Cisco Cisco Security Packet Analyzer 2400 데이터 시트
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 1 of 5
Data Sheet
Cisco Security Packet Analyzer 2400 Appliance
The Cisco
®
Security Packet Analyzer enhances “detect and respond” capabilities to
help defend your network. Dive deep into anomalous network activity and security
events to get the complete status of your network.
events to get the complete status of your network.
Network threats and cybercriminals are getting smarter. The question is not whether your network will be breached.
The question is when. The need to have network visibility and the ability to respond to advanced threats quickly
has never been greater. Many organizations possess some level of security monitoring and incident response
capability. Security professionals can speed incident response in several ways. A common method is using packet
capture solutions, which can collect and store all of the information that traverses the network.
Using Packet Capture for Improved Incident Response
Network forensics is the process of monitoring and analyzing data that moves over a network and using it to
investigate anomalous activity. Security Packet Analyzer supports this forensics process. The Cisco Security
Packet Analyzer works in conjunction with Cisco Stealthwatch. It applies the Stealthwatch NetFlow and context
security analytics capabilities to captured data packets so you can dive into the context and content of network
sessions in near real time. (See Figure 1.)
Figure 1. A Sample Packet Analyzer and Stealthwatch Deployment
Product Overview
Security Packet Analyzer attaches to your network by means of a Switched Port Analyzer (SPAN), a feature also
called port mirroring, or a network Test Access Point (TAP). A copy of packet traffic is created from that point in the
network. Security Packet Analyzer stores a complete copy of these network packets. They can be retrieved later
for more detailed analysis using either the packet analysis software included in the solution or third-party analysis
tools.