trapwall
Overview
Ensure reliability as a basis for analyzing network infringement of major organizations
And functional verification for analysis.
title1
-Automated-analysis on extensive threat resources and suspected malicious resources
title1
-Automated-analysis on extensive threat resources and suspected malicious resources
title1
-Automated-analysis on extensive threat resources and suspected malicious resources
title1
-Automated-analysis on extensive threat resources and suspected malicious resources
Ensure reliability as a basis for analyzing network infringement of major organizations
And functional verification for analysis.
trapwall
Features
Trapwall is All-in-One solution for network intrusion detection, forensics and anomaly analysis.
High performance traffic extraction
-Extract up to 100 files per second based on 1MB file size and ensure integrity
PCAP collection
-Lossless traffic acquisition and storage based on High-performance capture
ThreatFlow
-Generate ThreatFlow optimized for threat assessment based on L2 ~ L7 analysis, threat detection, and file extraction information
Flexible expansion
-Provides quick technical support and customization for existing operating system
Ensure reliability as a basis for analyzing network infringement of major organizations
And functional verification for analysis.
High performance traffic extraction
- Extract up to 100 files per second based on 1MB file size and ensure integrity
- Supports detection and extraction of file transfer history based on 110 protocols such as HTTP, SMTP, and FTP
PCAP collection
- Lossless traffic acquisition and storage based on High-performance capture
- Support long-term and separate archiving of suspicious traffic
ThreatFlow
- Generate ThreatFlow optimized for threat assessment based on L2 ~ L7 analysis, threat detection, and file extraction information
- High-speed search and threat analysis using ThreatFlow field-based Display Filter
Flexible expansion / optimization
- Support flexible sharing system for information linkage and linkage analysis (Syslog, Restful, DB Direct)
- Provides quick technical support and customization for existing operating system
What Trapwall Can and Cannot
- Precise analysis of new threats based on file extraction and forensics (transferable)
- Pattern-based detection and detailed threat per-session information via ThreatFlow
- Analysis of service access log based on Advanced Log Generator
- Analysis and report on anomaly signs and behaviors
- Establish a preliminary identification and response strategy for infringement trial group
- No blocking function against infringement
- It has nothing to do with attack blocking and blocking function
- Distance to security equipment such as DLP for information leak prevention
- Long-term traffic trafficking requires custom support for archiving purposes
- Visibility into cryptographic traffic Needs customized support when needed
What is main features of Trapwall
All-in-One solution for network intrusion detection, forensics and anomaly analysis
- Delivered attack management solution (Trapwall) as a network forensic expert
- Possible to add interface to the solution on top of supporting protocols(HTTPS, FTPS, NFS, SCP Channel)
- Optimization (NFS, SCP Channel) function for manager transmission to collected PCAP in addition to attack information (Negotiable)
Network-based intrusion detection, forensic and anomaly detection
ThreatFlow: Practical and effective progress of NetFlow
Provide Display Filter based search UI considering ThreatFlow field-specific characteristics
- Provides network threat analysis based on NIDS, threat detection information and fast search function
- Provides matching, mismatch, inequality, Subnet search considering various types of ThreatFlow field characteristics such as integer type and string
- Provides combinational search of multiple fields using AND, OR, and parentheses