprehensive range of powerful management, measurement, alerting and analytics Applications.

These products provide the broadest, most capable range of packet capture technology, for any interface, speed or packet type from 10 Mb/s right up to 40 Gb/s. We enable our customers to be confident in their information security, regulatory compliance, service performance and traffic monitoring by giving them the “power to see all.”

Based in Auckland, New Zealand, Endace also has offices in the U.K., United States and Hong Kong. Quoted on London's AIM, the stock code is LSE: EDA.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...