BlackBoxSolera DeepSee™ BlackBox Recorder
Continuous, lights-out monitoring solution providing Incident Responders with immediate intelligence for proactive breach investigations


Overview


The Solera DeepSee BlackBox Recorder is like having a black box flight recorder for deployment within your customer’s networks—providing Incident Responders with all the critical intelligence, content and context necessary to effectively investigate a security breach. It incorporates a ‘break glass when breached’ network monitoring approach, allowing Incident Responders to deploy and install the DeepSee BlackBox Recorder on-demand—and with no upfront costs or licensing fees. Additionally, it provides Incident Responders and security service providers with an effective way to integrate Solera DeepSee into existing security infrastructure, providing the always-on ‘eyes and ears’ necessary for delivering all the critical security intelligence, content and context necessary to investigate a security breach or targeted attack. The BlackBox Recorder can be deployed as a DeepSee Virtual Appliance and/or as DeepSee Software.


Benefits


Benefits

  • Easy Deployment—DeepSee BlackBox Recorder is easily deployed in minutes using DeepSee Software or DeepSee Virtual Appliance. Simple, flexible deployment on existing hardware allows for immediate monitoring and data collection
  • Cost-Effective Solution—Based on a break glass when breached approach, DeepSee BlackBox Recorder can be deployed and installed at no initial cost. Subsequent costs are only incurred in case of an incident, and when incident responders break glass to conduct an investigation
  • Faster Time-to-Respond—DeepSee BlackBox Recorder continuously monitors and records before, during and after an incident to enable swift and accurate investigations
  • Effective Remediation—BlackBox Recorder provides the content, context and visibility needed to identify all pathways of security breaches and update signatures and rules throughout your customer’s security fabric


Features


Features

  • Application Discovery—classify over 1000 applications and thousands of descriptive, metadata attributes—including content types, file names and more
  • File Extraction—an innovative technology that automatically extracts and analyzes any file—including the most prevalent and malicious file types
  • Context-aware security—integrates with best-of-breed security technologies to pivot directly from any alert or log and obtain full-payload detail of the event—before, during and after the breach
  • Root Cause Explorer—an incident responder ‘Easy Button’. Using extracted network objects, the tool reconstructs a timeline of suspect web sessions, emails, and chat conversations
  • Session Reconstruction—full session reconstruction in chronological order delivers a complete record of activity before, during and after a security breach
  • Reputation Service—reveal the integrity and reputation of any IP address, file or email address
  • Full Layer 2-7 Indexing—complete and correlated analytics enable direct-drill downs from layer 2 to 7


Specifications



DeepSee BlackBox Recorder is offered for enterprise deployments leveraging Solera DeepSee Software and/or Solera DeepSee Virtual Appliance.

 

DeepSee Software DeepSee Virtual Appliance
Operating System DeepSee IR DeepSee IR
Form Factor Software only Virtual Machine
Capacity Up to 140 TB Up to 10 TB
Capture Interface 1 GbE or 10 GbE 1 GbE
Minimum RAM 8 GB 8 GB