See the Threats Traversing Your Network
When attackers compromise the perimeter or are operating from within, you need to know. Evidence of intruders and inside threats lies within network communications. Detect network-based threats with real-time network monitoring and big data analytics. Expedite investigations by giving your incident responders access to rich forensic data. Get the visibility you need with Network Monitor.
Empower Your Incident Response Team
Do you know what’s happening in your network? Spot network-based attacks before intruders do serious damage. LogRhythm’s Network Monitor sensors capture all network communications, including full session packet captures. Incident responders can search network communication records in just seconds to understand who did what—and when.
Powerful Capabilities, Rapid Value
Due to cost and complexity, network monitoring and forensics solutions have been out of reach for many organizations. Network Monitor sensors optimally balance power with ease of use. You can deploy sensors in minutes, letting users search network session data immediately. More advanced features like Deep Packet Analytics can illuminate hard-to-see activity.
Efficiently Capture Network Sessions
Record application layer (Layer 7) details and packet data for all network sessions using SmartFlow™. You get full packet visibility—across weeks or months—with minimal storage requirements.
Quickly Search Across Session Data
Perform ad hoc analysis. Get to the right critical network capture data fast. With our Elasticsearch backend, you have a powerful “Google-like” search engine to streamline your investigation.
Capture Every Bit with Full Packet Capture
When you need to see every bit crossing your fiber, full Layer 2 through Layer 7 packet capture gives you the deepest insight possible. All captures are stored in industry standard PCAP format so your team can use existing tools and training.
Intelligently Capture Only What You Need
It can be prohibitively expensive to perform full capture for 100% of your traffic. SmartCapture™ allows you to automatically capture sessions based on application or packet content. Use it to drastically reduce your storage requirements while delivering IR teams what they need.
Know the Actual Application in Use
Network Monitor can identify over 2,500 unique applications, providing rich visibility into network sessions. We leverage a variety of techniques to determine the true application and can do so even when payloads are encrypted.
See the Hard-to-See with Deep Packet Analytics™
With LogRhythm Labs you have a cutting edge research team at your side. Use their out-of-the-box Deep Script™ rules to perform run-time analytics across full packet data in order to detect advanced threats. Create your own Deep Script™ rules to get custom insight into your network.
Flexible Deployment Options
Highly Scalable 10 Gbps Appliances
Network Monitor appliances support bandwidths of up to 10 Gbps. It can keep up as your network demands grow.
Software Appliances for Remote Sites
Network Monitor is also available as a software-based appliance, with licensing levels starting at 10 Mbps. This cost-effective and flexible solution is a great choice for monitoring low bandwidth remote sites.
See into Your Virtual Environment
Improve your visibility into virtual environments and cloud infrastructure by running Network Monitor as a virtual sensor for virtual switches.
Easily Integrate Existing Monitoring Infrastructure
Our passive sensors will easily integrate into your existing infrastructure. Whether via span port, tap, or network packet broker, your integration will be up and running in minutes.