ExeonTrace vs. Vectra
Vectra relies on data-heavy traffic mirroring and deep packet inspection for its network analytics. Consequently, dedicated tapping/hardware sensors need to be installed and customers must provide terabits of mirrored packet payloads, whose analysis requires significant processing power. Since these payloads are increasingly encrypted, Vectra is highly limited in its analysis capabilities and has to resort to metadata analysis. Additionally, Vectra can only analyse network data transmitted over the core-switch, leaving significant blind spots.
Capabilities
Analysis of light-weight log data – no traffic mirroring, no additional hardware
ExeonTrace is specifically built to analyse light-weight log data and can therefore reconstruct network activities from metadata instead of full packet payloads. This relieves customers from the tedious task of setting up traffic mirroring.
Vectra primarily relies on traffic mirroring as a source for network analysis. Dedicated hardware or software sensors should be installed for this purpose. However, as the payload is increasingly encrypted, Vectra cannot analyze all the data provided in this way and is now also increasingly using metadata for analysis. In addition, Vectra mainly analyzes network data that is transmitted via the core switch, which can leave blind spots.
Metadata analysis, unaffected by encryption
ExeonTrace is entirely unaffected by encryption since it was explicitly built for the analysis of metadata using behaviour analytics algorithms.
Vectra analyses packet payloads; however, as payloads are increasingly encrypted, this poses a major challenge for the analysis.
Holistic visualisation of IT network
ExeonTrace provides a complete and unified view of network data flows and allows for rapid detection of suspicious behaviour and cyber threats.
Vectra provides visibility into malicious behaviours in a cohesive interface. However, as Vectra relies on network probes it doesn’t allow visibility into every asset.
Powerful Machine Learning algorithms
ExeonTrace NDR is equipped with powerful supervised and unsupervised machine learning algorithms designed to detect malicious behaviour and sophisticated cyber threats.
Vectra applies both supervised and unsupervised appliance-based machine learning algorithms, which are limited by system resources.
Efficient Log data storage – minimal storage needs with full data control
ExeonTrace stores historical data for later inspection in graph databases and reduces input log data by a factor of 100, making it optimal for high-bandwidth networks.
Vectra’s deep packet inspection and storage of historical data requires a tremendous amount of processing power and storage space, which can significantly hinder network performance.
Advanced detection, faster responses, less false alerts
Exeon’s future-proof next-generation NDR solution takes a different approach. ExeonTrace relies on the analysis of light-weight log data, which can be exported from existing network infrastructure (Core Switches, Virtual Switches, Cloud logs, Firewalls etc.).
Christian Keller
CISO, SWISS Airlines
As the Swiss national airline, we are driven by a passion for exceptional performance, in the spirit of our guiding principles. A stable and secure IT is the most important basis for an excellent customer service. For the security of SWISS IT we use Exeon as a central cybersecurity tool, fully managed by our long-term partner Reist Telecom AG. A perfect combination and solution to monitor our network and quickly detect any kind of anomalies.
Head IT Security
PostFinance AG
PostFinance has chosen ExeonTrace because of its open and future-proof architecture. Not needing any hardware sensors and being able to control data flows, we didn’t have to make any significant changes to our existing infrastructure. We are also convinced by the cooperation with the competent and technically outstanding Exeon team.
Nils Planzer
CEO & Owner, Planzer
As CEO and owner of a fast moving logistics company, I cannot afford any system interruptions due to cyber incidents. With ExeonTrace, we have found a Swiss solution to monitor our network and quickly detect cyber threats.
Why our customers continue to choose us over traditional NDR providers:
Supervised & Unsupervised ML algorithms
ExeonTrace is equipped with supervised and unsupervised machine learning algorithms designed to analyse billions of network interactions and detect sophisticated cyberattacks, such as APT, ransomware and lateral movement.
Metadata analysis unaffected by encryption and increasing bandwidths
Unlike NDR providers relying on deep packet inspection, ExeonTrace is entirely unaffected by traffic encryption and increasing bandwidths since its algorithms were specifically built for the analysis of metadata.
Holistic visibility into entire IT/OT network
By relying on Metadata Analysis, ExeonTrace provides complete visibility into all network communications passing through any physical, virtualised or cloud networks.
Analysis of light-weight log data
Analysis of light-weight log data (NetFlow/sFlow/syslog) instead of data-heavy traffic mirroring. Metadata can be exported from existing network sources (switches, firewalls etc.) without hardware sensors.
Efficient log data storage
By reducing input log data by a factor of 100, our specialised algorithms support light-weight storage of historical data for later inspection, making ExeonTrace optimal for high-bandwidth networks.
ExeonTrace as explained by our CEO
Are you still unsure whether to choose a bullet-proof anomaly detection NDR solution such as ExeonTrace?
Our CEO, Dr. sc. David Gugelmann, tells you more in 47 seconds.