Introduction

Ravin Network and Log Management service is commonly deployed out of line in organization network. Different flows are exported and analyzed and security alerts are sent to managers. The analyze result can also be sent to Ravin SIEM. on the other hand, this service is a sensor for Ravin SIEM.

This is a comprehensive solution for monitoring servers, network infrastructure devices, security devices, network services, Database and any organization’s software. It collects, registers and manages network and services events and generates valuable reports base on that.

 

Benefits of using Ravin NTLM

  • Extracting all network traffic flows
  • Detecting all network anomalies
  • Receiving events from all network and security devices
  • Monitoring traffic and representing different diagrams and reports
  • Representing a comprehensive view of different flows of organization’s network to managers
  • Processing and correlating traffic flows information with other sensors entrances
  • Maintaining network traffic flows and search on it

Features

Anomaly Detection
 
Deep Packet Inspection
 
 

Ability to receive events of all different security equipment

 

Ability to receive events of all different network equipment

 

 
Distribution of traffic information Collector in the network
 
Eliminate duplicate events
 
Secure and small storage of events
 
Receive hundreds of flexible reports of network traffic and events

Usages

Ravin NTLM usages

  • Network sensor for security operation center (SOC)
  • Accurate monitoring of devices and services
  • Detecting suspicious and anomaly actions in organization network
  • Detecting software/hardware problems in organization network
  • Presenting an integrated view of the network state with concentrating on network traffic
  • Integrated managing of different device events and services in organization network