RSA Netwitness Decoder

NetWitness Decoder is a real-time, distributed, highly configurable network-recording appliance that enables users to collect, filter, and analyze full network traffic in an infinite number of dimensions.

Decoder is the cornerstone of the RSA NetWitness infrastructure and the key component of an enterprise-wide network-security-monitoring platform.

Unlike every other full packet capture product, Decoder fully reassembles and globally normalizes all traffic at every layer for full session analysis. The patented Decoder represents a breakthrough in network-traffic monitoring that dynamically builds a complete data taxonomy across all layers and applications, including full packets.

RSA NetWitness Decoder

Capture, reconstruct, and sessionize all network traffic up to Layer 7 enabling users to collect, filter, and analyze data in infinite dimensions.

Deployment Model

Place NetWitness Decoders wherever you want to capture traffic: egress, core, facility, or segment. They can be operated continuously or tactically, and can ingest any network capture feed from any source.

Decoders are designed to interoperate with RSA NetWitness Investigator, RSA NetWitness Informer, RSA NetWitness Spectrum, and RSA NetWitness for Logs and to push data to central RSA NetWitness Concentrators for aggregated analytical views.

RSA NetWitness Use Cases

Organizations in a variety of market sectors have deployed RSA NetWitness solutions to solve a wide range of information security challenges.
  • RSA NetWitness Continuous Monitoring: Operate your controls within acceptable risk and compliance expectations.
  • RSA NetWitness Data Leakage: Protect your intellectual property with pervasive visibility into your network.

  • RSA NetWitness Incident Response: Know everything happening across the network to respond immediately to new threats with clear answers.

  • RSA NetWitness Energy: Secure your critical infrastructure from potential advanced attacks with an actionable understanding of everything happening on your network.

  • RSA NetWitness Financial Services: Secure your sensitive data by gaining full visibility and receive regulatory compliance reports on a variety of categories pertinent to you.

  • RSA NetWitness Government: Secure your sensitive data by gaining full visibility and receive regulatory compliance reports on a variety of categories pertinent to you.

  • RSA NetWitness Healthcare: Protect patient information from advanced threats and their associated risks by understanding who and what are on your network.

  • RSA NetWitness High Tech: Actively monitor your intellectual property from cyber criminals by recording everything happening on your network and increase your security measures.

  • RSA NetWitness Retail: Know and see everything happening on your network at any time with a platform providing full visibility to identify and monitor advanced threats.

RSA NetWitness Applications

The RSA NetWitness application suite provides a powerful analytical workbench to investigate incidents, identify advanced threats on your network, and answer security questions.
  • RSA NetWitness for Logs: Deliver innovative security analytics in a merged view of network and log data sources with external threat intelligence over a scalable platform.

  • RSA NetWitness Informer: Provide enterprisewide visualization, alerting, reporting, and trending for every session, communication, service, application, and user activity.

  • RSA NetWitness Investigator: Perform real-time, free-form contextual analysis of network data captured and sessionized by RSA NetWitness.

  • RSA NetWitness Live: Accelerate your security operations center by minimizing the time it takes to identify, assess, and respond to incidents and advanced threats.

  • RSA NetWitness SDK/API: Develop any application that leverages the RSA NetWitness network capture infrastructure and application framework to solve unique IT risk challenges.

  • RSA NetWitness SIEMLink: Enable instant integration of the RSA NetWitness network-monitoring platform with SIEM and other existing enterprise security technologies.

  • RSA NetWitness Spectrum: Extract every executable automatically and analyze utilizing distinct investigation techniques for identification of malware, APTs, and zero-day threats.

  • RSA NetWitness Visualize: Render any object such as audio, documents, images, and video on the network for security visualization and interrogation over large data volumes.