The Packet Forensics 5B 3rd Generation Device (5BG3) is a purpose-built active defense and complex network surveillance platform designed to meet your most rigorous security requirements. This energy efficient, small form factor platform integrates two pairs of inline 10/100/1000 network interfaces, built in span port, a management interface, two 802.11 low-profile directional antennas and a power supply that uses less than 25W of power. It is an ideal platform when space is limited, but the need is great.
The 5BG3 is tailored toward specific needs in the areas of active cyber defense, lawful intercept, network intelligence collection, and communications policy enforcement.
• Deploy darknets, sinkholes, and security overlay networks
• Enforce communications policies with an extensible policy language
• Record network traffic with intelligent ring buffering
• Perform stealth packet filtering and transparent redirection
• Prevent threats from entering the network at the packet level
This comprehensive system is designed for flexibility. System options provide enhancements to network defense and surveillance capabilities.
• Advanced capabilities allow for packet-level manipulation
• Small form-factor, solid-state
• Triggers intercepts based on IP, MAC, keywords, RADIUS, DHCP, VoIP calls, behavior or other subject criteria
• Probe and Mediation capabilities
• Deploy it with no prior knowledge of the target network
• Passively discover network topology
• In-line use is safe with the 5BG3’ s hardware bypass circuitry and intelligent software
• Easy to manage with graphical software on Windows, Mac and Linux
• Supports multiple VoIP protocols
• CALEA compliant
The Packet Forensics policy regime allows multiple policies to operate simultaneously on the entire data stream. This means while you search for thousands of different strings deep inside each packet, you can also intercept VoIP calls, extract dialed digits and correlate RADIUS and DHCP log-ins with IP addresses. Each policy can have different resulting actions, such as forwarding packets to another analysis system or writing pen register-type logs. For technical experts, an advanced policy editor is provided. You can craft your own applications and take granular control over all packet processing functions.
With the Packet Forensics multi-platform graphical user interface, scaling an installation is as simple as plugging-in additional equipment and clicking on a few buttons authorizing it to execute your existing policies. Packet Forensics platforms can go from bare-metal to fully-operational in under five minutes. Our graphical user interface is available on Windows, Mac OS X and Linux platforms and allows you to manage thousands of devices in the field, even those behind NAT and firewalls. Most intercepts can be set up in just a few clicks of a wizard and even the wizards themselves can be customized to follow your specific workflow.