• Blackhat Banner

    LogRhythm
    Network Monitor


    Download LogRhythm Netmon Freemium


    download.png

 


Identify Emerging Threats on Your Network in Real Time with Network Monitor

 

Transform your physical or virtual system into a network forensics sensor in a matter of minutes for free with NetMon Freemium. Your investigations will come together effortlessly with extensive corresponding metadata, full packet capture, and customizable advanced correlation.

6 Ways You Can Use Netmon Freemium

  • Surface data exfiltration activities: Identify long-running sessions, “low and slow” sessions hidden in normal traffic, anomalous outbound network sessions, and other activities indicative of data exfiltration.
  • Discover operational anomalies: Verify that you aren’t seeing protocols or traffic that you think you’ve blocked or traffic between systems that should be isolated from each other.
  • Find hiding security threats: Catch security threats hiding in low-level chatty protocol like DNS, SMNP, or Kerberos.
  • Detect botnets and beaconing: Identify traffic using anomalous ports. View malformed packet headers. Recognize command and control callbacks.
  • Expose nuisance apps and bandwidth hogs: Discover when apps that are against corporate policy are being used. Find out who or what is taking up the most bandwidth
  • See where your network traffic is going: Identify outbound IP and URL destinations and classify traffic by ingress, egress or lateral motion in your network.

NetMon Freemium provides the same functionality as a full Network Monitor license, but with limits on processing, packet storage, and data forwarding. All other features and functionality are enabled and usable, including unstructured search, deep packet analytics, packet capture, and more.


 

 DDPI.pngTrue Application Identification: Identify over 3,000  applications to expedite network forensics using advanced classification methods and a commercial-grade deep packet inspection (DPI) engine.

 

FullPacketCapture.png Full Packet Capture: Capture every bit crossing your network or use SmartCapture™ to selectively capture sessions based on application or packet content. All captures are stored in industry-standard PCAP format.

 DeepPackets.pngDeep Packet Analytics (DPA): Continuously correlate against full packet payload and SmartFlow™ metadata using out-of-the-box rules and customizable scripts.  Search.pngUnstructured Search: Perform ad hoc analysis. Drill down to critical flow and packet data quickly. With our Elasticsearch backend, you have a “Google-like” search engine to streamline your investigation.
 Dashboard_2.pngAlerts & Dashboards: Perform continuous, automated analysis on saved searches to immediately detect when specific conditions are met, and then surface these instances through customizable analyst dashboards.  ApplicationData.pngFile Reconstruction: Reconstruct email file attachments to support malware analysis and data loss monitoring.

 


Minimum Requirements for NetMon Freemium

For best results, a dedicated system that meets the requirements found in the FAQ is recommended. However, NetMon Freemium can be configured to run on a smaller footprint as described on the right.

NetMon Freemium is Linux-based. The NetMon Freemium installer includes CentOS 7.2 Minimal and Network Monitor.

  • Free disk space: 60 GB
  • Memory: 12 GB RAM recommended, 8 GB RAM minimum
  • CPU/Processor: 4 cores recommended, 2 cores minimum
  • Network Interface Controllers (NICs): 2 1Gbps NICs recommended, 1 1Gbps NIC minimum

 


 NetMon Freemium Deployment Scenarios

On your own server:
For maximum performance
On a mini-PC:
For small and affordable deployments
Via a VM running on a laptop:
For capturing local traffic to/from your PC
netmon-freemium-server-icon.png netmon-freemium-mini-pc-icon.png netmon-freemium-vm-on-laptop-icon.png

 

LogRhythm Netmon Freemium

 download.png

Trusted by the Best