Sycope 2.3 detects network problems and identifies security threats

Sycope is introducing version 2.3 of its network monitoring and security tool. The solution is based on real-time flow analysis enriched with business context and supports companies in securing performance and improving IT security.

The new version brings numerous improvements and functional enhancements.

Sycope 2.3 records, processes and analyses all parameters contained in the data streams, supplemented by SNMP, geolocation and security feeds. This makes it possible to detect network problems, measure delays and identify security threats. The tool supports NetFlow, SFlow, IPFIX, and NSEL protocols. Sycope’s security function was developed based on the MITRE ATT&CK methodology.

Syncope 2.3’s rules and mechanisms for detecting security incidents make it possible to counter-attack and detect undesirable activities in the network at an early stage.

The complete system consists of individual modules for visibility, performance and security which can be administered under a common and informative user interface. The out-of-the-box solution is easy and quick to install, characterised by high flexibility and efficiency, and allows big data analyses with its own query language.

The new version updates include:

• User scripts, enable seamless and flexible integration with external systems or services
• 40 + network threat hunting searchers, out-of-the box to be used
• Data role-based access control (data RBAC) for streams and exporters
• Dynamic Baseline with trend analysis, visualization and recurrent comparisons
• High performance with 120k/250k fps on a single all-in-one VM

These innovations are based on the Sycope’s own research and development, implementing customer feedback from the field. The aim of the development is not only to provide data, but also the necessary answers to effectively improve performance and security in the network.