Portable Packet Forensics Appliance Answers the Call for On-Site Cyber Security and Network Analysis

nextcomputingCompany News

Nashua, NH – NextComputing introduces a one-of-a-kind portable packet forensics appliance for network analysts and Cyber Security investigators.

The CyberPro is a portable all-in-one appliance for high-speed packet capture, IoC event alerting, BPF filter event triggering, and a fully integrated analytics workflow with a collection of open source packet analysis software tools. It is an ideal tool for network performance monitoring, cyber forensics, compliance enforcement, lawful intercept, and packet data analytics. If you are a field technician, IT/ InfoSec specialist, or network engineer tasked with keeping modern digital IP networks up and running, and fully protected, you can grab CyberPro as you head out to do on-site diagnostics, plug into the network with no disruption to running operations, and start analyzing.

CyberPro is exactly the appliance you need to rapidly expose malicious cyber intruders or discover the root cause of critical network performance anomalies. Arrive on-site with CyberPro and you are sure to be the hero!

Professionals in a range of industries who are responsible for network systems or equipment can discover exciting new workflows with CyberPro in their toolset. It offers innovative new solutions for IT managers, security analysts, consultants, network analysis engineers, network field technicians/engineers, and many more.

CyberPro’s Web GUI and Post-Processing Features

  • Intuitive GUI to easily control capture operations, review logs, and route data
  • Single-click to extract PCAPs for any logged event. No waiting.
  • Active Triggers and real-time analytics to rapidly direct critical PCAP data for post-processing
  • Multiple open source tools automatically analyze each PCAP extraction
  • Built-in PCAP streaming/throttling, so no open-source software will “choke” on too much data
  • Jump quickly between PCAP actions and your tools-of-choice for diverse analytic correlation and for data visualization like geospatial attribution and sankey diagrams.

Real-Time Analytics Features

  • Open up to 5 simultaneous Active Triggers, for targeting critical events using a BPF+ descriptor.
  • RFC anomaly logging, session and connection logging, and UID event correlation
  • HTTP, FTP, GridFTP logging
  • File hash logging for detecting data exfiltration

Packet Capture Features

  • Lossless packet capture, with configurations up to 10 Gbps, into a rolling FIFO capture store
  • Use BPF descriptors for BOTH fast search of PCAP history AND for your Active Triggers, producing real time alerts just when you need them.
  • PCAP compression in real time — overall storage amplification up to 20x (depending on % of captured traffic that is SSL or video)
  • Search PCAP data from a convenient web GUI, using easy BPF+ descriptors, immediately streaming the results from capture store to a persistent extraction store – and directly through open source software for instant analytic results.

CyberPro appliances are affordable packet forensics solutions, starting as low as USD $15,650 for the system, software, and carrying case. Rugged cases and additional services such as company branding are also available.

To learn more about CyberPro, click here.

To speak directly with a NextComputing sales engineer about your specific needs, or if you have questions about other NextComputing ultra-high-performance products, email us at sales@nextcomputing.com or call 603-886-3874.