The DPI-powered network probe R&S Net Sensor OEM is designed to equip cybersecurity solutions with real-time visibility of network traffic to access, aggregate and analyze network data in order to detect and mitigate cyber threats. R&S®Net Sensor OEM will be demonstrated for the first time at the RSA Conference in San Francisco in the German Pavilion section at the Rohde & Schwarz booth 5671 (North Expo) from February 24-28.
ipoque GmbH, a Rohde & Schwarz company providing market-leading deep packet inspection (DPI) software, today announced the demonstration of their recently launched cybersecurity software IP probe R&S®Net Sensor OEM at the RSA conference in San Francisco. Designed with unique flexibility, scalability, open APIs and optional data export functions, R&S Net Sensor OEM meets the demands of cybersecurity vendors by providing real-time visibility of network traffic including information on used network applications, protocols, data usage of subscribers and network devices regardless of encrypted traffic, obfuscation or masquerading (e.g. network address translation (NAT) or tethering). This way, cybersecurity solutions such as security information and event management tools (SIEM) can be extended by running their own data processing such as anomaly detection and complex correlation to detect security threats in real-time.
SIEM, for example, are a crucial part of modern network security architectures. However, unlike many other cybersecurity tools, SIEM solutions do not directly work to stop cyberattacks. Instead, SIEM solutions collect information about security events on the network to generate alerts or instruct other security controls to take a pre-set action. SIEM solutions can be invaluable for automating security incident responses. The challenge is in managing SIEM solutions to eliminate false positives and sort through the massive amount of data they supply quickly and efficiently. SIEM solutions typically only get default Syslog messages from the standard server applications but are oblivious to any other applications used within an enterprise network, including bring your own devices (BYOD) but also deep visibility behind NATing devices such as WLAN routers.
R&S Net Sensor OEM has a strong core that provides deep packet inspection (DPI) and fast packet processing to offer real-time reports on the entire network and its subscribers. This way, SIEM vendors can obtain real-time visibility into both plain and encrypted network traffic, as well as information on traffic KPIs. Weekly signature updates ensure that traffic classification is always up to date. User and control plane correlation allows resolving network data at the subscriber level and gaining insights into subscriber behaviour for analytics use cases. Additionally, R&S®Net Sensor OEM tracks 100% of all IP communication in real-time, providing outstanding performance.
R&S Net Sensor OEM and the OEM DPI software R&S PACE 2 will be demonstrated at the RSA Conference in San Francisco in the German Pavilion at the Rohde & Schwarz booth 5671 (North Expo) from February 24-28. Additionally, Rohde & Schwarz Cybersecurity will also be part of the Rohde & Schwarz booth, offering network, endpoint, application and cloud security solutions. This year’s focus will be on the award-winning cloud security solution R&S Trusted Gate, which encompasses secure collaboration in the cloud on platforms such as Microsoft Office 365™ and secure data exchange regardless of the infrastructure used. The data-centric approach to securing confidential information protects companies from cyberattacks, data theft and manipulation.
