Features & Benefits
SENSORS
Physical Sensors
DIY hardware purchase/build
DIY hardware purchase/build
Virtual Sensors for VMware & Hyper-V
DIY manual configuration
DIY manual configuration
Cloud Sensors for AWS, Azure, GCP
Binary Sensors for containers & Linux environments
DIY manual configuration
DIY manual configuration
ENCRYPTED INSIGHTS
C2 DETECTIONS & INSIGHTS
NETWORK ASSET DISCOVERY AND INVENTORY
INDUSTRIAL AND OPERATIONAL VISIBILITY
SURICATA
PACKET CAPTURE
NATIVE INTEGRATIONS
PERFORMANCE
100+ Gbps Zeek per 1U sensor
3-4 Gbps max per sensor cluster
3-4 Gbps max per sensor cluster
Up to 10Gpbs
MANAGEMENT
Deployed in <15 minutes
Deployment takes weeks to months
Deployment takes weeks to months
Web management interface
Command line only
Command line only
Automatic software updates
Manual
Manual
Fleet management for up to 250 sensors
Comprehensive sensor health monitoring
RESTful API support
1-click package installation
Manual
Manual
DATA EXPORT
Export integration with SIEMs
Manual integration
Manual integration
Kafka, syslog, Amazon Kinesis, Apache Avro, SFTP
Writes to files on disk
Writes to files on disk
Default log streaming
Manual
Manual
Log stream forking to multiple destinations
DATA CONTROL
Log data reduction mode (30-50% reduction)
Filter by log type and contents
Manual
Manual
Filter by file type
Traffic shunting for large & long running flows
SECURITY & SUPPORT
Jailed processes
FIPS 140-2
Automatic security updates
Disk encryption
Manual
Manual
24/7 enterprise support from Zeek experts
ZEEK FUNCTIONALITY
Logging
File extraction
Package manager
Zeek Intel Framework
Zeek Input Framework
Zeek NetControl Framework
Zeek Notice Framework
Zeek PCAP Ingestion
Have questions?
Talk with one of our experts today.
