Extrahop: Stream processing in real time

Extrahop: Stream processing in real time

You can’t get faster than real time. ExtraHop’s stream processor actually succeeds in converting unstructured network packets into structured transmission data at line speed. Here’s the overview:

• Broad spectrum decryption: for encrypted traffic, the stream processor decrypts traffic at line speed, including Active Directory protocols and cipher suites.

• Powerful TCP state machines: Starting at the most basic level, the stream processor creates the TCP state machines for each sender and receiver communicating on the network. This allows the platform to understand all TCP mechanisms and their implications.

• Decode the line protocol and reassemble the entire stream: The stream processor decodes more than 70 protocols. This allows the processor to construct complete flows, sessions and transactions for a fluent application.

• Full Content Analysis: After reassembling packets into full data streams, the stream processor automatically detects and classifies all devices and clients communicating on the network.

• Fully Programmable Telemetry: While all analytics are available at any time, your clients can also easily customize the results so they see only the metrics and insights they need.

Here’s a sampling of other capabilities included in ExtraHop’s solution:

• Machine Learning and Global Intelligence: real-time intelligence derived from petabytes of anonymized threat telemetry collected daily makes Reveal(x) 360’s cloud-based machine learning uniquely reliable.

• Cloud Record Store and Data Indexing: By providing a cloud-based data store, Reveal(x) 360 changes both how and where NDR capabilities are deployed, and how and when they can be used.

• Data Visualization and Exploration: ExtraHop makes it easy to analyze the immense amount of information that wire data represents and derive meaningful insights.

All further information about ExtraHop’s latest solution can be found here.