Cisco Cisco Security Packet Analyzer 2400 Datenbogen

Page 1 of 5

Data Sheet

Cisco Security Packet Analyzer 2400 Appliance

The Cisco

Security Packet Analyzer enhances “detect and respond” capabilities to

help defend your network. Dive deep into anomalous network activity and security
events to get the complete status of your network.

Network threats and cybercriminals are getting smarter. The question is not whether your network will be breached.

The question is when. The need to have network visibility and the ability to respond to advanced threats quickly

has never been greater. Many organizations possess some level of security monitoring and incident response

capability. Security professionals can speed incident response in several ways. A common method is using packet

capture solutions, which can collect and store all of the information that traverses the network.

Using Packet Capture for Improved Incident Response

Network forensics is the process of monitoring and analyzing data that moves over a network and using it to

investigate anomalous activity. Security Packet Analyzer supports this forensics process. The Cisco Security

Packet Analyzer works in conjunction with Cisco Stealthwatch. It applies the Stealthwatch NetFlow and context

security analytics capabilities to captured data packets so you can dive into the context and content of network

sessions in near real time. (See Figure 1.)

Figure 1. A Sample Packet Analyzer and Stealthwatch Deployment

Product Overview

Security Packet Analyzer attaches to your network by means of a Switched Port Analyzer (SPAN), a feature also

called port mirroring, or a network Test Access Point (TAP). A copy of packet traffic is created from that point in the

network. Security Packet Analyzer stores a complete copy of these network packets. They can be retrieved later

for more detailed analysis using either the packet analysis software included in the solution or third-party analysis

tools.