Service Hotline: 010-68213797
English
Home > Security Products > N T A

Issues Faced by Enterprise Traffic

East-West Blind Spots

  • Traditional security devices primarily monitor entry and exit points, lacking monitoring measures for internal network communications.

Behaviors cannot be traced

  • The attack path is difficult to restore, and event response lacks the support of an evidence chain.

Low-frequency attacks are difficult to identify

  • Intermittent and covert attack behaviors are prone to being overlooked.

Logs Fail to Restore Context

  • It is difficult to understand the complete event process solely through log analysis.

NTA Core functions

Smart and Comprehensive Traffic Catcher

Traffic Collection and Restoration

Collection and Restoration

Traffic Collection and Restoration

  • Full Traffic Collection
  • It supports comprehensive capture of core switching links across the entire network without omission.
  • Deep Protocol Analysis
  • Covers mainstream network protocols and accurately restores user behavior and application content.
  • Session Reconstruction
  • Stitch fragmented traffic into complete sessions to improve readability.

Threat Identification and Attack Tracing

Attack Tracing

Threat Identification and Attack Tracing

  • Intrusion Detection Engine
  • Identify known and variant attack behaviors based on features and behavior.
  • Attack Identification
  • Automatically identify typical behaviors such as lateral movement, scanning, and account brute-force attacks.
  • Attack Chain Restoration
  • Trace the complete attack path by backtracking the relationship between time and hosts.

NTA Product advantages

product advantage

Powerful Forensics Capability

  • It supports session-level raw traffic backtracking to fully record the attack process. It provides evidence chains such as packet download and attack chain timeline reconstruction, meeting the forensics requirements of Network Security Level Protection 2.0 / ISO 27001, and providing a basis for emergency response and compliance audits.
product advantage

Strong Detection Capability

  • By fusing behavioral analysis with contextual modeling, it conducts in-depth detection of unknown threats. Without relying on signature databases, it can identify advanced persistent threats such as fileless attacks, covert tunnels, and abnormal data exfiltration, thereby enhancing the capture rate of zero-day attacks.
product advantage

Highly Visualizable

  • Dynamically construct a topological map of internal network behaviors, and restore the full picture of the attack chain based on traffic metadata. Through multi-dimensional views such as interactive timelines and entity relationship diagrams, visually present lateral movement paths and command-and-control behaviors to achieve visual tracking of latent threats.

Produce Value

Transform the "traffic black box" into "behavioral transparency", helping enterprises strengthen internal threat awareness capabilities and improve the speed and accuracy of responding to complex risks such as APT (Advanced Persistent Threat), attack lateral movement, and data leakage.