• As an enterprise, can you track malicious and anomalous activity and trends across all network assets?
• Are there relationships between unexplained network activities across your organisation?
• How can you build global reports regarding the effectiveness of your security controls?

• NetWitness® Concentrator and Broker are high performance Linux-based network appliances that extend the reach of NetWitness NextGen™ across your entire enterprise, and facilitate real-time and historical reporting and alerting.
• For the first time, comprehensive network and application layer detail can be aggregated and analysed across multiple capture locations and made available to NextGen’s analytic applications, Informer and Investigator.
• NetWitness Concentrators aggregate clusters of NetWitness® Decoders in real-time, and NetWitness Broker provides a real-time, single, hierarchical enterprise view across your entire network.
• NetWitness® Live, fully integrated in the NetWitness infrastructure, provides users full content analysis of network threat intelligence from multiple, globally-distributed threat intelligence sources.
• NetWitness Concentrator is designed to aggregate data hierarchically for ultimate scalability and deployment flexibility across various organisation-specific network topologies and infrastructures.
• As a result, Concentrators can be tiered in deployments to give visibility into multiple capture locations.
• NetWitness Broker also is designed to operate hierarchically; however, its function is to broker queries across an entire enterprise deployment.
• Broker provides a single point of access to NextGen data and is designed to operate and scale in any network environment, independent of network latency, throughput, or data volume.
• Concentrator and Broker are fully compatible with all NetWitness analytical products.
• For more advanced applications, users can leverage NextGen’s available API/SDK to build organisational-specific applications which utilise the NetWitness NextGen™ infrastructure.

Product Features

• Supports 10G infrastructures
• Supports NetWitness® Live
• 64-bit Linux-based, modular and fully upgradeable hardware platform across the entire product line
• Easily aggregate multiple NetWitness® Decoder collection systems
• Deploy a single enterprise analysis point with Broker
• Manage and configure appliances from a single point
• Indefinitely scale your collection infrastructure upon distributed, highly manageable, real-time framework
• Expandable SAS storage capacity & supports SAN solutions
• Available API/SDK for custom application development
• Supports RSA SecurID and LDAP authentication

• Training Available