FlowIntelligence™ Cyber Sensor Suite

Observe, Orient, Decide and Act

Benefits

  • Customized advanced threat analysis, breach and/or intrusion detection and cyber event monitoring
  • Collects, queries and extracts L3-L7 flows in real-time
  • Detects network threats from external and internal sources
  • Provides deep packet inspection for L7 information including potentially malicious files
  • Integrated multi-sensor threat sharing and big-data analytics support

Comprehensive Network Threat Analysis

Observe, Orient, Decide and Act – The FlowIntelligence™ Cyber Sensor Suite enables any organization to monitor, assess, identify and mitigate cyber events or threats that have evaded first and second-tier Cyber defense technologies.

The Bivio FlowIntelligence Cyber Sensor Suite consists of a collection of fully customizable cyber sensors to meet specific requirements for:

  • Network Threat Analysis
  • Network Hunt with YARA and Machine Learning
  • Network Flow Analysis for anomaly detection and forensic analysis
  • Network Event Monitor

These cyber sensors provide critical network and cyber intelligence to aid in the identification and mitigation of cyber events and threats to the network environment.

Advanced Threat Analysis with Multi-Vector Sensing

The Cyber Sensor Suite implements a multi-vector sensing approach on network flow data for near real-time threat and event identification. It also facilitates the event investigation process through replay of stored PCAPs through the sensor suite to enable forensic analysis of the network data. Speed is the key word: the solution is fast and ensures analysis at network speeds up to 100 Gbps.

Key Capabilities

  • Intelligence-driven dynamic analysis leveraging threat intelligence with IP reputation data, URL data, Domain and malware information
  • Deep File Inspection & Extraction for malware analysis
  • Threat Sharing with OpenDXL and other sharing mechanisms
  • Customizable sensor architecture with plug-in and API support
  • Integrated analytics with full customization to include machine learning and deep learning
  • Ability to integrate with third-party technologies such as SIEM’s, Logging tools, SQL and No-SQL databases, Big data and Hadoop environments, etc. with Kafka

The Bivio FlowIntelligence Cyber Sensor Suite enables monitoring and analysis for enterprise customers, Internet Security Vendors and Managed Security Providers as well as Cloud Operators. The solution delivers flow and session analysis for anomalous behavior identification. It allows multi-tenant operations with commercial and custom rules by customer or Virtual LAN (VLan) identification number.

The sensor suite includes event analysis for identification of network policy violations, analyzes user network behavior, aids in malware identification and performs analysis of advanced persistent threats. An extension to the event analysis is the capability of the network hunt function that leverages YARA-based tools for identification of malware in the network flows. Enhancing the analysis is accomplished through host identification, determining which applications are being used in the network and de-obfuscation of sessions.

While the Cyber Sensor Suite operates passively on the network, active countermeasures are possible with the solution. It provides the ability to interact with playbooks for cyber response, inter-operate with OpenFlow and SDN technologies for an active response. The solution is available for the enterprise, campus and data center.

Take Control with FlowIntelligence™ Cyber Sensor Solutions

Bivio FlowIntelligence technology provides a scalable, modular and customizable solution to address the requirements of critical cyber and network intelligence for network operations and defense. The sensor supports a variety of options and modules to customize the data acquisition, query process, first level analysis, and flexibility to integrate advanced 3rd-party “big data” analytics tools with Kafka. This makes the sensor a versatile, real-time source of critical network and cyber intelligence to support capabilities including unified communications analysis, network fault analysis, service optimization, service assurance, capacity planning and quality of experience, service revenue/cost analysis, cloud scrubbing, cloud monitoring, network analytics, information assurance, data exfiltration analysis or advanced network security and forensics.

The sensor technology provides key communications data that the analyst can utilize in their process to identify, find and mitigate or eliminate threats. The sensor includes powerful integrated analytics tools with the flexibility to interface with third-party big data analytics engines. The FlowIntelligence technology provides “best-of-breed” capability for high-speed and high-performance networks.

Contact us for more information about the FlowIntelligence Cyber Sensor Suite or learn more about Bivio Cyber Security Application Platforms using the button below.

Request More Info!

Request more information about Bivio FlowIntelligence Cyber Sensors and how they fit your cyber requirements today! Please complete the following information and a systems engineer will contact you directly.