Scalable, multi-tenant solution for real-time security analysis and forensic investigation for MSS platforms, cloud deployments, or local data center installations
Network Behavioral Anomaly Detection – Redefined:
- M3 for Data Security learns the behaviors that are typical on your network, remembers the common outliers, and tracks typical patterns for each time of the day. Deviations are caught, detecting network reconnaissance, data exfiltration, DDoS attacks, and many interesting but unwanted behavior changes on your network.
- M3 for Data Security can handle unlimited volumes of traffic data by making optimal use of modern multicore processors. And if a single server is not enough, M3 for Data Security will seamlessly spread over multiple physical servers, giving you unlimited processing power in a M3 for Data Security cluster.
Find the Flow:
- Thanks to a full-fidelity parallel database, M3 for Data Security is capable of recalling every individual traffic flow that crossed your network, no matter how long ago. Offering unlimited filtering capability to find the individual communication that proves the source of the malware, the control of the botnet, or the destination of your sensitive data.
Easy Web Access:
- M3 for Data Security can be accessed through any web browser enabled device, allowing you the flexibility to protect your network from anywhere, anytime.
- By logically separating flows from individual users, M3 for Data Security allows you to handle thousands of customer networks through a single M3 for Data Security installation. No need for separate deployments.
NetFlow, sFlow®, IPFIX, CFlow, JFlow, and PCAP:
- M3 for Data Security is compatible with all common flow formats, sampled or not. Our free software flow exporter is available for download and can actively generate NetFlow of passing traffic, or process PCAP files in batches.
- If your exporters support NetFlow v9, IPFIX, or sFlow®, M3 for Data Security is fully IPv6 compliant. It can be deployed in full IPv6 environments, and works seamlessly in mixed IPv4/IPv6 networks.
Commandline tools and APIs:
- Flexibility of integration through a complete set of JSON and Commandline APIs is available and supported.
Find the “bad guys” on your network before they cause trouble.