As new network attack vectors emerge and network traffic volume increases, the need to monitor traffic at high rates is ever increasing. Pattern matching is another feature of APCON’s IntellaView and IntellaFlex HyperEngines that allows SecOps and NetOps teams to match packet contents and filter for specific traffic. This feature allows you to search on individual packets or sessions to identify data based on patterns in any part of the packet payload.
Find the needle in the haystack
Today’s network security monitoring tools can benefit from pattern matching to identify potentially dangerous traffic. Using our deep packet inspection technology (DPI), the contents of packets can be matched against patterns of known traffic to identify content, including attack-carrying packets, that can then be forwarded accordingly. APCON’s pattern matching uses regular expressions (regexs) to match packet contents in near real time.
There are many possible actions you can apply on pattern matches, including:
Six different actions that can be applied to matching packets
Filter traffic on individual packets
Filter traffic on sessions
Ensure HIPPA & PCI DSS compliance
Enable more efficient tool usage
Mask personally identifiable information (PII)
Malicious content and intrusion detection
Schedule a demo today for access to our online demo center to see how easy it is to use IntellaView to set up pattern matching to filter packet contents according to regular expressions.
Pattern matching hardware
Intelligently identify traffic patterns and potentially dangerous traffic by using regular expressions to match packet contents. Pattern matching is a licensable feature on the following APCON hardware:
Ultra-high performance network visibility
The IntellaView HyperEngine enables real time packet processing of 100G network traffic to prevent tool oversubscription and supports up to 600G total throughput through six packet processing service engines that can be run concurrently.
1G / 10G / 40G legacy platform
The IntellaFlex XR HyperEngine network packet broker blade adds up to 200G of high-performance processing features to IntellaFlex XR monitoring systems. With up to 16 configurable service points, it provides real time processing across 1G / 10G / 40G / 100G feeds.