/ TEHTRIS NTA
Network Traffic Analysis
TEHTRIS NTA is a tactical solution to analyze your network flows in real time, using flow capture, metadata (NetFlow) and passive audit mechanisms.
A tactical network flow analysis solution
TEHTRIS NTA is a tactical solution for real-time network flow analysis, using metadata flow capture and passive auditing mechanisms. Depending on its position in your infrastructure, TEHTRIS NTA can monitor both north/south and east/west flows.
Eliminate network blind spots
Several modules are present in TEHTRIS NTA, with signature-based detection and behavioral-based techniques. All flows are continuously learned to perform advanced analysis and detect network anomalies. By recording metadata in NetFlow mode, TEHTRIS NTA offers the ability to go back in time, looking for who talked to whom, when and how.
Superior capabilities to traditional network probes
Unlike many products, TEHTRIS NTA does not require the use of a SIEM to be useful, as the solution is directly integrated into the TEHTRIS XDR Platform to enrich this ecosystem. Moreover, TEHTRIS NTA is not only limited to signature aspects or user behavior analysis, in order to raise alerts. Indeed, some suspicious elements can be detected in other ways, such as lateral movements or slow stealth scans.
Why TEHTRIS NTA ?
TEHTRIS NTA offers unique network flow monitoring capabilities with a signature-based NIDS component, a Network Forensic component with a tactical behavioral engine, and passive auditing to reduce the exposure surface.
TEHTRIS NTA drastically simplifies the complexity of network monitoring projects in an operated mode, with TEHTRIS taking over the deployment and maintenance.
TEHTRIS NTA runs on appliances using the TEHTRIX distribution, whose entire disk is encrypted, with advanced protection mechanisms like RBAC in the kernel and anti-0-day protections.
Thanks to its internal engines, TEHTRIS NTA can easily work with IT (Internet/LAN) or OT (SCADA/ICS) environments or even with recent IoT environments.
EHTRIS NTA probes do not modify systems in production. They simply add passive collection points, so as not to disrupt the elements already in place.
TEHTRIS NTA can be your network monitoring probe, natively integrated to the XDR Platform with SOAR, CTI, hunting, compliance, incident management tools.
inside the XDR Platform
When it comes to cybersecurity, orchestrating events and reacting to threats effectively and quickly is a fundamental challenge. One of the best ways to do this is with powerful automation and artificial intelligence. That’s what TEHTRIS offers with its SOAR integrated with the TEHTRIS XDR Platform.
Discover how we create hyper automation !
MITRE ATT&CK compliance
MITRE ATT&CK is a knowledge base with a model of the behavior of a cyber attacker, reflecting the different phases of the attack life cycle according to the targeted platforms: Windows, Mac, Linux, mobile, etc.
day to deploy a TEHTRIS NTA appliance, with sniffers and alarms configured
permanent updating of detection rules without human intervention
detection rules covering all ranges of attacks from industrial to corporate networks
Preserve the sovereignty and integrity of your data
Since 2010, TEHTRIS innovates and improves its cyber defense solution, through the different modules of the TEHTRIS XDR Platform.
Choose the European leader in cyber security!
What functions does TEHTRIS NTA offer?
TEHTRIS NTA offers several functionalities, with three main axes: the network intrusion detection system (NIDS), the passive auditing system, and the Network Forensic system.
What network protocols are monitored?
We monitor all possible standard network flows, from Layer 3 to Layer 7.
Do you have functions for the analysis of encrypted flows?
Is the detection module signature based?
The NIDS part is based on signatures, while the Network Forensic part uses behavioral rules, for example to detect lateral movements and horizontal or vertical scans.
Does the appliance have a netflow collector?
TEHTRIS NTA builds its flow collection directly in the same spirit as NetFlow, keeping the metadata related to the communications between the different devices.
Where should the NTA probe be positioned?
Does the NTA have a passive audit function?
News about TEHTRIS NTA
* © 2020 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.
** Gartner and Market Guide are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner Market Guide for Extended Detection and Response, Craig Lawson, Peter Firstbrook, Paul Webber, 8 November 2021
TEHTRIS recognized as a Representative Vendor in the 2021 Market Guide for Extended Detection and Response.
Craig Lawson, Peter Firstbrook, Paul Webber, 8 November 2021
Gartner Innovation Insight for Unified Endpoint Security, Rob Smith, Dionisio Zumerle, 12th November 2020,
Gartner Market Guide for Mobile Threat Defense, Dionisio Zumerle, Rob Smith, 29th March 2021,
Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates.