Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
RevealX NPM is a core module of the RevealX platform. It enables organizations to leverage the network as a central source of truth. Network Performance Monitoring workflows enable you to monitor how services and devices interact with each other and how transactions flow across the data link layer (L2) to the application layer (L7) in your network. The platform harnesses visibility into network data and cloud-native machine learning (ML) for real-time analytics, identifying potential network and application performance issues to expedite incident response time.
While both are essential models of a modern NDR platform, RevealX NPM focuses on monitoring network performance, whereas RevealX NDR focuses on monitoring network security. NPM actively identifies potential network and application performance issues, whereas NDR proactively identifies potential malicious activity.
RevealX NPM is available as both a SaaS-based and on-premises solution. The SaaS-based RevealX 360 provides unified security across on-premises and cloud environments, 360-degree visibility and situational intelligence without friction, and immediate value with a low management burden. RevealX Enterprise is a self-managed solution that provides complete east-west visibility and real-time threat detection inside the perimeter.
RevealX NPM integrates with the ExtraHop Packet Forensics module to provide full packet capture, storage, and retrieval. This scalable packet capture (PCAP) repository delivers cost-effective modular storage, precision packet search in a single workflow, and fast and easy-to-use queries to get answers quickly.
Packet Forensics is an add-on module to the RevealX platform and cannot be purchased as a standalone product.
RevealX NPM consists of a set of components based on your environmental needs: sensors, packetstores, recordstores, and a console for centralized management and unified data views. You can deploy all components as physical, virtual, and cloud-based options based on your needs.
RevealX NPM passively observes unstructured packets through a port mirror or tap, and stores the data in a local datastore. The network traffic data undergoes real-time stream processing, which transforms the packets into structured wire data for analysis.
RevealX NPM supports over 90 enterprise protocols with real-time fluency at the application layer. Protocol modules offer varying levels of analysis, starting with L7 classification, and Application Inspection Triggers to create a custom metric.
Yes. RevealX NPM proactively detects potential network and application performance issues by leveraging cloud-scale machine learning (ML). The ML service tracks detections in eight categories across your environment. Within each of these categories, the ML evaluates several protocols and hundreds of metrics, all with custom logic, to find and correlate active problems.
Yes. RevealX can decrypt SSL/TLS (including TLS 1.3) network traffic, as well as common Microsoft protocols, such as SMBv3, Kerberos, Active Directory, and MSRPC, offering complete observability for troubleshooting.
RevealX NPM is designed to help enterprises derive meaningful insights from an immense wealth of information through automatically populated role-based dashboards. These dashboards function on a drag-and-drop model so you can customize them further with unique widgets. Along with traditional methods of data visualization like charts and graphs, RevealX NPM uses live activity maps to present a dynamic and intuitive view of your environment.
Yes. RevealX NPM integrates with leading IT service management (ITSM) and IT operations (IT Ops) tools, including Splunk, Microsoft, AWS, and more. For organizations that rely on chat platforms to coordinate workflows, RevealX NPM can send information about detections to Slack or other collaboration platforms through a REST API. RevealX NPM also integrates with ticketing systems such as ServiceNow, automatically creating tickets for analyst triage queues and ingesting ticket information to display beside a detection.
While rich query and investigation workflows are available within the RevealX NPM interface, it’s also easy to integrate wire data metrics with the other data stores, querying tools, and analytics platforms in your stack. The RevealX NPM Open Data Stream allows you to merge data from multiple sources into a single, rich set that can be queried and visualized using whatever tools your team prefers, including AppDynamics, Elastic, MongoDB, and more.
