On Monday security firm nPulse Technologies launched a new version of its Capture Probe eXtreme (CPX) high-speed packet-capture appliance. The company said this fourth-generation model provides detailed search capabilities and session analysis of massive data collections as well as record network traffic at full-duplex 20 Gbps.
"Our ability to operate at sustained speeds up to 20 Gbps, capturing 100 percent of the traffic traversing a 10-gigabit network in both directions, creates a true Big Data challenge for our customers, and the most critical issue is being able to dig through this amount of information for the one event that matters most,” said Tim Sullivan, CEO of nPulse Technologies.
Thus enter CPX 4.0. The company defines it as an "ultrafast, multi-terabyte traffic recording and analysis platform" that provides deep, high-fidelity indexed storage of network traffic for direct analysis or use with other security or monitoring applications. Its "innovative" packet-level indexing makes it easy for users to quickly locate the exact packets they require to support their resolution efforts.
The appliance is typically installed in Network Operations Center (NOC) and Security Operations Center (SOC) environments to capture entire content streams. It can recognize information from a variety of security and event management systems (ArcSight, Splunk), and accept Sourcefire and FireEye security alerts.
The company claims that CPX 4.0 provides the industry’s fastest packet indexing solution by performing at 30 million packets per second. That's a 100 times improvement in search performance, and could enable users to significantly reduce incident response times even when faced with massive scale searches, the company said.
The CPX 4.0 solution also includes session-level decoding, which supposedly enhances traffic analysis so that users can capture, reassemble and analyze payloads on a per probe basis. This provides greater visibility into potential malicious activities and payloads, while also eliminating the time required to manually collate all of the packets within a session, the company said.
"With our new search capabilities, we are making this big data more manageable and less daunting. In a matter of seconds, users can search all packets to locate the exact item that will help them identify and mitigate an event," Sullivan added.
The CPX 4.0 appliance from nPulse is available now, costing $100,000 USD.
Kevin Parrish is a contributing editor and writer for Tom's Hardware,Tom's Games and Tom's Guide. He's also a graphic artist, CAD operator and network administrator.
See here for all of Kevin's Tom's IT Pro articles.