eGambit SNIF

Continuous analysis of network flows

eGambit SNIF detects network intrusions with signatures and flow analysis. In addition, network forensics operations can be initiated by looking at metadata, such as Netflow. Finally, passive audits are constantly performed to detct vulnerabilities.

eGambit SNIF is connected by the client to a mirroring port or TAP box where network flows can be analyzed. The eGambit SNIF VM can thus analyze the related flows in order to provide several cybersurveillance services at the network layer.

The list of flows to be studied as well as the IP addresses to follow are shared with TEHTRIS to optimize the settings during the remote deployment.

Pictogramme alarme blanc

Network intrusion detection with signatures

Pictogramme SNIF blanc

Network forensics through metadata of recorded flows

Pictogramme bouclier blanc

Passive security checks to detect vulnerabilities

BENEFITS

  • Appliance on premise
  • Automatic signature updates
  • Identification of abnormal peaks in network activity
  • Network forensics against  flows to know who spoked to whom, when, how
  • Identification of vulnerabilities within collected network flows without the need to scan or attack targets

Compliant with GDPR regulations

Since its creation, TEHTRIS has taken into account, from the very beginning, the protection of all data processed in order to ensure the security of the information systems entrusted to it, from the time of development and each time its eGambit arsenal is improved. Security and privacy by design measures are used for each step of data processing, from the collection of data in your infrastructure to its destruction on our Appliances.
TEHTRIS applies the same principles of security and privacy by design in each of its eGambit Solutions in order to protect the integrity, confidentiality and authenticity of your data.

TECHNICAL DATA SHEET eGambit SNIF