Microolap EtherSensor PCAP Edition is an evaluation version of Microolap EtherSensor.
This distribution is intended for:
initial self-familiarization with the functionality of Microolap EtherSensor;
maintenance of the full working version of Microolap EtherSensor (testing and debugging of filters, rules and detectors) without risk for its functioning in the production environment.
EtherSensor is a high-performance platform for extracting events and messages from network traffic in real time.
The main properties of the EtherSensor are:
A significant number (several thousand) of Internet services known to EtherSensor.
High performance: streamed processing over 20Gbps+ links.
Delivery of events, messages and metadata to any subsystems of SOC (DLP, SIEM, UEBA), as well as various Compliance Archiving/Enterprise Archiving and eDiscovery systems.
High uptime without maintenance.
Working on the off-the-shelf hardware, low footprint.
EtherSensor consists of several Windows services which interoperate to intercept and analyze application-level messages and metadata (normally network users messages). The resulting messages, message metadata or data extracted from them are delivered to consumer systems.
The common use of EtherSensor is in the following tasks:
To prevent leaks of confidential data (DLP systems);
Security information event management (SIEM systems);
Enterprise Archiving/Enterprise Search (Compliance Archiving and eDiscovery).
Windows Server 2008,