Monitor your organization’s network and gain real-time network traffic visibility into your LogRhythm or New-Scale Security Operations Platform.
Vendor
Exabeam
Company Website
NetMon provides real-time network traffic visibility, integrating with LogRhythm SIEM and New-Scale Security Operations Platform deployments. It automatically identifies and categorizes traffic from over 3,500 applications using True Application Identification, advanced classification methods, and deep packet inspection. NetMon offers packet metadata derived from each network session and Layer 3–7 packet capture stored in industry-standard PCAP format with full packet capture. It also supports custom integrations and automation with a full-featured REST API. NetMon automates threat detection by comparing data with ready-made rules and customizable Deep Packet Analytics (DPA) scripts. Users receive ongoing updates with saved searches, automated alerts, and customizable dashboards. Essential information is preserved with SmartCapture™ (LogRhythm SIEM). NetMon streamlines investigation by providing access to essential packet and flow data with flexible searching, enabling users to rebuild email attachments for malware analysis and monitor for data loss. Deep Packet Analytics (DPA) builds on the NetMon Deep Packet Inspection (DPI) engine to interpret network traffic, including immediate recognition of PII, credit card information, port and protocol mismatch, and other key indicators of compromise (IOCs).
Features:
- NETWORK VISIBILITY: Immediately recognize suspicious activity. Automatically identify and categorize traffic from over 3,500+ applications using True Application Identification advanced classification methods and deep packet inspection.
- RISK MONITORING: Automate threat detection. Compare data with ready-made rules and customizable Deep Packet Analytics (DPA) scripts. Receive ongoing updates with saved searches, automated alerts, and customizable dashboards.
- POWERFUL SEARCH CAPABILITIES: Streamline investigation. Access essential packet and flow data to make your investigation easier with flexible searching. Rebuild email attachments to assist in malware analysis and monitor for data loss.
- UNDERSTAND YOUR NETWORK ACTIVITY: Harness deep packet analytics. Deep Packet Analytics (DPA) builds on the NetMon Deep Packet Inspection (DPI) engine to interpret network traffic, including immediate recognition of PII, credit card information, port and protocol mismatch, and other key indicators of compromise (IOCs).