Anymon PRO

Anymon PRO is a network behavior analysis solution to analyze network traffic and quarantines terminals generating malicious traffic.

OVERVIEW

The signature base security solution cannot detect zero-day worms or unknown security threats. To solve this limit, you have to implement a security technology which has a method for correlated analysis between the current network state, the normal profiles of network traffic, and distinguishing mark of various threats. The technology calls as network behavior analysis and is useful as a complementary control to existing firewalls, IDS/IPS and SIEM implementations.

Anymon PRO analyses session information by patented behavioral analysis algorithm and detect network traffic anomalies including malicious traffics. The terminals generating malicious traffic are quarantined automatically from network.

FEATURE HIGHLIGHT

High Speed Network Behavior Analysis

Anymon can analyzes firewall logs at 10,000 sessions per second (150Gbytes/day) and also guarantees searching speed at 500Mbyte per second. These processing speed is equal to the processing 1 billion session logs (150Gbytes) in a few minutes.

Intelligent Network Profiling

Anymon automatically generates network profiles including normal/abnormal service, all services, services per time, network usage statistics and more. These network profile can be used in the references to detecting malicious traffics and analysis abnormal services. With this feature, administrator can easily understand the network and do rapid response against them.

Supporting various reports

Anymon provides various reports including service traffic top, source/destination traffic top per service and more. Administrator obtains all necessary reports to be used in the network security and operation management. The report can be created in PDF, XLS, DOC formats.

Supporting Hierarchical deployment for large network

Anymon might be deployed vertically or horizontally in large network between a headquarter and branches, or between a headquarter, regional headquarters and branches.

Detecting and quarantining terminals based on network behavior analysis

Anymon is detecting and quarantining terminals generating unknown malicious traffics which cannot be detected by signature based security solutions such as IDS, IPS and other solutions. This behavioral characteristics may compensate existing signature based security solutions, administrator can use it to another endpoint security infrastucture in traffic base.

Real time malicious traffic detection

Administrators know their network state in real time when malicious traffics are generated and also understand traffic behaviors by mis-configuration, P2P and online game, and service in abnormal state.


DIAGRAM

  • Network Behavior
    • Collect - Various Firewall Logs & Traffic
      • All firewall logs supporting Syslog and OPSEC protocols
      • Internal traffic information coming from Anymon Sensors
    • Storing - Compressed Form
      • Extract & store necessary fields to do behavioral analysis from original logs
    • Analyze - Behavioral Analysis
      • Malicious/Abnormal Traffic Analysis
      • 2D-correlated Analysis
      • Providing Various Types of Analysis Reports
    • Block - Real Time Quarantining
      • Detect and quarantine terminals generating malicious traffic by Anymon Sensor
      • No agents are required