Highly Capable Network and Application Performance Monitoring
With its flow-based technology (listening to the network), GreyCortex Mendel Observer provides proactive and unobtrusive real-time monitoring of network and application performance issues. This continuous real-time monitoring and strong data-mining capabilities enable easy and quick root cause analysis of problems well before they start affecting the user experience.
Mendel Observer brings comprehensive and detailed visibility into network traffic and behavior of individual users, applications, services and content within the traffic.
In addition, it allows monitoring of application availability, internal security, user accountability and traceability. It helps organizations demonstrate and prove compliance with different regulations such as PCI DSS, SOX, HIPAA and more.
Flow-based and Packet-based Technology
Instead of relying on older and limited SNMP polling, Mendel leverages flow-based and content-based monitoring. Flow-based monitoring provides near real-time (1 minute intervals) visibility into network statistics and other summary and detailed issues. Deep content inspection (DCI) extends this information with real-time comprehensive contextual metadata (user identity, applications, for example).
Application Monitoring and More
Mendel Observer constantly monitors communication of users and network applications of all ports and on TCP, UDP, ICMP and many other protocols. This enables monitoring of current and average bandwidth, response times, transit times, delay, jitter, ports in use, connection peers and more.
Mendel Observer generates metadata of network communication providing full contextual awareness – for example destination and source, user's identity and application protocol. It also integrates selective on-demand packet capture. Unlike technologies based on full packet capture, it allows the metadata on network traffic to be stored for a much longer time with low demands on storage capacity. This includes metadata of application protocols such as HTTP, SSL, TLS, SMB, SMB2, DCERPC, SMTP, FTP, SSH, DNS, IRC, VNC, RDP, XMPP, IMAP, SIP, ICQ, SSH, MySQL, MS SQL.
Easy to Use
The web user interface presents comprehensive information about network traffic: From management overviews, through aggregated information on communication of the network, subnetworks, users and applications, communication of peers, to details concerning individual flows and their content to precisely investigate interesting events. Users can use its powerful capabilities to filter and sort the data in any way.
- Passive, agent-less monitoring
- Flow based traffic analysis
- Deep packet inspection
- Rule based alerting
- SIEM & LDAP connectors
- Risk Assessment
- Advanced Reporter
- SPAN / mirrored port
- 0.5 – 10Gbps per line
- NetFlow & IPFIX (for network performance monitoring only)