DeepFlow Probes

With an ever increasing volume and complexity of incoming events, effective protection requires security teams to quickly identify and validate events. Until now, these teams had the choice between searching through system logs, NetFlow, or full packet captures. DeepFlow combines the essence of all 3 into a single message flow, normalized such that it is easily consumed by SIEM/NBAD/Network Analytics tools provided by security vendors and integrators.

Qosmos DeepFlow is simple; plug 2/4/10 Gb/s of network traffic into the probe, and watch it classify traffic into organized flows, describing the protocols and relevant metadata in real time. This metadata is streamed out from the probe in one of several export protocols Syslog, IPFIX, or JSON to your system of choice.

For NBAD/SIEM vendors: Incorporate a rich application data feed to enable better analysis, establish patterns of application behavior, find and confirm problems faster.

For MSSPs: Provide a differentiating service to your customers, understand the behavior of customer networks, and respond quicker.

For DDOS vendors: Detect application level DDOS attacks to quickly distinguish characteristics of malicious traffic.

For Network Analytics vendors: Instantly bring application attributes into network troubleshooting scenarios and solve network problems quicker.

Qosmos DeepFlow effectively bridges the gap between NetFlow and full-packet capture, as described below:

Search

DeepFlow Probes

Related resources

Whitepaper

DPI and Metadata for Cybersecurity Applications

Datasheet

Qosmos DeepFlow for SIEM

DeepFlow for Cybersecurity

Products

Video

Keep In Touch

News & Events

About

Resources

Information

Free Evaluation