your title
Enter your description
- Roadmap
- Most voted
- Newest
-
Backlog
-
Push notifications on new alerts #1ServicenNow integration phase 1 #2RBACL for users/admins phase 1 #3Support large customers with 10G flows daily #4Incident creation #5
View More -
-
Progress
-
Save alerts as PDF #1Support multiple public IP addresses #2Host map view #3BGP community peering #4Netflow web domain reputation #5
View More -
-
Complete
-
Alert details screen #1Investigation Panel #2Whitelisting IP #3Blacklisting IP #4Change Status for Alert #5
View More -
-
-
BGP community peering # 27
allowing customer\'s border router to receive prefixes via BGP and block communication to malicious (blacklisted) IP address on the edge of network
-
-
-
Whitelisting IP # 12
Allows whitelisting an IP when IP is NOT malicious. There will be no alarms generated for that IP anymore.
-
-
-
Blacklisting IP # 13
Opposite to whitelisting, allows the alarms to be generated for that IP.
-
-
-
Netflow DNS domain reputation # 29
support checking of DNS domain reputation (domain sent in netflow records)
-
-
-
Whitelist blacklist management # 16
manage your own custom whitelists and blacklists
-
-
-
Host role mapping # 25
analyses the traffic generated by host and assigned a role
-
-
-
Support of analytics of AWS VPC flow logs # 23
ability to perform analytics of AWS generated traffic
-
-
-
Host risk mapping # 26
analyses the risk based on the malicious communication to/from host
-
-
-
Netflow web domain reputation # 28
support checking of web domain reputation (domain sent in netflow records)
-
-
-
Netflow URL reputation # 30
support checking of URL reputation (URL sent in netflow records, for plain text http or in case traffic is decrypted and reencrypted for inspection purpose)
-
-
-
Netflow application reputation # 31
support checking of application reputation (application name sent in netflow records)
-
-
-
Critical alarms per network segment # 32
Allows to see critical alarms grouped per network segment.
-
-
-
Top3 alarms weekly via UI # 34
Allows to see top3 alarms generated within last week.
-
-
-
Endpoint Agent for Windows # 35
Allows to send NetFlow telemetry directly from the client OS to our cloud.
-
-
-
Endpoint Agent for MacOS # 36
Allows to send NetFlow telemetry directly from the client OS to our cloud.
-
-
-
Endpoint Agent for Linux # 37
Allows to send NetFlow telemetry directly from the client OS to our cloud.
-
-
-
AnyConnect NVM support # 38
Allows to send NetFlow telemetry directly from the client using Cisco AnyConnect Network Visibility Module.
-
-
-
Host map view # 24
shows all the hosts active for a tenant
-
-
-
Save alerts as PDF # 8
Allows to export alert list as a PDF and send it over the email.
-
-
-
Incident creation # 22
support incidents which are a set of alarms combined together using simple rules
-
-
-
Support large customers with 10G flows daily # 21
ability to ingest up to 10G flows daily per tenant
-
-
-
Support public IP with subnet mask different then /32 # 20
able to consume NetFlow from multiple different public IP addresses for the single tenant
-
-
-
Support multiple public IP addresses # 19
able to consume NetFlow from multiple different public IP addresses for the single tenant
-
-
-
RBACL for users/admins phase 1 # 18
create different users roles to manage your deployment
-
-
-
ServicenNow integration phase 1 # 17
create incidents in ServiceNow once new alarm is detected
-
-
-
Push notifications on new alerts # 15
mobile app/phone will get a notification every time new alarm is received (with configurable daily limit)
-
-
-
Change Status for Alert # 14
allows to change status for alerts so that an analyst is able to mark alerts as false positives.
-
-
-
Investigation Panel # 11
Allows to start investigation with 3rd party sites like Cisco Talos or Virus Total
-
-
-
Alert details screen # 10
Allows to see details of an alert with additional information such as SRC_IP, DST_IP, SPort, DPort, and Protocol.
-
-
-
Mark alerts as Resolved # 9
After successful threat mitigation or False Positive verification, it allows to mark an alert as resolved, so that it will be stored in the archive.
-
-
-
AnyConnect NVM support # 38
Allows to send NetFlow telemetry directly from the client using Cisco AnyConnect Network Visibility Module.
-
-
-
Endpoint Agent for Linux # 37
Allows to send NetFlow telemetry directly from the client OS to our cloud.
-
-
-
Endpoint Agent for MacOS # 36
Allows to send NetFlow telemetry directly from the client OS to our cloud.
-
-
-
Endpoint Agent for Windows # 35
Allows to send NetFlow telemetry directly from the client OS to our cloud.
-
-
-
Top3 alarms weekly via UI # 34
Allows to see top3 alarms generated within last week.
-
-
-
Critical alarms per network segment # 32
Allows to see critical alarms grouped per network segment.
-
-
-
Netflow application reputation # 31
support checking of application reputation (application name sent in netflow records)
-
-
-
Netflow URL reputation # 30
support checking of URL reputation (URL sent in netflow records, for plain text http or in case traffic is decrypted and reencrypted for inspection purpose)
-
-
-
Netflow DNS domain reputation # 29
support checking of DNS domain reputation (domain sent in netflow records)
-
-
-
Netflow web domain reputation # 28
support checking of web domain reputation (domain sent in netflow records)
-
-
-
BGP community peering # 27
allowing customer\'s border router to receive prefixes via BGP and block communication to malicious (blacklisted) IP address on the edge of network
-
-
-
Host risk mapping # 26
analyses the risk based on the malicious communication to/from host
-
-
-
Host role mapping # 25
analyses the traffic generated by host and assigned a role
-
-
-
Host map view # 24
shows all the hosts active for a tenant
-
-
-
Support of analytics of AWS VPC flow logs # 23
ability to perform analytics of AWS generated traffic
-
-
-
Incident creation # 22
support incidents which are a set of alarms combined together using simple rules
-
-
-
Support large customers with 10G flows daily # 21
ability to ingest up to 10G flows daily per tenant
-
-
-
Support public IP with subnet mask different then /32 # 20
able to consume NetFlow from multiple different public IP addresses for the single tenant
-
-
-
Support multiple public IP addresses # 19
able to consume NetFlow from multiple different public IP addresses for the single tenant
-
-
-
RBACL for users/admins phase 1 # 18
create different users roles to manage your deployment
-
-
-
ServicenNow integration phase 1 # 17
create incidents in ServiceNow once new alarm is detected
-
-
-
Whitelist blacklist management # 16
manage your own custom whitelists and blacklists
-
-
-
Push notifications on new alerts # 15
mobile app/phone will get a notification every time new alarm is received (with configurable daily limit)
-
-
-
Change Status for Alert # 14
allows to change status for alerts so that an analyst is able to mark alerts as false positives.
-
-
-
Blacklisting IP # 13
Opposite to whitelisting, allows the alarms to be generated for that IP.
-
-
-
Whitelisting IP # 12
Allows whitelisting an IP when IP is NOT malicious. There will be no alarms generated for that IP anymore.
-
-
-
Investigation Panel # 11
Allows to start investigation with 3rd party sites like Cisco Talos or Virus Total
-
-
-
Alert details screen # 10
Allows to see details of an alert with additional information such as SRC_IP, DST_IP, SPort, DPort, and Protocol.
-
-
-
Mark alerts as Resolved # 9
After successful threat mitigation or False Positive verification, it allows to mark an alert as resolved, so that it will be stored in the archive.
-
-
-
Save alerts as PDF # 8
Allows to export alert list as a PDF and send it over the email.
-