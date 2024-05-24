NIKSUN NetDetectorLive™ Description

NIKSUN NetDetectorLive is a network detection and response platform that combines packet capture, metadata generation, real-time indexing up to Layer 7, intrusion detection (signature and anomaly-based), and malware analytics. The system captures network traffic at rates up to multi-Tbps with individual links at 1, 10, 40, or 100 Gbps. The platform performs full packet capture to disk and generates structured metadata stored in the NIKSUN Knowledge Warehouse (NKW) for search and investigation. It provides real-time metadata generation on protocols including Email, Web, SSL/TLS, DNS, SSH, SMB, FTP, and Chat. The system includes Deep Packet Inspection (DPI) capabilities for analyzing network traffic. NetDetectorLive includes content-based detection rules designed to identify policy violations, suspicious activities, and Indicators of Compromise (IOC). It alerts on suspicious traffic based on metadata content for notifications on policy violations, data exfiltration, malware, and cyber-attacks. The platform integrates threat intelligence through NIKSUN-generated and third-party threat feeds. The system provides forensic reconstruction capabilities with quick search through terabytes of data for retrospective analysis. It includes application reconstruction features and Advanced Application Recognition to classify and analyze applications based on content. The platform maintains records for compliance with regulations including NIST 800-171, CMMC, GDPR, and HIPAA. NetDetectorLive is available as a Common Criteria Certified Solution and can be deployed on virtual or hardware platforms.