Produktbeskrivning
The Flow Collector leverages enterprise telemetry such as NetFlow, IPFIX and other types of flow data from existing infrastructure such as routers, switches, firewalls, endpoints and other network infrastructure devices. The Flow Collector can also receive and collect telemetry from proxy data sources, which can be analyzed by the Global Threat Analytics (formerly Cognitive Threat Analytics), the multilayered machine learning engine, for deep visibility into both web and network traffic. Also, Stealthwatch Enterprise, using Encrypted Traffic Analytics, can use analytics to pinpoint malicious patterns in encrypted traffic to identify threats and accelerate response. Though this feature is built in to the system at no extra cost, it will need to be enabled upon deployment.
The telemetry data is analyzed to provide a complete picture of network activity. Months or even years of data can be stored creating an audit trail that can be used to improve forensic investigations and compliance initiatives. The volume of telemetry collected from the network is determined by the capacity of the deployed Flow Collectors. Multiple Flow Collectors may be installed.
Egenskaper
Threat detectionIngests proxy records and associates them with flow records, delivering the user application and URL information for each flow, to increase contextual awareness. This process enhances your organization's ability to pinpoint threats and shortens your Mean Time To Know (MTTK).
Flow-traffic monitoringMonitors flow traffic across hundreds of network segments simultaneously, so you can spot suspicious network behavior. This capability is especially valuable at the enterprise level.
Extended data retentionAllows organizations and agencies to retain large amounts of data for long periods.
ScalabilityPerforms well in extremely high-speed environments and can protect every part of the network that is IP reachable, regardless of size.
Deduplication and stitchingPerforms deduplication so that any flows that might have traversed more than one router are counted only once. It then stitches the flow information together for full visibility of a network transaction.
Teknisk specifikation
Allmänt
Typ av enhet | Enhet för nätverksadministration |
Höjd (U-format) | 1U |
Bredd | 42.9 cm |
Djup | 75.8 cm |
Höjd | 4.3 cm |
Vikt | 17.2 kg |
Processor / Minne / Lagring
Installerade processorer | 2 x 6130 2.1 GHz |
RAM | 512 GB DDR4 SDRAM |
Hårddisk | 7.2 TB |
RAID-nivå | RAID 6 |
Nätverksfunktioner
Formfaktor | Kan monteras i rack |
Anslutningsteknik | Kabelansluten |
Prestanda | Flödeskapacitet: 120 000 flöden per sekund |
Kapacitet | Datacache (GB): 4 |
Expansion/Anslutning
Gränssnitt | 2 x 10Gb Ethernet - SFP+ 2 x administration - RJ-45 1 x övervakning - RJ-45 |
Strömtillförsel
Nätdel | Intern strömförsörjning |
Redundant ström | Ja |
Nätspänning | AC 120/230 V |
Effekt | 770 Watt |
Miljöparametrar
Min temperatur vid drift | 5 °C |
Max temperatur vid drift | 35 °C |
Luftfuktighet vid drift | 10 - 90% |