Network Guardian Tool
An embedded network monitoring software option for Omnia
No matter the size of your company, whether a small startup or a corporation spanning sites all over the world, a secure and reliable network is the foundation of a successful business. Across all markets, services, and products, the internet is the primary means by which a company interacts with its customers providing online marketplaces, payment processing, marketing, communications and more.
Custos, a Latin word meaning a guardian, is a low cost embedded network monitoring software application option for Omnia that keeps a watchful eye on your companies’ network. It provides immediate information from the moment it is installed and develops a comprehensive understanding of your network’s behaviour over time.
Network Challenges for
small to medium sized businesses
Large enterprises have the benefit of being able to allocate extensive resources to IT staff and infrastructure to keep their networks operational and secure. Small to medium-sized business, on the other hand, typically need to work with smaller budgets and fewer dedicated IT personnel. In many small office settings, the responsibility of the network and computing platforms may just be the most tech-savvy person on staff.
Regardless, the network is no less critical to business operations and limited resources mean a network failure or security incident is even more difficult to recover from.
Which devices are connected to the network?
Is my network stable?
Is my network protected against security risks?
Do I have complete real time visibility of network behaviour?
Improve network performance and security posture
The company’s network can dramatically increase revenue, but it can also become a significant liability. Paying for services where providers fail to meet SLAs result in wasted expenditures, for instance paying for high-speed internet service where the ISP fails to deliver advertised speeds. Increasingly commonplace threats such as ransomware pose the potential for devastating losses of revenue. The ability to detect and remediate an infection immediately will prevent both financial losses and disruption to business continuity.
Network Performance Dashboard
The network performance dashboard provides visibility into network performance. The clean layout and intuitive user interface distinguishes between what’s functioning properly and any issues that need to be resolved. The dashboard provides an overview of the devices found on the network, which services are running on the devices, the performance of internet connectivity, threat detection, etc.
Custos provides continuously updated information regarding internet speed under the traffic overview section. Easily monitor the bandwidth of internet traffic by keeping an eye on inbound and outbound traffic. With this feature, you can get a deeper insight into the usage of network resources.
The network team needs to know everything occurring on the network to ensure, among other things, that no suspicious activity is overlooked. The display of Custos provides continuous threat detection monitoring and alerting. The alerts are organized by severity for efficient remediation. Regular scanning detects network anomalies and identifies unknown devices through methods such as IP scanning and suspicious DNS requests.
This feature provides a list of all services running on each device in your network such as WhatsApp, Skype, Windows update, etc. The detection is based on DPI. Loss of email, HTTP, or FTP server availability for even just one hour can result in loss of revenue for a business and therefore it is crucial to know the availability of all necessary services on devices. Conversely, this also identifies the use of unknown or deprecated services so appropriate action can be taken.
Custos implements a Rolling Capture ring buffer that continuously records network traffic to disk. WIth this feature users can perform historical and forensic analysis of packet capture data to troubleshoot performance issues, investigate threat alerts, and remediate security incidents. Recorded traffic is displayed on a timeline that provides at-a-glance information regarding volume over time. Users can select a time range or, with a click and drag of the cursor, drill down into the timeline. Custos will automatically index recorded traffic and display relevant information such as protocols, IP addresses, and ports dynamically tied to the selected time range. Selected time ranges can be exported to PCAP format while indexed information can be used as filters to further refine the PCAP prior to export. An integrated Webshark interface provides immediate traffic analysis directly within Custos or PCAPs can be downloaded directly to a local device for analysis.
Deep Packet Inspection and enriched IPFIX output
Custos can function as a network sensor to enhance various monitoring and security solutions by passively generating DPI output from network traffic. Custos may be configured to forward the data generated from its Deep Packet Inspection engine directly to third-party tools and applications, or alternatively, IPFIX records enriched with application and protocol information can be created and sent to a collector. An Omnia10 or Omnia20 can be installed inline on active links, using the built-in fail-safe TAPs, or out-of-band, collecting traffic from SPAN or mirror ports to perform this function. The Omnia120 can be deployed out-of-band collecting traffic from TAPs or paired with the EX400 bypass switch for fail-safe inline installations at speeds of up to 100Gbps. Furthermore, multiple units can be distributed across the network or even across multiple sites to build a comprehensive visibility and monitoring platform.
Tapping and Aggregation
Custos integrates tapping and aggregation functionality into its sleek, modern user interface for the Omnia10 and Omnia20. Using the intuitive “drag and drop” management interface, users can easily enable unidirectional or bidirectional tapping of network links and selectively aggregate traffic to either of the two 10 Gbps outputs, while deciding which traffic is copied to Custos for analysis and inspection. Port statistics are also readily available to monitor the overall utilization and throughput of the physical links.
Cost-effective 24/7 Network Monitoring
- Identify devices connected to the network
- Identify connectivity issues
- Immediately alert when critical devices are offline
- Identify and log network stability issues (e.g., packet loss, DNS problems,..)
- Verify your ISP is providing claimed network speeds
- Alert and triage about security threats
- Detect traffic from suspicious sources
- Detect Bitcoin and other crypto currency mining
- Deploy as a turn-key hardware device
- Easy deployment, plug & play
Custos employs an easy to use and flexible container-based deployment process for various Omnia platforms.
→ This deployment approach simplifies new software releases, as well as updates and permits, accelerated development. Furthermore, Custos applications run in an isolated environment, which provides a huge security benefit and optimizes resource assignment.
→ As a container-based solution Custos is easy to deploy on various Omnia ARM platforms or on other architectures as well.
→ Custos has excellent scalability thanks to the various CPU and memory specifications of the available Omnia platforms, offering effective solutions across networks of all sizes.
Tapping & Aggregation
Identifying High Bandwidth Devices & Applications with Custos
Custos Tolly Report
Interested in a demo?
Contact us now