High-performance Network Capture and Analysis
FDR is purpose-built to deeply examine files and network sessions captured from email, web and network traffic. As well, it tackles network traffic analysis (NTA).
Full visibility into network traffic has value well beyond its traditional use of optimizing network performance. It also helps your security team look for advanced threat activity.
A strong NTA solution can detect advanced threats that might have bypassed traditional perimeter defenses like firewalls and IDS/IPS. It can also find nefarious traffic that originates from within the business network through analytical techniques like machine learning. Equipped with the latest threat intelligence, NTA can match suspicious or anomalous local traffic to active global threat campaigns - enabling security teams to quickly assess if their network security has been compromised.
However, NTA presents a special challenge. Given its sheer volume and complexity - capturing and dissecting traffic in a manner that scales to any link speed - and cost-effectively - is a supreme challenge.
FDR Collector and Manager appliances are designed to monitor networks with bandwidths of 100 Mbps, 1 Gbps, 10 Gbps, 20 Gbps, 40 Gbps and beyond - in an extraordinarily small rack unit footprint (1 RU per appliance regardless of link speed). Relative to other traffic capture appliances, this represents a significant savings in rack unit space, heating, and cooling - important network provisioning and cost considerations for any networking and/or security operations team to consider.
In addition to throughput, space, heat, and cooling optimization, InQuest NTA can monitor traffic from multiple, disparate networks - capturing that data at a single aggregation point, e.g., a data center or headquarters location. Each satellite location can have its own Collector, and a single Manager can administer, configure, manage and observe all Collectors from a centralized location - providing complete control, visibility, and data accessibility to your organization's SOC analysts and engineers.
Finally, secure facilities may require that all inspection, analysis, and processing of captured data remain within the local network. FDR NTA can be deployed in a manner where each Collector is placed at a specific network ingress/egress point, along with a single Manager deployment within the local network. This approach provides full monitoring, configuration, and analysis while meeting stringent security requirements.