• Products
• Solutions
• Customers
• Partners
• About
• Research

News

Narus Next-generation Traffic Anomaly Detection Software Captures and Analyzes Voice and Data Traffic in Real Time

Highly-Configurable, Carrier-Class Anomaly Detection Alerts Companies to Worms, DDoS Attacks, SPAM and Other Anomalies Over IP Networks

February 15, 2005, Mountain View, CA—Narus, Inc., the leading carrier-class IP platform provider,announced today its latest Narus Traffic Anomaly Detection Application, designed to detect traffic anomalies across multiple networks (wired and wireless) in real time to help save customer losses in revenue, network down time and disruption in services. Part of Narus’ suite of IP Security products, Narus Solutions are currently deployed globally in Tier-1 Carrier-Class networks, including Korea Telecom, Telecom Egypt, AT&T, KDDI, US Cellular, KPN, and Access Bolivia.

Narus Traffic Anomaly Detection is one of many applications that run on the Narus IP Platform, which provides unsurpassed flexibility for integrating with multiple applications supplied by Narus and other partners. Traffic Anomaly Detection delivers highly sophisticated traffic statistics that identify threats across numerous data inputs and protocols such as VoIP, Streaming Video, HTTP and DNS, without impacting network performance.

“Narus continues to lead the industry in developing real time anomaly detection products that deliver real benefits to our customers in multiple and open network environments,” said Jay Thomas, vice president of product marketing at Narus. “Carriers are finding that point solutions do not provide the real time intelligence necessary to detect deep threats to their networks, nor are they able to provide efficiencies of IP platform-based applications they need today or in the future. Since Narus’ Traffic Anomaly Detection resides on the Narus IP Platform, it gives IT Managers and Network Operators the platform they are demanding to add new services at a low incremental cost.”

Traffic Anomaly Detection utilizes a three-tiered process flow to detect network anomalies from Layer 3 to Layer 7:

• Capture: High speed targeted capture of data elements in network traffic across Layer 3 to Layer 7. The capture function ensures that all high value data required for accurate anomaly detection is made available.
• Detection Analysis/Processing: Aggregation of cross network data flows and subsequent processing for anomaly detection. Processing leverages core Security Rules, provided by Narus, and all custom algorithms developed by the carrier to substantiate deeper inspection if necessary.
• Advanced Anomaly Grouping Capabilities: Advanced grouping of anomalies according to known patterns of worm and DDoS attacks. If a pattern is not recognized, the anomaly is escalated with appended descriptors to assist security analysts.

“Many carriers do not have the real time information they need to truly understand their network traffic in a normal environment, let alone a compromised environment,” said Thomas. “By identifying a baseline of network traffic from flow to content capture with Narus Traffic Anomaly Detection, carriers now have the next-generation in detection to help mitigate an unwanted attack; saving them millions of dollars each year in lost revenue. With Traffic Anomaly Detection, our customers are employing the best preventative tool on the market today.”

Traffic Anomaly Detection can be easily and cost-effectively integrated with NarusForensics and NarusView as well as multiple network applications and service providers. Narus will be demonstrating its suite of IP Monitoring applications at RSA 2005 in San Francisco, CA, February 15-17 at Narus' booth, #1121.

# # #

About Narus, Inc.

Narus software solutions provide the real-time traffic insight essential to profitably manage, secure and deliver Services over IP. Today, large IP-based networks are transforming the traditional circuit-switched world of telecommunications into a dynamic, ever-changing world of IP-based services such as VoIP, IPTV and others. In order to secure, monitor, bill and provide excellent quality of service for these IP-based offerings, service providers must simultaneously capture, normalize and correlate IP traffic across all layers of the network. Only NarusInsight is capable of providing companies with the means to capture, normalize and correlate IP traffic at the speed required for carrier-class networks. With its patented technology and processes, Narus helps customers like AT&T, Korea Telecom, KDDI, Telecom Egypt, Saudi Telecom, France Telecom and T-Mobile in areas of network security, traffic classification and monitoring.

Media Contact

Susannah Beckwith
Schwartz Communications
T: +1 415 512 0770