Savvius Blog

The Savvius Network Analysis and Monitoring Blog covers enterprise networking news from recent standards, such as 802.11n, and upcoming technologies, such as 100G, to pressing everyday issues around wireless, VoIP, security, and network performance management.

Network Packets Matter to Security Professionals

Imagine that you investigate car accidents. When you arrive at a scene, you see the smashed cars, skid marks, bent post, and whatever else, and quickly determine that one car came into the path of the other one. This paint on the fender matches that dent in the other car, for example, and even the angles where the car ended up tell a story.

Now imagine that the insurance company asks you to investigate an accident that happened last month. You can still go to the scene, but this time, all you see are some skid marks, a still bent post, and a few other things. But no cars. Perhaps you can still figure out what happened, but it isn’t easy.

Being an accident investigator without being able to see the cars is the situation that security incident investigators find themselves in when they are investigating a breach and can’t see the packets that were the vehicle for the attack.

The problem is that most attacks aren’t discovered for months, and by that time, the packets are gone. It just isn’t practical to store weeks and months of network traffic; a network averaging only 3 Gbps requires 7.5 petabytes of storage in 229 (the median time between breach and discovery according to a recent study.) And since it is the median time, even with 7.5 petabytes, you’re missing half the security events. So let’s double it to be safe. And assume we’re buying relatively inexpensive storage. That is still over $5 million!

The answer is intelligently determining what to store, but that’s the subject of another blog post. Stay tuned!


Introducing Savvius

As many of you know, WildPackets has a long history as a leading provider of network monitoring and forensics solutions to enterprises, SMBs, and government agencies. In a crowded market of network IT vendors, we’re pleased to say we’ve developed a strong reputation for making exceptional network analysis software and packet storage appliances.

We’re proud of what we’ve achieved. Most of all, we’re pleased to have been able to help so many different organizations and IT professionals make the most of their networks and network-dependent technologies. Our customers are driven, tech-savvy, and creative, and we’re pleased to have contributed, through our network analysis solutions, to their success.

Now—as we all know—the world is changing: faster networks, new devices, more devices, new apps.

To continue to serve our customers, we recognized that we, too, had to keep changing. We realized that it’s time to build on our legacy and create something new. Specifically, we realized it’s time to apply our expertise in network analysis to important problems faced by organizations of all sizes, and to develop new, best-in-class solutions that enable our customers to do more with their (faster, more hyperconnected) networks than they’ve ever done before.

So today we’re making several announcements. We’re announcing a new focus for our company, and we’re announcing an exciting new product that’s unlike anything else available in network IT today.

But let’s start with our new name, which provides the most concise summary possible of our new vision and our new direction.

We’re excited to announce today that we are changing our name to Savvius. Savvius derives from “savvy” or “full of insight.” This name better reflects our company’s full line of products and mission for the future.

And here’s an example of the type of insight we’re talking about.

Over the past several years, we have seen an increase in organizations using our network investigation components to enhance security forensics. We’ve been helping organizations store hours, days, and even a few weeks of network data for analyzing security anomalies that have occurred on the network. All too often, these anomalies turn out to be indications of a security attack, such as a data breach.

Despite the impressive evolution of IT defenses, security attacks are still getting through, and in many cases, they’re lingering on the network longer than a few weeks before being discovered. They’re lingering for months. About 7 and a half months on average: 229 days

Which is why today we are also announcing the introduction of Savvius Vigil™, the industry’s first security appliance that provides weeks or even months’ worth of relevant network packet data following a security incident.

Unique in the market, Savvius Vigil stores packet data correlated with security events detected by your existing SIEM solutions. Savvius Vigil stores that data for months or longer in a searchable repository. When security professionals want to investigate anomalies that have occurred days, weeks, or even months ago, now they can, with Savvius Vigil.

Savvius Vigil gives IT security professionals the hard evidence they’ve been missing when investigating security breaches. You can learn more about Savvius Vigil here.

Moving forward, our company’s focus will be on empowering network and security professionals with the best packet-based analysis products, capabilities and solutions on the market.

We’ve taken a huge step in that direction with today’s announcement, and we hope that you follow along with us as we continue to innovate and provide the most comprehensive view of your network.

For more information, check out today’s announcement, take a look around our website or get in touch!

  • April 15th, 2015
  • Posted in Savvius

Contact Us Savvius Blog Follow Savvius on Twitter Like Savvius on Facebook Follow Savvius on LinkedIn Follow Savvius on YouTube Follow Savvius on Slideshare