CYBERPRO 2
CYBERPRO 2
CYBERPRO 1

Appliances

The Packet Continuum software package can be deployed on a wide variety of platforms and form factors such as enterprise-grade commodity servers from leading vendors like Dell, as well as unique compact and deployable capture appliances for diverse environments.

CyberPro 1G/10G is the perfect tool for today’s Cyber-Hunters, IT/InfoSec specialists, and field network engineers, whose mission is to keep modern digital IP networks up and running – and fully protected. 

 

Key Features

 

-LOSSLESS CAPTURE

2 options for lossless packet capture: 1-3Gbps, 5-10Gbps

-SIMULTANEOUS SEARCH

Stream initial search results of PCAP, NetFlow, and log files to any visualization tool, even while a critical search in on-going. No more waiting for endless query response times!

-ACTIVE TRIGGERS

Use real-time, dynamic, user-defined Active Triggers and real-time analytics to rapidly direct critical PCAP data for post-processing, using any of multiple third-party open source DPI software packages, conveniently pre-installed and ready-to-use within CyberPro 1G/10G.

-EXTENSIVE LOGGING FEATURES

RFC anomaly logging, file download event logging, multi-protocol event / metadata logging. The Log Investigator also allows for search, cross-correlation and extraction: HTTP, files, DNS, email, user agents, NetFlow, TLS/SSL, and VOIP.

-EFFICIENT DATA MANAGEMENT

CyberPro 1G/10G’s built-in PCAP streaming means that no third-party software will “choke” on too much data throughput during PCAP post-processing.

-UNIFIED GUI

CyberPro 1G/10G’s interactive dashboard drives your investigation workflow. You control capture operations, check the scrolling alert log, and quickly extract PCAP or NetFlow data into Wireshark, or log/metadata findings results into CSV or text. Streaming results are also remotely accessible, both from a host-based WebGUI over the REST interface, and even from a streaming output port into any 3rd party forensics tool.

-VISUALIZATION

Visualization is pre-installed and hard-wired into the CyberPro 1G/10G workflow, using open industry-standard data file formats: PCAP & NetFlow records open in WireShark; log searches open as CSV files; reports as TXT/RTF files.

 

Download Datasheet

 

The CyberPro Plus 10G+ combines Packet Continuum with a briefcase-sized portable workstation for 10Gbps and higher continuous lossless capture, massive storage, and an integrated display for real-time visualization and analysis. It is an all-in-one capture / triage tool for ad-hoc threat hunting, incident response, or network troubleshooting, wherever you need to work.

Key Features

  • HIGH-SPEED CAPTURE

10Gbps+ continuous lossless packet capture

  • LARGE CAPTURE TIMELINE STORAGE

20TB PCAP Capture Store (with upgrade options to 200TB) via fixed or no-tools removable drives

  • TSA-COMPLIANT

Less than 30lbs. airline carry-on with the system and soft bag. Less than 50lbs. as a checked bag with the rugged transit case

  • REAL-TIME PACKET ANALYTICS
  • Lossless packet capture at line rate
  • Policy management
  • Real-time alerting/detection (standards based)
  • Defended assets, defended services, IDS alerts, IoC alerts, malware and event logging – at line rate
  • Event-based and simultaneous PCAP session search/retrieval
  • Data compression in-line
  • SIMULTANEOUS SEARCH

Stream initial search results of PCAP, NetFlow, and log files to any visualization tool, even while a critical search in on-going. No more waiting for endless query response times! CyberPro Plus 10G+ includes a unique threat-hunting feature: Use a SNORT/SURICATA rule set for “Retrospective Detection” of PCAP history. Find out if a newly discovered IoC was active in your network – even before the threat was known!

  • ACTIVE TRIGGERS

Use real-time, dynamic, user-defined Active Triggers and real-time analytics to rapidly direct critical PCAP data for post-processing, using any of multiple third-party open source DPI software packages, conveniently pre-installed and ready-to-use within the system.

  • EXTENSIVE LOGGING FEATURES

RFC anomaly logging, file download event logging, multi-protocol event / metadata logging. The Log Investigator also allows for search, cross-correlation and extraction: HTTP, files, DNS, email, user agents, NetFlow, TLS/SSL, and VOIP.

  • EFFICIENT DATA MANAGEMENT

CyberPro Plus 10G+’s built-in PCAP streaming means that no third-party software will “choke” on too much data throughput during PCAP post-processing.

  • UNIFIED GUI

CyberPro Plus 10G+’s interactive dashboard drives your investigation workflow. You control capture operations, check the scrolling alert log, and quickly extract PCAP or NetFlow data into Wireshark, or log/metadata findings results into CSV or text. Streaming results are also remotely accessible, both from a host-based WebGUI over the REST interface, and even from a streaming output port into any 3rd party forensics tool.

  • VISUALIZATION

Visualization is pre-installed and hard-wired into the CyberPro Plus 10G+ fully integrated analytics workflow, using open industry-standard data file formats: PCAP & NetFlow records open in WireShark; log searches open as CSV files; reports as TXT/RTF files.

  • OPTIONAL FEATURES
  • Penetration testing / security scanning tools package for more active analysis
  • Carrying bag or rugged case for easier transportation
  • Rugged case for securely storing removable hard drives 

Download Datasheet

 

The CyberPro Plus 100G combines Packet Continuum with a briefcase-sized portable workstation for 10Gbps and higher continuous lossless capture with configuration options for 4x25G or 2x100G capture interfaces (100Gbps aggregate) continuous PCAP capture only and post analysis / search.

Key Features

·         HIGH-SPEED CAPTURE

10Gbps+ continuous lossless packet capture. Configuration options for 4x25G or 2x100G capture interfaces (100Gbps aggregate) continuous PCAP capture only and post analysis / search

·         LARGE CAPTURE TIMELINE STORAGE

20-200 TB storage options via fixed or no-tools removable drives, additional storage up to 200TB

·         TSA-COMPLIANT

Less than 30lbs. airline carry-on with the system and soft bag. Less than 50lbs. as a checked bag with the rugged transit case

·         REAL-TIME PACKET ANALYTICS

  • Lossless packet capture at line rate
  • Policy management
  • Real-time alerting/detection (standards based)
  • Defended assets, defended services, IDS alerts, IoC alerts, malware and event logging – at line rate
  • Event-based and simultaneous PCAP session search/retrieval
  • Data compression in-line

·         SIMULTANEOUS SEARCH

Stream initial search results of PCAP, NetFlow, and log files to any visualization tool, even while a critical search in on-going. No more waiting for endless query response times! CyberPro Plus 100G includes a unique threat-hunting feature: Use a SNORT/SURICATA rule set for “Retrospective Detection” of PCAP history. Find out if a newly discovered IoC was active in your network – even before the threat was known!

·         ACTIVE TRIGGERS

Use real-time, dynamic, user-defined Active Triggers and real-time analytics to rapidly direct critical PCAP data for post-processing, using any of multiple third-party open source DPI software packages, conveniently pre-installed and ready-to-use within the system.

·         EXTENSIVE LOGGING FEATURES

RFC anomaly logging, file download event logging, multi-protocol event / metadata logging. The Log Investigator also allows for search, cross-correlation and extraction: HTTP, files, DNS, email, user agents, NetFlow, TLS/SSL, and VOIP.

·         EFFICIENT DATA MANAGEMENT

CyberPro Plus 100G’s built-in PCAP streaming means that no third-party software will “choke” on too much data throughput during PCAP post-processing.

·         UNIFIED GUI

CyberPro Plus 100G’s interactive dashboard drives your investigation workflow. You control capture operations, check the scrolling alert log, and quickly extract PCAP or NetFlow data into Wireshark, or log/metadata findings results into CSV or text. Streaming results are also remotely accessible, both from a host-based WebGUI over the REST interface, and even from a streaming output port into any 3rd party forensics tool.

·         VISUALIZATION

Visualization is pre-installed and hard-wired into the CyberPro Plus 100G fully integrated analytics workflow, using open industry-standard data file formats: PCAP & NetFlow records open in WireShark; log searches open as CSV files; reports as TXT/RTF files.

·         OPTIONAL FEATURES

  • Penetration testing / security scanning tools package for more active analysis
  • Carrying bag or rugged case for easier transportation
  • Rugged case for securely storing removable hard drives

 

Download Datasheet

The intelligent, compact design of the CyberPro Plus X allows for both easy transport and expandability. Whether you need cyber analytics in the field, or the flexibility to grow your toolset with your changing needs, the CyberPro Plus X has you covered.

 

Key Features

·         HIGH-SPEED CAPTURE

Up to 20Gbps continuous lossless packet capture with simultaneous search and analytics support. Configuration options for 2x25G (50Gbps) continuous PCAP capture only and post analysis / search.

·         LARGE CAPTURE TIMELINE STORAGE

10-200 TB storage options via fixed or no-tools removable drives, additional storage up to 200TB

·         REAL-TIME PACKET ANALYTICS

  • Lossless packet capture at line rate
  • Policy management
  • Real-time alerting/detection (standards based)
  • Defended assets, defended services, IDS alerts, IoC alerts, malware and event logging – at line rate
  • Event-based and simultaneous PCAP session search/retrieval
  • Data compression in-line

·         SIMULTANEOUS SEARCH

Stream initial search results of PCAP, NetFlow, and log files to any visualization tool, even while a critical search in on-going. No more waiting for endless query response times! CyberPro Plus X includes a unique threat-hunting feature: Use a SNORT/SURICATA rule set for “Retrospective Detection” of PCAP history. Find out if a newly discovered IoC was active in your network – even before the threat was known!

·         ACTIVE TRIGGERS

Use real-time, dynamic, user-defined Active Triggers and real-time analytics to rapidly direct critical PCAP data for post-processing, using any of multiple third-party open source DPI software packages, conveniently pre-installed and ready-to-use within the system.

·         EXTENSIVE LOGGING FEATURES

RFC anomaly logging, file download event logging, multi-protocol event / metadata logging. The Log Investigator also allows for search, cross-correlation and extraction: HTTP, files, DNS, email, user agents, NetFlow, TLS/SSL, and VOIP.

·         EFFICIENT DATA MANAGEMENT

CyberPro Plus X’s built-in PCAP streaming means that no third-party software will “choke” on too much data throughput during PCAP post-processing.

·         VISUALIZATION

Visualization is pre-installed and hard-wired into the CyberPro Plus X fully integrated analytics workflow, using open industry-standard data file formats: PCAP & NetFlow records open in WireShark; log searches open as CSV files; reports as TXT/RTF files.

·         OPTIONAL FEATURES

  • Penetration testing / security scanning tools package for more active analysis

Download Datasheet