Business 
For Home 

Threat Sharing and Network Analytics

Block, detect, and understand advanced threats faster

Key Features
Data Sheet Icon

Solution Brief:
Deep Discovery Family
Data Sheet Icon

Datasheet:
Deep Discovery
Network Analytics
Play Icon for a Video

Video:
Network Analytics Overview

Integrated products

  • Deep Discovery Director 3.0 or later
  • Deep Discovery Inspector 5.1 or later
     

Virtual appliance

  • Virtual machine with the following minimum specifications:
  • Hypervisor: VMware vSphere ESXi 6.5, Microsoft Hyper-V in Windows Server 2016
  • Deep Discovery Director - Network Analytics is an appliance based on CentOS Linux 7 (64-bit) 
  • Network interface card: 1 with 1 Gbps adapter
  • SCSI controller: LSI Logic Parallel
  • CPU: 1.8 GHz (8-12 cores)
  • Memory: 64 GB 
  • Hard disk: 6 TB (thick provisioned)
     

With this configuration and a typical enterprise level of network traffic, Deep Discovery Director - Network Analytics can service:

  • Up to 4 DDI-1000 devices
  • Up to 1 DDI-4K device
     

With this storage capacity, the amount of time for which network data can be retained and hence correlations are available as: 

  • For 1 DDI-1000 device: 4-6 months 
  •  For 1 DDI-4K device: 40-45 days
     

Management console

  • Google Chrome(TM) latest version
  • Mozilla(TM) Firefox(TM) latest version
  • Microsoft(TM) Internet Explorer(TM) latest version

Recommended resolution: 1280 x 800 or higher

Detect threats faster with advanced sharing

deep discovery cyber threat chart

Staying ahead of the threat landscape is difficult, especially when you are managing multiple security solutions. Deep Discovery ingests the latest advanced threat intelligence, or Indicators of Compromise (IOCs), from threat feeds and custom inputs and shares the IOCs with Trend Micro and third-party solutions.

This enables all the connected products to detect and block the previous unknown threats, giving your Security Operations Centre (SOC) greater visibility and control against attacks.

Prioritise and simplify attack data

Detecting, alerting, and blocking threats can produce a glut of data, some of it relevant, some of it not. To assist security professionals in the time-consuming task of combing through the potential thousands of alerts or logs each day, Deep Discovery Network Analytics shows: 

  • What was the first point of entry of the attack?
  • Who else in the organisation has been impacted by the attack?
  • Where was the threat calling out to? (command and control communication)

Get real-time visibility into targeted attacks

In some cases, you may think the attack started today, but, in fact, the breach happened weeks ago. An easy-to-read Sankey diagram lets you see every step of the attack, dating back 90 days. Deep Discovery Network Analytics extracts metadata from the network traffic and correlates the events in a graph for real-time visibility. You get faster resolution with fewer people involved and a bigger picture of the full attack.

Get started with Threat Sharing and Network Analytics
Analyst Working on Cloud Server

Protect more

Deep Discovery Inspector not only monitors inbound and outbound traffic, but also lateral movement to detect and block advanced threats that may have evaded existing security.

Deep Discovery Analyser provides advanced sandbox analysis and detects threats to extend the value of security products.

TippingPoint® Threat Protection System gives you high-speed, inline IPS inspection, offering comprehensive threat protection against known and undisclosed vulnerabilities with high accuracy and low latency.