A complete packet capture appliance and network security tool
Whether it’s troubleshooting a network issue or a response to a security incident, SentryWire can provide you full visibility into your network traffic, past and present.
SentryWire is the next generation packet capture appliance and network security platform. Based on a unique capture and storage architecture, it breaks the performance, scalability and expense barriers of existing frameworks – and brings new thinking to network sniffing. The system supports capture rates from 1Mbps to 100Gbps, allowing retention of network traffic for weeks, months and even years at price points that can be as little as 20% of the cost of other systems.
Imagine a Hadoop like architecture that’s engineered to scale out computation and storage to provide the fastest search in the industry even in packet stores of 100PBs. SentryWire offers high-speed packet recording with real-time analytics, visualization, and BPF syntax filters. It detects intrusions, minimizes damage caused by breaches and enables complete packet level analysis of any incident.
The SentryWire packet capture platform allows an extended timeline of traffic to be recorded and analyzed at commodity prices, using new or existing analytics. Why is this important? On average it takes 146 days to detect certain state sponsored intruders in a network and without a high fidelity recording of the network traffic enterprises cannot make a definitive determination of when intruders got in, how they got in or exactly what data was exfiltrated.
Full network packet capture
Go beyond metadata to high fidelity traffic records. SentryWire is a new breed of packet capture appliance. It isn’t a network sniffer tool that inspects packets and retains the metadata - it captures and stores all network IP packets, filters them against known signatures, and continuously inspects and analyzes for signatures that materialize once the traffic is filtered, collected and stored.
Powerful and fast search
Search petabytes of network traffic in minutes. How? SentryWire’s architecture can scale search as it scales computation and storage. It searches over smaller data stores, dramatically increasing search results. And it manages very large PCAP files reducing them to digestible bites so that search results are streamed almost immediately and don't bog down the network.
Extended packet capture timeline
Extend the timeline of packet capture from days to years. SentryWire can store tens of petabytes of network traffic at low cost, because even with the best enterprise security tools organizations need to go back further than 146 days from the discovery of the breach, to get to the root of the problem and determine which data was accessed and exfiltrated.
Fast capture speed
SentryWire can scale from 1Mbps to the fastest current market bandwidths: 100Gbps, and guarantees the best lossless capture performance on the market.
It’s capture rates, as well as the rates packets are moved around the appliance and the cluster nodes, means SentryWire can continuously capture even the busiest traffic. And its architecture will continue to grow with network bandwidth capabilities.
Accelerate network incident response times and troubleshooting. SentryWire includes the open source and SNORT-centric Security Onion as its IDS. Security Onion components have the best data feeds for their intended purposes. SentryWire will also connect to the industry's leading IDS platforms.
SentryWire's Application Node and the RESTful API will instrument to the world's leading commercial, open source and custom visualization platforms, including 3D interfaces - so security engineers can isolate anomalous activity. SentryWire will also instrument to existing tools to provide log correlation and aggregation visualization solutions, with fast and seamless access to metadata logs.
SentryWire also integrates with existing analytic tools and platforms. It uses BPF syntax and primitives to filter large amounts of data down to a very manageable size so that customers can run additional tools, such as ELSA, SPLUNK and ArcSight, to uncover deeper insights regarding potential threats.
Pick your SentryWire solution
Browse the different SentryWire solutions to find the one that is perfect for your organization.
Partners and open API
Integrating SentryWire: partners and open API
Need to integrate with existing technologies? SentryWire partners a broad range of leading vendors in threat analysis, network and application performance management, networking and more. It means a wide range of ready to use integration options. Your platform not listed? No problem, SentryWire has an open API.
Justifying and implementing proactive security technology – a proposed framework
The question no longer is if an organization will be affected by a security breach but when. How they will be affected and how effective and timely the response will be comes down to understanding, preparedness and tooling. This whitepaper discusses the threats enterprises face today and the DNA of a modern, effective security framework - and proposes a proactive and holistic approach to data security.
Get a demo
See what full SentryWire can do for you
Please fill the fields marked with an asterisk to complete the form.
You’ll get an email shortly confirming your demo request. Then one of the team will contact you to arrange a date and time that best suits you.
Discover more about SentryWire and Axim.
A global partner for SentryWire
We help organizations better manage CX risk, to better protect their customer loyalty, corporate reputation and commercial bottom line. Cybersecurity is key to our business: just look at Facebook, Equifax and Dixons to see how major security breaches are impacting CX. Learn more about our data and technology risk-management solutions, and our range of CX governance offers and platforms.