Symantec Network Forensics: Security Analytics

Like a security camera or DVR for your network.

Symantec Security Analytics delivers enriched, full-packet capture for full network security visibility, advanced network forensics, anomaly detection, and real-time content inspection for all network traffic. Armed with this detailed record, you can conduct forensic investigations, respond quickly to incidents, and resolve breaches in a fraction of the time you would spend with conventional processes. Security Analytics is an advanced network traffic analysis and forensic tool enabling you to:

• Thoroughly analyze all network traffic
• See the full source and scope of cyber attacks and respond faster
• Arm incident response teams with clear, concise answers and forensic evidence
• Use unrivaled data enrichment and cyber threat intelligence
• Add context to existing security tools
• Integrate with Symantec solutions to extend investigations across network, endpoint and email

Get advanced network traffic analysis and forensics to see what's happening on your network.

Simply deploy Security Analytics appliance or virtual appliance on your network and capture traffic. Let it run for a few days, then push a button and generate a comprehensive PDF report that covers full network traffic analysis and critical areas including:

• Predicted file count hidden in encrypted traffic
• The amount of encrypted traffic crossing your network
• Risky applications on the network
• Anomalous network behavior based on a benchmark of your actual traffic
• An executive summary to share with security team or management so you can prioritize activities

The Radicati group views the Advanced Persistent Threat (APT) Protection market as a set of integrated solutions for the detection, prevention and possible remediation of zero-day threats and persistent malicious attacks. Once again, Symantec Security Analytics plays a critical role in Symantec's being selected as the Top Leader in their 2019 report.

Transform manual forensic data analysis into advanced network traffic analysis and automated incident response.

With a fully enriched "system of record," your incident response teams will reduce time to resolution and answer the what, when, and how of any security incident. Find answers through comprehensive network traffic analysis and forensic evidence, including root-cause exploration, deep packet inspection, integrated reputation services and data enrichment, and advanced context-based reporting on malicious activity.

• Enrich all traffic data with the latest cyber threat intelligence
• Rely on multiple reputation sources
• Perform sophisticated anomaly detection
• Scan SCADA protocols
• Extract and broker only truly unknown files for sandbox analysis to save resources

Gain total visibility into network traffic by deploying with Symantec SSL Visibility.

Use Symantec Security Analytics to enable meticulous network forensics and monitoring across all network traffic, thousands of applications, dozens of file transports, all flows, and all packets—including encrypted traffic when deployed with Symantec SSL Visibility. Gain total forensic data analysis of your network traffic with actionable intelligence so you can quickly shut down exposure and mitigate ongoing risk.

• Conduct complete network traffic analysis, even on encrypted data
• See detailed insights from all forensic captures
• Establish policies to selectively decrypt SSL traffic
• Share encrypted traffic insight with your security applications