There is also the INVEA-TECH Flowmon : http://www.invea-tech.com/products-and-services/flowmon/flowmon-overvie w http://www.cert.org/flocon/2009/presentations/Celeda_FlexibleFlow.pdf http://en.wikipedia.org/wiki/FlowMon On 04/19/2010 11:23 PM, Joel M Snyder wrote:
Looking for information on a Niksun probe, http://www.niksun.com/. Anyone have any experience, good or bad with them?
If you're looking at Niksun, you should look at NetWitness and Solera
instead.
My perception based on their presence in the market is that Niksun is
on the way to oblivion, while Solera and NetWitness are the two hot new companies in this space. NetWitness seems to be better on the analysis side, with sucky capture facilities; Solera seems to be a lot better on the capture side of the house, but is less advanced in the analysis.
I have also had a briefing from Endace, down in Kiwi-land. They seem
to think they are the bees knees when it comes to capture, but have a re ally confused message about where they are trying to go with that data. Lots of buzzwords, but I don't think they really understand the dimensi ons of the problem that they are adding. But if you just want capture, Endace might be a good solution.
jms
__________________________________________________________________ Get your own *free* email address like this one from www.OwnEmail.com