SOC oriented tool designed by SOC analysts for SOC analysts
The InQuest partner ecosystem is comprised of organizations that have been carefully selected based on cyber-security expertise, industry knowledge or technology solutions required to address the security challenges faced by a diverse range of customer types.
Primary deployment today is within the US federal government. Offered in a variety of configurations depending on your infrastructure.Product Specsheet
Scalable Efficiency For Data Acquisition, Analysis & Safeguarding
InQuest's appliances are designed to scale to meet the needs of your organization. Collectors are designed to monitor networks with bandwidths of 100 Mb/s, 1 Gb/s, 10 Gb/s, and 20 Gb/s. For larger and growing organizations, multiple collectors can operate in parallel, enabling network monitoring at scales of 40 Gb/s and beyond.
InQuest Manager appliances are also available in two levels to fit your organization's needs. The InQuest Standard Manager provides 256 GB of RAM, 3.84 TB of RAID storage, and is suitable for organizations with up to approximately 30,000 employees generating about 10 Gb/s of network traffic. For larger organizations, the InQuest Manager XL doubles the storage and RAM of the Standard Manager to meet your needs.
All InQuest appliances are purpose built in a 1U form factor to minimize their footprint, power consumption and overall cost to your organization.
For Open Collaborative Environment
In some environments, it is desirable to monitor traffic from multiple, separate networks and capture that data at a single aggregation point such as a data center or headquarters location. The InQuest Manager & Collector architecture allows this to be performed efficiently by deploying a Collector appliance scaled to the environmental needs of each satellite location. A single Manager appliance allows these Collectors to be administered, configured, managed and observed from a centralized location, providing complete control, visibility and data accessibility to your organization's SOC analysts and engineers.
For Large Secure Facility
Secure facilities may have specific requirements that require all inspection, analysis and processing of captured data remain within the local network and that the number of appliances with visibility of this data be limited. In this scenario, a Collector can be deployed at each point of ingress/egress to the network (load balanced or redundant connections). Each Collector (or set of Collectors if the connection's throughput exceeds 20Gb/s) must be capable of monitoring the underlying network transport's capacity, so larger Collectors are recommended for larger organizations. A single Manager can be deployed within the local network (with an option for a remote backup Manager) to provide monitoring, configuration, and analysis while meeting the security requirements of the organization.