N1000

Network Security Appliance

Enterprise Visibility of Files to Expose Threats in Email, Web & File Transfers

Network Security Appliance

Key Features

  • 1

    Exceptional scale and coverage to extract and analyze all files at millisecond speed

  • 2

    Provides visibility to unknown threats in files from HTTP, SMTP and FTP traffic. Identifies more than 3500 file formats while classifying files “in flight” before they execute

  • 3

    Performs “retro-detection” by continually re-checking reputation on past files and alerting on status changes, including hunting with customer supplied YARA rules

  • 4

    Integrates seamlessly with SIEM and analytics platforms supplying rich file analysis reports, and scales to high volume and deeper analysis with TitaniumScale and A1000 Malware Analysis Platforms

Overview

The N1000 utilizes ReversingLabs unique File Decomposition technology to derive detailed internal indicators. File Decomposition enables deep file inspection at speeds orders of magnitude faster than sandbox products so that the N1000 can extract and classify all major file formats from the network stream in near real-time. File classification utilizes up-to-date intelligence from our industry leading File Reputation Service with a powerful rules engine to assign threat level, name and type. The results are made available through an integrated GUI and/or customer SIEMs and analytics platforms such as Splunk and Elastic search for further action.

N1000 Network Threat Visualization

The N1000 enables users to view file events, access file summary and detail information, see file network context (e.g. source, destination), search by file attributes and customize threat detection with custom YARA rules.

N1000 dashboard

N1000 Network Threat Detection, Classification and Hunting

The N1000 performs real-time classification and analysis of files in network traffic. With the optional TitaniumScale, the N1000 can be configured for even higher throughput applications. Files of interest generate reports to SIEM and analytics platforms and can be automatically fed to an A1000 Malware Analysis Platform for deeper analysis.

N1000 product graph

Ask for a Demo today

All Products