GigaStor to hunt zero-day breaches

CeBIT Your intrusion detection system (IDS) may have just downloaded a new security rule, but you have no way of knowing if your network has already been hit by the exploit in a zero-day attack, says Network Instruments.

The company claims the latest update of its GigaStor network traffic recorder could help you find out, however, thanks to a security forensics capability which allows it to apply Snort rules to stored network traffic. The idea is to see if a security breach occurred before the IDS rule was applied, and then drill-down to see when and where it happened, and what problems it may have caused.

Network Instruments president Douglas Smith claimed that the forensic capability could significantly change how network and security teams work together, as well as improving the accuracy and speed of problem diagnosis. "GigaStor dramatically changes the way an enterprise can troubleshoot application and network issues," he said.

He added that GigaStor pricing remains the same, starting at £17,995 for a two-port configuration.

NI also announced a new software release for its Observer network analysis family - Observer 12 - plus a reporting server which can aggregate data from dozens of Observer network probes for an overall view of the network.

Other new features in Observer 12 include MPLS analysis, the ability to expand VOIP traffic and decrypt SSL/SSH, and native IPv6 tracking, monitoring and reporting. ®