Savvius Vigil automates the collection of network traffic needed for security investigations, both reducing the likelihood of a breach, minimizing their impact. Even breaches not discovered for months can be effectively investigated using Vigil. Savvius Vigil, which integrates with all leading IDS/IPS systems, includes Omnipeek, award-winning network forensics software.

How Vigil Works

Savvius Vigil integrates with your existing SIEM/IDS/IPS capabilities to intelligently determine what network traffic is relevant for breach investigations. Vigil continuously collects all network packets and only stores traffic associated with security alerts, discarding unassociated packets. The device also supports feeds from multiple sources simultaneously. Vigil captures the critical packets that led up to the alert being triggered, from up to 5 minutes before the alert, showing the original cause of a potential breach. You can also configure Vigil to store all packets based on specified IPs, ports or protocols, all the time, to provide insight into attacks that IDS/IPS solutions miss. And if you suspect an attack is ongoing, you can initiate a full packet capture with a single click, including up to 5 minutes of packet history.

System Specs

SEE MORE

System Specs

Hardware

  • 96TB of Storage
  • 4 port 1/10G Network Adapter
  • 2U Rack Mountable

Software

  • Savvius Vigil software for monitoring and forensics
  • Monitoring dashboard with overview, storage use, and event management
  • Security Forensics capability, including hierarchical search by date, event, IP address, severity, etc.

Supported IDS/IPS

SEE MORE

Supported IDS/IPS

  • HP Arcsight
  • Checkpoint
  • Cisco FirePOWER
  • Sophos Cyberoam
  • IBM QRadar
  • Lancope Stealthwatch by Cisco
  • McAfee Enterprise Security Manager
  • Palo Alto
  • Snort
  • Suricata

Webinar: What Security Professionals Can Learn from the Network Team

Alerts spike from your IDS/IPS and you need data now to determine what is going on. You start a frantic search for disparate sources of data, like logs and end point information, because it’s the best data that’s available from your security tools. But what if the data you really need, a complete recording of all the network data, is just a few cubes, or a server room, away?

View Webinar

Our Customers

 

 

 

Savvius Ensures WiFi Reliability Across Multiple Campuses for Large Universities

SEE WHAT MATTERS TO OUR CUSTOMERS

Network & Cyber Security

  • IBM

    IBM offers a deep enterprise security portfolio. Unmatched in its ability to help you disrupt new threats, deploy security innovations, and reduce the cost and complexity of IT security, IBM can safeguard your most critical data from compromise. The Savvius and IBM joint solution helps security professionals gain access to network-level data required to investigate security alerts triggered by Qradar SIEM, enabling network forensics in breach investigations. The joint solution gives visibility into network activities for alerts from months ago, including the network traffic before an alert even triggered.

  • Palo Alto Networks

    Savvius Vigil integrates with Palo Alto Networks Next-Generation Firewall via syslog. When an alert is triggered by the firewall, the Savvius Vigil appliance captures the specific network traffic that caused the alert. Savvius Vigil continuously collects all network packets, receives security alerts generated by Palo Alto Networks PAN-OS® and only stores traffic associated with Palo Alto Networks security alerts, discarding unassociated packets. Savvius Vigil stores network traffic data from five minutes before through five minutes after the alert triggered.

  • Fortinet

    Fortinet provides top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Fortinet’s security fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control–while providing easier administration. Savvius Vigil becomes an integrated part of Fortinet security fabric for capturing, storing and analyzing network data associated with critical threat alerts, providing a valuable solution for customers and partners.

  • Hewlett Packard Enterprise

    Hewlett Packard Enterprise delivers high-quality, high-value products, consulting, and support services in a single package. HP has industry leading positions in servers, storage, wired and wireless networking, converged systems, software, services, and the cloud. The Savvius and HP joint solution lets security professionals add packet intelligence into their investigation of security alerts triggered by HP ArcSight SIEM, even if the alerts happened months in the past.