ExeonTrace vs. Vectra

Vectra relies on data-heavy traffic mirroring and deep packet inspection for its network analytics. Consequently, dedicated tapping/hardware sensors need to be installed and customers must provide terabits of mirrored packet payloads, whose analysis requires significant processing power. Since these payloads are increasingly encrypted, Vectra is highly limited in its analysis capabilities and has to resort to metadata analysis. Additionally, Vectra can only analyse network data transmitted over the core-switch, leaving significant blind spots.

Exeon’s future-proof next-generation NDR solution takes a different approach. ExeonTrace relies on the analysis of light-weight log data, which can be exported from existing network infrastructure (Core Switches, Virtual Switches, Cloud logs, Firewalls etc.). Consequently, ExeonTrace’s algorithms require no hardware sensors, are unaffected by encryption and require minimal storage needs (data volume reduced by a factor of 100). All while providing complete visibility into all IT/OT network data and flows; this includes monitoring all connection points (on-premise and cloud) in an intuitive GUI.


Analysis of light-weight log data – no traffic mirroring, no additional hardware

ExeonTrace is specifically built to analyse light-weight log data and can therefore reconstruct network activities from metadata instead of full packet payloads. This relieves customers from the tedious task of setting up traffic mirroring.

Vectra relies on data-heavy traffic mirroring as a source for network analytics, meaning the customer must provide data-heavy mirrored packet payloads. Since these payloads are increasingly encrypted, Vectra is not able to analyse all data provided.

Metadata  analysis, unaffected  by encryption

ExeonTrace is entirely unaffected by encryption since it was explicitly built for the analysis of metadata using behaviour analytics algorithms.

Vectra analyses packet payloads; however, as payloads are increasingly encrypted, this poses a major challenge for the analysis.

Holistic visualisation of IT network

ExeonTrace provides a complete and unified view of network data flows and allows for rapid detection of suspicious behaviour and cyber threats.

Vectra provides visibility into malicious behaviours in a cohesive interface. However, as Vectra relies on network probes it doesn’t allow visibility into every asset.

Powerful Machine Learning algorithms

ExeonTrace NDR is equipped with powerful supervised and unsupervised machine learning algorithms designed to detect malicious behaviour and sophisticated cyber threats.

Vectra applies both supervised and unsupervised appliance-based machine learning algorithms, which are limited by system resources.

Efficient Log data storage – minimal storage needs with full data control

ExeonTrace stores historical data for later inspection in graph databases and reduces input log data by a factor of 100, making it optimal for high-bandwidth networks.

Vectra’s deep packet inspection and storage of historical data requires a tremendous amount of processing power and storage space, which can significantly hinder network performance.

Trusted by

University of Bern

As CEO and owner of a fast moving logistics company, I cannot afford any system interruptions due to cyber incidents. With ExeonTrace, we have found a Swiss solution to monitor our network and quickly detect cyber threats.

Nils Planzer CEO & Owner Planzer
Nils Planzer

Why our customers continue to choose us over traditional NDR providers:

Supervised & Unsupervised ML algorithms

ExeonTrace is equipped with supervised and unsupervised machine learning algorithms designed to analyse billions of network interactions and detect sophisticated cyberattacks, such as APT, ransomware and lateral movement.

Metadata analysis unaffected by encryption and increasing bandwidths

Unlike NDR providers relying on deep packet inspection, ExeonTrace is entirely unaffected by traffic encryption and increasing bandwidths since its algorithms were specifically built for the analysis of metadata.

Holistic visibility into entire IT/OT network

By relying on Metadata Analysis, ExeonTrace provides complete visibility into all network communications passing through any physical, virtualised or cloud networks.

Analysis of light-weight log data

Analysis of light-weight log data (NetFlow/sFlow/syslog) instead of data-heavy traffic mirroring. Metadata can be exported from existing network sources (switches, firewalls etc.) without hardware sensors.

Efficient log data storage

By reducing input log data by a factor of 100, our specialised algorithms support light-weight storage of historical data for later inspection, making ExeonTrace optimal for high-bandwidth networks.

Interested in hearing more about Exeon?

Contact us for a demonstration.