Tag Archives: Endace

News, Security

Endace and Cubro Announce Partnership to Eliminate Network Blind Spots, Accelerate Investigation, and Streamline Workflows

Reading, UK; MARCH 23, 2022 – Endace and Cubro today announced a partnership to deliver fast, accurate and robust network security to their customers, combining Endace’s industry-leading packet capture and always-on network recording with Cubro’s portfolio of world class network visibility solutions.

Cubro’s Omnia product line includes network TAPs, Advanced Network Packet Brokers, Bypass Switches and Network Probes. EndaceProbe Analytic Platforms capture, index, and record network traffic with 100% accuracy and provide simultaneous hosting for a wide variety of network security and performance monitoring applications. The result of the integration is complete visibility of the network and the traffic traversing the network, both in real-time and historically.

As threat landscapes become more and more challenging, benefits of this partnership that enable customers to better defend their networks include:

  • Eliminating blind spots through more comprehensive visibility with Cubro’s TAP & Omnia products;
  • Accelerating event investigation and reconstruction with EndaceVision™ and Investigation Manager™;
  • Granular filtering of relevant network traffic and de-encapsulating tunneled traffic with Cubro’s Omnia Network Packet Brokers;
  • Streamlining investigation workflows with EndaceProbes providing the ability to record every packet on the network for a complete view of network activity.

Customers using a Software Defined Network (SDN) also benefit from this partnership. Cubro’s Omnia Network Packet Brokers can filter encapsulated traffic to provide visibility into virtualized and overlay network traffic, allowing EndaceProbes to have unrestricted access to traffic in SDN environments.

“The combination of Cubro and Endace is extremely complementary and gives customers great power and flexibility,” says Cary Wright, Endace’s VP Product Management. “It gives them access to all of the traffic flowing across the network so they can see, and record an accurate copy of, all network activity across both physical and SDN environments. For security teams that is incredibly important.”

“New leaf-and-spine data center architectures offer tremendous advantages in scalability, performance, and latency, but can present challenges for traditional network management, security, and analytics teams”, says David Burns, Cubro’s VP of Strategic Alliances. “Cubro’s platforms, based on industry leading silicon, help enterprises address these challenges. Cubro is pleased to join the Endace Fusion partner program, together leveraging new capabilities, such as enhanced security and multi-tenancy — available in these environments”, added Dave Burns.

  • Read more about the technical details of this partnership here: https://www2.endace.com/cubro.
  • Read more about the use case for SDNs here: https://www2.endace.com/cubro-sb-sdn.

Cubro is the latest company to join Endace’s Fusion Partner Program. The program provides pre-built integrations of industry-leading solutions with EndaceProbe’s powerful API to deliver higher performance, easier integration and on-demand deployment to our customers.

IT Services

EndaceProbe Release Changes the Game for Network Forensics

Latest software from Endace extends support for threat hunting and security incident response with easy file reconstruction, log generation and multi-tenant support.

London, UK, Austin, TX and Auckland, NZ: March 2, 2022: Packet capture authority, Endace, today announced OSm™ 7.1 for the EndaceProbe™ Analytics Platform. This new release enables analysts at all levels to gain deeper insight into malicious network activity from packet capture data quickly and easily.

The new features benefit customers by:

  • Enabling security analysts to easily reconstruct and extract files from recorded packet data to rapidly understand the nature and extent of threats or breaches. Analysts can analyze the actual files – malware, ransomware, executables, zip archives, exfiltrated data, and more – used by attackers to compromise user and network security and steal data. This gives analysts certainty about exactly what happened. See a short demo video here: https://www2.endace.com/osm7.1-endace-vision-demo
  • Allowing analysts to generate detailed logs – including DNS, HTTPS, TLS, SMTP, database transactions, and many others – from recorded packet data. This gives analysts rich contextual insight into activity that has occurred across the network and enables more accurate threat assessment and response. Read more here: https://www2.endace.com/osm7.1-making-forensics-easy-blog
  • Enabling MSSPs or organizations with multiple tenants to securely share packet recording infrastructure. This allows teams from different organizations or divisions to take advantage of continuous packet recording while keeping each organization’s data separate. Read more here: https://www2.endace.com/osm7.1-endace-multi-tenancy-blog

Continuous, always on, packet capture has always been the gold standard for understanding the threats traversing networks. However, until now, packet analysis has often been limited to senior security analysts with deep experience in packet forensics. The OSm 7.1 release makes packet capture more useful to security team members with little or no packet forensics experience. Junior analysts can reconstruct, extract and save files that have traversed the network along with easy-to-understand logs. This lets them quickly reconstruct and analyze malicious activity, analyze files, and see exfiltrated data without needing deep packet forensics expertise.

“Recorded network traffic is key to solving the most complex and threatening security incidents,” says Cary Wright, VP of Products at Endace. “These new capabilities, combined with the EndaceProbe platform’s always-on, global-scale network recording puts vital evidence in the hands of SecOps teams – so they can respond to threats faster and with greater confidence.”

OSm 7.1 also extends the power of always-on packet recording to multi-tenant environments such as MSSPs, federal or government organizations securing multiple entities, or large enterprises with multiple divisions. Multiple entities can now share a common recording infrastructure and each securely search, access and analyze only their own traffic.

OSm 7.1 is available immediately for EndaceProbe customers. For more information, visit www.endace.com/products