Latest Network Forensics Products Keep Tireless Watch for Malware Threats

1 of 12

Latest Network Forensics Products Keep Tireless Watch for Malware Threats

by Fahmida Y Rashid

2 of 12

NitroView 8.5

As part of the NitroView 8.5 announcement, NitroSecurity also unveiled the NitroView ESM X3, NitroView Receiver 4500 and NitroView Virtual Receivers for collecting, analyzing and retaining network flow data. The ESM X3 can collect up to 150,000 network events per second and can concurrently analyze up to 40 billion events. The Receiver 4500 captures up to 20,000 events per second. The ESM X3 has blazing fast performance, with 320GB of SSD and a 7TB hard disk drive balance speed with reliability.

3 of 12

NitroRSC Correlation Engine

NitroSecurity also will show off the key component of its NitroView 9.0, expected in the summer. The NitroRSC Correlation Engine can calculate a risk score based on the asset value, vulnerability profile and event scoring. IT managers can proactively evaluate risks and effectively identify emerging threats based on the scores. Version 9.0 will also include automated smart listing, alarm management and compliance management, Knapp said.

4 of 12

SonicWALL SuperMassive E10000

SonicWALLs SuperMassive E1000 Series features 12 processing cores with 12 additional cores in integrated high availability mode, and can deliver full deep packet inspection with application intelligence and intrusion prevention at 3 Gbps. The SuperMassive E10000 Series of Next-Generation Firewalls includes four models: the E10100, the E10200, the E10400 and the flagship E10800.

5 of 12

NetWitness Spectrum

NetWitness Spectrum scans all incoming and outgoing Web traffic to determine if its malicious. If its packet analysis detects malware, Spectrum assesses its potential for causing damage as well as the severity of the threat, and prioritizes which issues to remediate first. Scanning is signature-free, so it can find zero day malware and unknown processes.

6 of 12

FortiGate 3140B

Fortinets consolidated security appliance provides datacenters and large enterprises with a firewall, a virtual private network (VPN), and an intrusion prevention system (IPS) maximized for performance. The FortiGate-3140B features up to 58G bps firewall performance, 10G bps of IPS performance, and up to 22G bps of VPN performance. The company also unveiled a new version of FortiOS 4.0 operating system.

7 of 12

Identity Finder 5.0

With Identity Finder, administrators and end-users can locate and secure sensitive information (containing Social Security numbers, for example) stored anywhere on the network. The data protection system allows users to digitally shred, redact, encrypt and quarantine information. Version 5.0 has improved search, remote remediation and configuration management and faster performance.

8 of 12

Solera Networks 5.0

Solera Networks updated the operating system that powers its line of Solera DS appliances. With application classification and deep packet analysis capabilities with geolocation, version 5.0 improves network situational awareness, allowing IT managers to swiftly determine the root cause and fix problems.

9 of 12

Qualys IronBee

The open source cloud-based Web application firewall from Qualys examines Web traffic instead of just IP packets to track threats like cross-site scripting attacks and embedded JavaScript attacks. IronBee can block or modify the traffic to neutralize the threat.

10 of 12

ValidEdge NMS Analyzer

The Network Malware Security monitoring appliance continuously scans for suspect code intrusion, performs an instant analysis when malware is detected, and alerts the IT personnel of the threat. ValidEdges NMS speeds up detection of threats that can lurk undetected in the network.

11 of 12


The joint offering from Fidelis Security Systems and CloudShield Technologies consists of Fidelis data breach prevention applications running on CloudShieds high-performance blades and is intended for commercial enterprises, government agencies, and Internet service providers. Deployed at the network perimeter or at boundary points between zones of control, the combined product will allow security professionals to analyze, visualize and contain threats while detecting and preventing unauthorized data transfers.

12 of 12

Alert Logic ThreatManager and ActiveWatch

Alert Logic added IPv6 support to its ThreatManager appliance and ActiveWatch managed service to monitor and secure both IPv4 and IPv6 networks. Alert Logic detects IPv6-based attacks over both native IPv6 networks and IPv6-over-IPv4 tunnels.

Top White Papers and Webcasts