Network Security Monitoring
Do you have the tools needed to detect attacks and malware on your network?
Intrusion detection systems (IDS) and traffic analysis can be used to spot problems before they get out of control. Wireshark is sometimes a popular choice for focusing on a single client but what if you want to look at all traffic on your network?
In recent times there has been an increase in high profile security vulnerabilities. To name but a few:
“With some of the LANGuardian competitors it seems like you need 5 employees with master degrees to get them working. LANGuardian is not that way and does not consume employee resources”
CISO, City National Bank
NetFort LANGuardian is the industry’s leading deep packet inspection software for monitoring, troubleshooting, and reporting on network activity. It uses network packets as a data source and when linked to your Active Directory infrastructure you can find out who is responsible for problems on your network.
The LANGuardian security module provides an advanced network intrusion detection system (IDS) that enables real-time detection and alerting of malicious events that occur on your network. LANGuardian seamlessly integrates data from the IDS with traffic analysis data to provide an unprecedented level of visibility into activity on your network.
The LANGuardian IDS is based on Snort, an open-source network intrusion detection system that performs real-time traffic analysis on IP networks. The LANGuardian IDS takes Snort a step further by storing security events in the LANGuardian database. By integrating Snort into the LANGuardian architecture in this way, the security module extends the troubleshooting and network forensics capabilities of LANGuardian to cover back-in-time intrusion detection, while conforming to our core architectural principles of efficient storage and no performance impact.
The IDS rule-set is a combination of rules from:
- ET Open
- Bleeding Edge
Configured via a rule-based language, the LANGuardian IDS analyzes network traffic using the signature, protocol, and anomaly methods of inspection. It can perform protocol analysis and content searching/matching, and it can detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and OS fingerprinting attempts.
The NetFort LANGuardian is not just an IDS, although it includes the Snort IDS engine and a rule feed from Emerging Threats. The IDS is just one module of a tightly integrated suite of network traffic collection, analysis, alerting and storage modules. LANGuardian also enables deeper insight into daily usage and activity across the network including:
- Applications, users, bandwidth
- File accesses
- Database operations
- E-mail activity
- Web access
LANGuardian IDS signatures are updated hourly, and you can choose to apply the updates manually or automatically. You can also define your own signatures.
Find out more
If you have any questions about how LANGuardian can meet your requirements, please contact us. If you would like to see LANGuardian in action, please try our online demo system or download a free 30-day trial to try it on your own network with your own data.
Talk to us now
Talk to NetFort today. Contact us at email@example.com or call us at +353 91 426 565.
How to buy
We offer perpetual and subscription LANGuardian licenses based on the number of users on your network and the number of sensors you want to deploy. Specialized features are provided as optional modules, so you do not pay for them if you do not need them.