Network Visibility Engine

Netcognize Network Visibility Engine (netNVe) is an OEM Software Development Kit (SDK) to accelerate traffic inspection for products and solution that requiring real-time network traffic visibility.

netNVe is embedded into our data loss prevention solution to add richer traffic analysis capabilities.

This engine is composed of these software libraries and tools :

  • netDPI engine

    netDPI engine is a next-generation deep packet inspection (DPI) technology to enable real-time, Layer-7 application identification. It stands between the internet and the organization network and provides full surveillance over the passing data.

  • L7++

    L7++ is a plug-in based network application layer dissector and analyzer. It processes further layers of data to recognize and then extract information from different file types and protocols. This application recognizes corrupted protocols and extract as much data as possible. Likewise for a corrupted or noisy stream L7++ is capable to extract any data including partial data.

  • Netcognize Signature Module (NetSM)

    NetSM includes thousands of protocol and application plugins to classify flows and extract metadata. 

  • Newtork Special Fuzzer (NSF)

    NSF continuously monitors protocols and applications and applies changes to NetSM to ensure they are always up-to-date

Highlights

  • Layer 7 Visibility Applications
  • Real-time Classification based on IP , Metadata and Protocols
  • Behavioral & Statistical Analysis - calculates and tracks a number of behavioral and statistical items within each traffic flow.
  • Hyperscan pattern matching technique
  • Data extraction even from corrupted streams
  • Flexible design (supports new protocols easily)
  • Minimum impact on network performance
  • Intel® DPDK-based Technology

Key Features

  • Identifies of over 100 Layer-7 network protocols ,such as HTTP, HTTPS, FTP, NFS, SMB, BitTorrent, POP3, SMTP, IMAP, XMPP, Jabber, SIP, H323, RTP …
  • Identifies various file types such as MSOffice, OpenOffice, PDF, JPEG, PNG, BNP, GIF, TIFF, SVG, CAD, MPEG, AVI, DivX, WMV, Wave, RealAudio, Ogg, uLaw,G.729, GSM, Zip, Rar, Tar, gZip, bZip, z7, Arc, LZA ...
  • Ability to pass 10G and 40G traffic on a suitable commodity hardware
  • Provides user identification based on IP
  • Provides user based firewalling rules for web and other Layer-7 applications