SilentRunner® Mobile network forensics software is like having a surveillance camera on your network.
Operating like a network surveillance camera, SilentRunner Mobile allows you to monitor, capture, analyze and graphically visualize network traffic to see exactly what is happening on your network during a proactive audit or cyber investigation. This passive network monitoring solution creates a dynamic picture of communication flows, allowing you to identify and correlate relationships between users, resources, applications and data. In addition, you can play back events from thousands of communications to validate a threat or illegal activity and perform root cause analysis. This dramatically enhances your ability to identify all offenders and exploits, build a case, and locate any stolen information or misused resources.
Detect what Signature-based Tools Can’t See
SilentRunner graphically illustrates communication flows to swiftly expose anomalies, illegal connections, and security and network problems. The time sequencing function allows you to identify network communication “habits”, anomalies and specific events. Being able to see these anomalies is a must have for detecting malware, malicious insiders and advanced persistent threats that have circumvented your perimeter defense and alerting tools.
Catch What DLPs Miss
When anomalies are identified you can drill down into the content to see exactly what is happening — for example credit card numbers being chatted outside the network or somebody visiting unauthorized websites.
Root Cause Analysis
Reconstruct events, playing back incidents in real time to determine the origin of a threat, see how it is propagating and quickly identify all compromised assets.
Network Compliance Auditing
Proactively perform network compliance audits to facilitate compliance with regulations such as FISMA, HIPPA, ISO 1779, SOX\GLB, and PCI standards.
Monitor Laptops, Even When They Aren’t Logged into Organization’s Network
With typical network forensics tools, once a laptop leaves the organization’s network, you’re blind. But SilentRunner now has a host-based analysis capability that allows you to monitor traveling employees’ internet activity, even if they are using their company laptop on public wifi.
Network Forensics Software for Real-Time Capture and Visualization
- Real-time network data is recorded into a central knowledge base that can be queried.
- Load custom filters, for example, an Excel spreadsheet with 2000 IP addresses.
- See internet activity, even on assets that are not logged into your network.
- Web reconstruction reporting: keyword searches, file transfers, video files and more, within captured Web traffic.
- Play back captured VoIP calls in seconds.
- Build threat profiles to monitor for recurrence of known threats.
- Receive real-time email alerts.
- Automatically restarts failed services without user intervention to reduce downtime.
- Several data retention options to define the length of time that data will be retained and active in the database.
Plug and Play Architecture
SilentRunner® Mobile can be installed on a single machine for mobility or you can distribute the components onto separate devices to gain visibility into multiple network segments at once and correlate network data across the enterprise.
- Easy deployment
- Default Browsers
- High-performance collection of network speeds up to 100 Mbps
- Powerful processing and indexing
- Fast insertions and extractions of data.
Correlate Network Traffic with Event Logs and Alerts
Visualize firewall events, logs from alerting technologies and pertinent network data surrounding a suspicious incident to validate the threat and perform root cause analysis.
Content and Pattern Analysis
- Determine the exact behavior of a suspect by viewing their network usage patterns and which content they’re accessing.
- Build “integrated maps” of assets or users to see after-hours usage spikes and anomalous data traffic to identify malware, malicious insiders and advanced exploits that cannot be seen by signature-based perimeter defense and alerting tools.
- See how proprietary or inappropriate information proliferated independent of keyword or linguistic matching.
- Use interactive graphical representations to efficiently analyze users, hosts, domains, applications, protocols and addresses — detecting changes or abnormalities from established network baselines.
On-demand Security Incident Playback and Analysis
SilentRunner Mobile stores and catalogs network data into a central repository allowing you to play back the exact sequence of events to ensure effective and accurate investigations.