MetaFlows, a provider of SaaS (News - Alert)-based IDS management solutions, has released a parallel processing implementation of BotHunter that runs on off-the-shelf hardware.
Claimed as the world’s first first multi-core implementation of a Botnet detection tool, BotHunter offers network security executives and managed network monitoring solutions providers a way to monitor almost any size network without requiring expensive, proprietary hardware.
Founded upon battle-hardened, open-source resources such as emerging threats signatures, Cyber-TA’s BotHunter dialog-based correlator, Sourcefire’s Snort VRT and more, MetaFlows’ NSM is said to reconcile and rank IDS, flow, and active (local and global) intelligence through a predictive global correlation system based on Google’s (News - Alert) page ranking algorithm, better revealing true positives while significantly cutting down on false-positive clutter.
Larger organizations had called for a solution equipped with the capability to enhance speed performance and usability and scale to their demands. The BotHunter makes use of SRI’s (News - Alert) dialog correlation technology and is purported as one of the most advanced botnet detection and network monitoring tools in the industry.
The BotHunter has been now integrated into the NSM product, enabling it to scale to enterprise-level performance by load balancing flow analysis across multiple cores. The company also explained that the NSM embeds BotHunter’s analysis within a rich set of contextual information, which includes flow analysis, IP/signature reputation, OS/service fingerprinting and log management.
Officials with MetaFlows commented that now enterprises will get to use a solution that is an enterprise-ready version of BotHunter that’s integrated into a complete, scalable network security monitoring solution capable of using commodity hardware. In order to prove its point the company is also inviting users to try it for free and see for themselves.
MetaFlows claimed that the new improvised multi-core BotHunter is a powerful, context-rich network monitoring solution.
Nathesh is a contributing editor for TMCnet. To read more of Nathesh's articles, please visit his columnist page.Edited by Tammy Wolf