The ProtectWise Grid

ENTERPRISE SECURITY PLATFORM

[ RECORD EVERYTHING ]

Time Machine

The ProtectWise Grid™ combines unlimited visibility and the detection of complex threats that develop over time, giving the security team the strategic advantage to hunt and investigate threats through every stage of an attack. By harnessing the power of the cloud, ProtectWise has the unique ability to create an unlimited retention window with full-fidelity forensics, automated retrospection and advanced visualization—all with the ease and cost-savings of an on-demand deployment model.

 

[ ADAPTIVE NETWORK CAPTURE ]

Configure sensors to capture netflow, metadata, truncated flows or full-fidelity PCAP by protocol and application.

[ UNLIMITED FORENSIC RECORDING ]

Measure impact of newly discovered attacks going back into weeks, months or even years of past data.

[ FLEXIBLE NETWORK COVERAGE ]

Deploy sensors quickly across complex networks to improve visibility without installing and maintaining hardware.

[ SECURE API ACCESS ]

Easily integrate with existing security monitoring and workflow tools using ProtectWise comprehensive APIs.

[ UNIFIED DATA HAYSTACK ]

Consolidate all network traffic into a single, secure data store in the cloud for more powerful analytics and network threat intelligence.

[ FAST, INTUITIVE SEARCH ]

Quickly search network traffic to find the data you need to speed incident response and determine if your network has been compromised.

[ SECURE & OPTIMIZED ]

How it Works

The ProtectWise lightweight software sensors quickly deploy anywhere in the network, on any kind of network, to optimize and passively replay all network traffic into the secure cloud platform. You can place an unlimited number of sensors at the gateway, in the DMZ, in the corporate cloud and at the network core.

Secure Ingest and Storage of Data

ProtectWise

Grid

Up to 80% Compression and Network Optimization
REMOTE OFFICES
ENTERPRISE DMZ
ENTERPRISE CORE
CORPORATE CLOUD

[ PAST, PRESENT, FUTURE ]

Wisdom Engine

The ProtectWise Wisdom Engine is the closest you will come to network omniscience. By using cloud economies of scale, it provides powerful threat detection capabilities that are not possible using standalone appliances. These include continuous cross-customer correlation of threat intelligence and the industry's only automated retrospection capability.

[ NETWORK SHATTERING ]

Captures, and analyzes entire netflow using deep packet inspection of more than 4,000 applications and protocols.

[ REAL TIME & RETROSPECTIVE ANALYSIS ]

Detects threats in real time and automatically replays stored packets to discover previously unknown threats. Correlates intelligence from proprietary research, machine learning and flow-based traffic algorithms as well as multiple third party threat intelligence feeds.

[ TIME MACHINE ANALYTICS ]

Real-time intelligence triggers the retrospection and continuous rescoring of historical traffic.

[ COLLECTIVE NOISE REDUCTION ]

Collaborative correlation of security events across customers creates a feedback loop that de-noises the security environment. It's a shared brain that constantly learns, adapts, reduces false positives, and eliminates alarm fatigue.

[ SEE. ASSESS. RESPOND. ]

Security Visualized

Cut through the noise to quickly identify and respond to the high-priority threats. The ProtectWise Visualizer is an overview of your network security which allows strategic exploration into a deeper forensic workbench with powerful collaboration tools. An immersive and intuitive experience is achieved through:

[ HEADS UP DISPLAY ]

Comprehensive view of network health. Includes attack spiral, timeline, connection graph, and prioritized security events.

[ SITREP ]

Situational reporting on security events by killchain stage, threat type and severity across past and current timelines.

[ KILLBOX ]

Advanced threat visualization, deep packet exploration, event tagging, alarm management and raw PCAP download.

[ NETWORK PROFILER ]

Full visibility into network traffic and bandwidth consumption. Set data capture and replay policies for all networks, applications and protocols.

[ TRUSTED & SECURE ]

Trust, Security & Privacy by Design

Delivering the highest levels of trust, security and privacy available is our mission at ProtectWise. Our architecture, application and operations are designed to put you in complete control of your data. The ProtectWise Grid introduces no additional risk to the process of analyzing security data. Don't just take our word for it, we work with leading third-party organizations to adhere to industry best practices.

[ INTEGRATE SEAMLESSLY ]

Integration

You can integrate existing security solutions with the ProtectWise system to improve your security environment.

[ PLAYS NICELY WITH OTHERS ]

ProtectWise secure APIs work with almost any technology in the world. You can send outside data streams and analysis to the ProtectWise Visualizer or pump ProtectWise data and analytical feeds into your own proprietary visualization.

[ DEVELOPER-FRIENDLY ]

Integration is facilitated by a comprehensive set of publicly documented, secure APIs. This includes both restful and streaming APIs.

FAQ

[ BANDWIDTH ]

ProtectWise sensors use patent-pending replay technology to optimize and compress network traffic, reducing bandwidth consumption up to 80 percent and removing irrelevant traffic packets that have no security analysis value. The sensors are completely configurable, allowing you to control packet capture policies (netflow/metadata, stream heads, truncated or full PCAP).

 

[ ENCRYPTED TRAFFIC ]

The ProtectWise Wisdom Engine uses machine learning, protocol analysis, certificate extraction and other data inputs to provide valuable insight into encrypted traffic. ProtectWise also integrates with your existing SSL decryption devices to gain visibility into encrypted traffic flows.

 

[ PRICING ]

The ProtectWise Grid is a subscription service. Pricing is tiered and based on the amount of network traffic ingested and the length of time network data is retained for retrospection (1-month, 3-months, 6-months, or 1-year). No ProtectWise hardware is required and there is no additional charge for software sensors.