Mendel Observer

Highly Capable Network and Application Performance Monitoring

With its flow-based technology (listening to the network), GreyCortex Mendel Observer provides proactive and unobtrusive real-time monitoring of network and application performance issues. This continuous real-time monitoring and strong data-mining capabilities enable easy and quick root cause analysis of problems well before they start affecting the user experience.

Mendel Observer brings comprehensive and detailed visibility into network traffic and behavior of individual users, applications, services and content within the traffic.

In addition, it allows monitoring of application availability, internal security, user accountability and traceability. It helps organizations demonstrate and prove compliance with different regulations such as PCI DSS, SOX, HIPAA and more.

GreyCortex launch

Why MENDEL Observer

  • High level of network and application performance visibility
  • Smooth and efficient operation of networks
  • Unobtrusive service delivery
  • Quick network troubleshooting for positive user experience
  • Proves compliance with industry standards and government regulation

Flow-based and Packet-based Technology

Instead of relying on older and limited SNMP polling, Mendel leverages flow-based and content-based monitoring. Flow-based monitoring provides near real-time (1 minute intervals) visibility into network statistics and other summary and detailed issues. Deep content inspection (DCI) extends this information with real-time comprehensive contextual metadata (user identity, applications, for example).

Flow-based and Packet-based Technology

Application Monitoring and More

Mendel Observer constantly monitors communication of users and network applications of all ports and on TCP, UDP, ICMP and many other protocols. This enables monitoring of current and average bandwidth, response times, transit times, delay, jitter, ports in use, connection peers and more.

Application Monitoring and More

Powerful Forensics

Mendel Observer generates metadata of network communication providing full contextual awareness – for example destination and source, user's identity and application protocol. It also integrates selective on-demand packet capture. Unlike technologies based on full packet capture, it allows the metadata on network traffic to be stored for a much longer time with low demands on storage capacity. This includes metadata of application protocols such as HTTP, SSL, TLS, SMB, SMB2, DCERPC, SMTP, FTP, SSH, DNS, IRC, VNC, RDP, XMPP, IMAP, SIP, ICQ, SSH, MySQL, MS SQL.

Powerful Forensics

Easy to Use

The web user interface presents comprehensive information about network traffic: From management overviews, through aggregated information on communication of the network, subnetworks, users and applications, communication of peers, to details concerning individual flows and their content to precisely investigate interesting events. Users can use its powerful capabilities to filter and sort the data in any way.

Easy to Use

Monitoring Methods

  • Passive, agent-less monitoring
  • Flow based traffic analysis
  • Deep packet inspection

Detection Methods

  • Rule based alerting

Other Components

  • SIEM & LDAP connectors
  • Risk Assessment
  • Advanced Reporter

Data Sources

  • SPAN / mirrored port
  • 0.5 – 10Gbps per line
  • NetFlow & IPFIX (for network performance monitoring only)