Savvius Introduces Vigil 2.0 to Leverage Network Forensic Management

By CIOReview | Tuesday, March 8, 2016

WALNUT CREEK, CA: Savvius™, Inc., one of the leaders in network performance management and security investigations through Packet Intelligence Solutions proclaimed Savvius Vigil™ 2.0. The latest release of robust innovative security appliance by Savvius integrates intelligent packet capture and long-term storage which permit organizations to resolve any breach incident. To identify the source and to understand network security events profoundly, organizations essentially need to make way through the original malicious packet data. Vigil 2.0 can trail and store huge amount of network traffic generated from hundreds of alerts accumulated in a day or months. With this unique feature, Vigil 2.0 poses to be the only security appliance solution that allows network forensics to scrutinize breaches happened in the past which has no network traffic records.

"When incidents are discovered, the ability to quickly close the loop between the initial alert and the breach analysis is critical for businesses. Without the actual network packets on hand, and without the ability to quickly recall and filter those packets, investigations can take months or even a year," said Keatron Evans, principal at Blink Digital Security.

Savvius Vigil 2.0 also comes with various intrusion detection systems (IDS) and intrusion prevention systems (IPS) that capture packets elicited by security alerts. Moreover, Vigil can store more than 50 TB of packet-level information seamlessly at the speed of 3Gbps and also, it intelligently stores essential packet-data information which makes long-term packet storage more constructive. Utilizing this packet-data information, network security examiners can dig inside the breach incident effortlessly with foolproof analysis and provide investigation a momentum.

Vigil 2.0 generates ‘pcap’ files that are incorporated by any network forensic software; and with the latest developments, Vigil can accommodate more data and expand search capability based on traffic characteristics such as IP address, port, protocol, application, and alert criteria.

Investigators reckon on log files and metadata, which are often rigged by intruders, whenever security incidents are triggered in a network. "If the attacker knows where the log data is stored, they can easily cover their tracks by manipulating the records. Vigil offers secure and reliable access to the packet-level information, which is almost impossible to modify, especially when data is being captured prior to the penetration." added Evans.