Overview

OpenText™ Network Detection & Response fuses detection, forensic analysis and proactive threat-hunting to provide high-performance enterprise security teams with full visibility. Leverage signature inspection, stateful anomaly detection and machine-learning-powered malware conviction to quickly defend against both known and hidden threats.

How OpenText Network Detection & Response can benefit business

Deploy immediately

Begin operating in minutes with a single, software-based sensors appliance and self-configuring system.

Detect and respond in real-time

Inspect network traffic from every angle with a multi-faceted suite of best-in-class threat detection.

Gain clarity

Leverage customized, easy-to-manage dashboard views to see everything that matters most in the network.

Achieve enterprise scalability

Scale in any direction to maintain network visibility with a flexible metadata repository.

Seamlessly integrate into existing environments

Export data in standard formats to existing SIEM or SOAR.

Why OpenText Network Detection & Response?

Real-time network visibility and metadata

Engage high-fidelity metadata and SmartPCAP to eliminate blind spots and see everything on the network.

Full-spectrum threat detection

Examine the network from every angle with multiple detection engines to reduce noise and optimize detection.

Advanced threat hunting

Conduct retrospective network traffic analyses and historical data testing to find threats that infiltrated an environment before known indicators were available.

Seamless response and integrations

Correlate alerts in real-time, enrich existing workflows, automate responses and prevent threats.

Key features

Cloud-ready Smart Sensors

Alerts users to both targeted and hidden threats for unparalleled detection.

Threat context

Utilizes SmartPCAP as the network traffic’s ground truth and immediately links this context to detected threats.

Easy network instrumentation

Combines network visibility, forensics and detection in a single sensor deployed as a virtual machine, physical device or cloud appliance.

Downstream visibility

Leverages 360° visibility to easily integrate response workflows and improve all other tools.

Long-term repository

Retains longer-term, session-based context in data nodes that link high-fidelity network metadata directly to events regardless of when they occur.

Cloud-hybrid software

Scales with the organization’s needs with a hardware-agnostic platform that provides needed throughput without hidden costs.