FORT POST
Network Security Monitoring
Improve your security posture by detecting security threats in real-time across your applications, network, and infrastructure easily with our easy to use network security solution.
The Benefits of Network Security Monitoring
Visibility
Provides visibility across your entire network, analyzing network traffic and hunting for threats.
Efficacy
Utilizes updated threat signatures to ensure up to date protection 24x7.
Investigate
Look inside the event and analyze the packets in detail.
Ease
Is an easy-to-use appliance that deploys inside your network to improve your security.
What does Concave FORT offer?
We offer a SOC solution as FORTPost which can be deployed inside your network.
FORTPost provides threat detection and monitoring to your network to help you improve your security posture.
It can be used for proactive & reactive approaches to identify threats & vulnerabilities, prepare you for incident response and provide you with network forensics.
Ability to track an adversary or stop malware at the edge, before it infects your assets.
FORTPost provides context, intelligence and situational visibility of the network.
The Enterprise Solution of FORTPost takes it to the next level and includes many more features such as endpoint visibility, deep packet analysis and Host-based intrusion detection.
Core Functions
FORT Post engine functions mainly on three components:
Packet Analyzer
It allows you to view PCAP transcripts and download full PCAP files. Dashboard is pre-configured to pivot to Pcap Files to retrieve full packet capture. It captures all the network traffic with full visibility to analyze it in detail. Even if it requires more space to reside but the solution comes up with fine tuning and prioritizing using unique techniques to overcome storage issues.
NIDS & HIDS
Intrusion detection system providing Network-based and host-based analyzer for network traffic or host systems, respectively, and provide log and alert data to detect events and activity. It is a rule-based system that looks at network traffic for fingerprints and identifiers that match known malicious, anomalous or otherwise suspicious traffic. Its end point security enables to perform log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. As an analyst, being able to correlate host-based events with network-based events can be the difference in identifying a successful attack.
Analysis Tools
Analysis tools providing visibility into the event data being collected and the context to validate the detection. Analysis tools provide a single GUI in which to view host based and network based events on the same windows where an analyst makes analysis of the events to figure out the severity of the event, its impact and eradication as incident response. Besides, it provides network level visibility and the events based on the time series representations, weighted and logically grouped result sets” and geo mapping of the IPs. It can also pivot packet analyzer to view insights of the packet.