Bitdefender Network Traffic Security Analytics

Real-time breach detection.
Autonomous Response. Complete visibility​

Cloud threat intelligence, Machine Learning and behavior analytics applied to network traffic to detect advanced attacks early and enable effective threat response

 

Bitdefender Network Traffic Security Analytics (NTSA) detects advanced attacks in real-time, provides threat context and triggers autonomous incident response. NTSA uses a combination of machine learning and behavior analytics with insights from Bitdefender cloud threat intelligence – consisting of 500 million sensors globally – to detect threats for all entities, managed or unmanaged, for encrypted or un-encrypted network traffic.​

Network security analytics

NTSA is a plug-and-play, out-of-band solution, with flexible deployment options, that focuses on traffic meta-data and enables analysis over longer periods of time to accurately detect the most sophisticated malware and Advanced Persistent Threats (APTs) with high fidelity. The integration with Bitdefender GravityZone enables autonomous response to quickly remediate security incidents

Realtime threat detection for any network device

Provides complete threat related network activity for any device on the network.

Save time with autonomous incident response

Automates threat response by integrating with GravityZone to reduce the response time.​

360 degree visibility and cyber threats insights

Gives detailed security incident explanation with suggested course of action for fast incident investigation and response.​

Features and benefits

Advanced Threat Detection

Live analysis of all network traffic, including encrypted​.
High fidelity alerts using AI/ML & insights from 500 Million sensors​.

Complete Visibility and Context

Detailed attacker Tactics Techniques & Procedures (TTP).
Alerts and incidents investigations expedited with automated triage.​

Autonomous Response

Automatically triggers response in GravityZone for NTSA Level 1 alerts.
GravityZone scans the affected endpoints, removes the threat and/or quarantines the endpoint(s).

IOT & BYOD Protection

Learns & tracks all entities on-premise, in cloud or on SaaS.
Non-intrusive. No complex log or agent integrations​.

On-premises and Cloud

Choose from on-premises or cloud management to fit your needs.

Compliance

Compliant with PCI, GLBA, NIST, GDPR, PDPA regulations and others.
Use of meta-data eliminates privacy concerns.

Real-time threats visibility and
effective incident investigation

Did you know the average time to detect a breach resulting from an advanced attack is about 6 months? Meanwhile, the security teams are overwhelmed with security alerts that need to be investigated. Bitdefender NTSA can help give back control and reduce risk by providing real-time visibility across environment and effective incident investigation capabilities. It works by applying ML and Behavioral Analytics with insights from Bitdefender Threat Intelligence to detect advanced, stealthy threats. Bitdefender NTSA IntelliTriage automates security alert triage so security analysts saves time on hunting for that illusive threat.

Want to learn more? Get the details on all features

 

Intellitriage

Stop alert fatigue!

IntelliTriage, automates the process of security incidents triage to accelerate incident investigation time and reduce organizational risk with high-fidelity alerts.​

It enables complex scenario-based learning to detect advanced attacks with high accuracy and corelates thousands of security alerts in order to create a clear picture of each incident. IntelliTriage provides detailed explanations and recommended remediation actions to facilitate faster incident response.

Autonomous Threat Response

Through integration with GravityZone, Bitdefender helps increase organizational resilience against advanced threats, saves investigation time and reduces the response time.​

Once trails of critical threats are detected in the network traffic, NTSA automatically triggers GravityZone to investigate the affected endpoints. Depending on the scan result, GravityZone may automatically clean-up and/or quarantine the endpoint(s) in order to effectively contain the emerging threat.

How it works

 

Thanks to the Bitdefender NTSA technology and logging functionality we were able to see exactly who had a malware infection with which device at which location. It allows us to turn suspicion into certainty

Resources

NETWORK TRAFFIC SECURITY ANALYTICS DATASHEET

COMBATING ADVANCED THREATS WITH NETWORK TRAFFIC ANALYTICS

Specs 

VIRTUAL NTSA

VMware software:
Minimum : VMware ESXi 5.1 &higher
Recommended : VMware ESXi 5.1 &higher

VMware software:
Minimum : 140 GB
Recommended : 140 GB

CPU Cores:
Minimum : 4
Recommended : 8

Memory:
Minimum : 8
Recommended : 8

V PROBE

VMware software:
Minimum : VMware ESXi 4.1 &higher
Recommended : VMware ESXi 4.1 &higher

VMware software:
Minimum : 15 GB
Recommended : 15 GB

CPU Cores:
Minimum : 2
Recommended : 4

Memory:
Minimum : 4
Recommended : 8

If you want to enjoy Network Traffic Security Analytics, take a quick start here