VCS-NSM is a network security monitoring solution that provides real-time detection of threats at the network layer. The system uses Deep Packet Inspection (DPI) to analyze network traffic flows and identify both basic and advanced threats, including Advanced Persistent Threats (APTs). The solution deploys sensors in an out-of-band configuration using SPAN/TAP ports to capture mirrored traffic without impacting network performance. These sensors analyze traffic across multiple network zones and forward data to a central server for aggregation and correlation. VCS-NSM performs behavioral and anomaly detection beyond signature-based methods, using correlated rule engines and attack sequence analysis. The detection capabilities cover various threat types including DDoS attacks, brute force attempts, scanning activities, command and control traffic, web exploitation, and reconnaissance activities. The system includes full packet capture (PCAP) functionality for forensic investigation and traffic reconstruction. It supports analysis of common network protocols as well as industrial protocols such as Modbus, ENIP/CIP, and DNP3, making it suitable for both IT and OT environments. Detection rules are aligned with the MITRE ATT&CK framework and updated based on incident response experience. The solution provides policy-based traffic control features including IP whitelisting and blacklisting. A centralized web portal provides access to alerts, rule management, investigation tools, and forensic queries.