Endace, has announced the availability of its ultra-fast EndaceProbe 8100 Series Network Recorders. The new 8100 Series can capture and store network traffic at a sustained rate of 40 gigabits per second (Gbps) and is designed to provide ultra-high-speed monitoring and recording for the forensic investigation of network security breaches and performance issues.
DDOS attacks are often used to camouflage simultaneous attack activity, such as malware installation or data exfiltration They can overwhelm monitoring systems, flooding them with so much traffic that they fail completely under the load, or generate so many alerts it becomes impossible to see what other concurrent activity may be taking place.
The high-performance 8100 Series EndaceProbes not only support sustained 40Gbps recording, but also allow multiple users to data mine and analyze that traffic at the same time. This ensures security teams can continue to access and investigate recorded traffic—even during events such as DDOS attacks when their other monitoring systems may be overwhelmed.
“It’s essential to ensure your network monitoring and recording infrastructure can record without loss, even under the heavy of loads you would experience during a DDOS attack,” says Stuart Wilson, CEO of Endace, “Being able to reconstruct even the smallest aspect of an attack vector, exactly when you most need it – under heavy DDOS attack - is critical for effective breach analysis and legal audit trail creation.”
The new 8100 Series is the first product on the market advanced enough to record traffic from high-speed 40/100GbE networks without loss. It can capture traffic at high speed without losing packets, and can write captured data to disk at speeds sufficient to cope with high traffic loads.
Leveraging Endace’s proven, lossless DAG data capture card technology the 8100 Series EndaceProbes offer up to eight 1GbE/10GbE or two 40GbE monitoring ports, allowing simultaneous monitoring of multiple links on a single 2RU appliance. They leverage highly optimized SSD-based RAID storage to deliver sustained, 40Gbps write-to-disk rates into 24TB of onboard storage.
Multiple EndaceProbes can be connected to form a centrally managed, network-wide monitoring and recording fabric with distributed storage. EndaceVision, a browser-based application bundled with every EndaceProbe, provides centralized data mining and visualization for investigating security and network performance events across an entire network.