Our Products

We build network security applications that are simple to operate and awesome at threat detection

Sniffa S2 Open-Sensor

We provide an .iso image for you to build your Sniffa Sensors onto your own hardware or virtual appliance environments, however if you just want to get started without the hassle, then you should purchase a Sniffa S2 Open-Sensor and Sensor Manager Subscription together (bundle).

Overview

The Sniffa S2 Open-Sensor appliances are built with an unmodified version of the Ubuntu Server Operating System (latest 22.04 LTS) and include the best-of-breed open-source threat detection software pre-installed and ready to go. They are expertly pre-configured and designed to operate with our Sniffa Sensor Management Applications out of the box.

The term 'Open-Sensor' means exactly what it says on the tin, it is 'open'. That means you are able to install supplementary software alongside the pre-installed Threat Detection software that you might consider appropriate in your environments. As well as reducing your overall operating expenditure (OPEX), having an Open-Sensor approach, means our sensors will easily fit into any software upgrade or vulnerability patching lifecycles you already run within your network environments. What's more, you own the tin, so Open-Sensors can be re-formatted after your subscription expires and you can re-deploy to other projects as you require.

SniffaSensor-S2-TechSpec.pdf

The Sensor Manager

The Sensor Manager Application will install onto any currently supported Microsoft Windows Operating System and is used to centrally manage multiple Sniffa Sensors deployed on your network. The Application is used for configuring security policies that need to be applied to remote sensors, for receiving logs and alerts from remote sensors and for examining the network traffic.

Overview

Once you have deployed your sensors and are sending logs and alerts to a central Sensor Manager Application you can start to filter, search, correlate and run threat hunts across the hundreds and thousands of network meta-data fields that have been generated by your sensors. Threat hunting is a great way to be able to spot malware that is operational on your networks but has not yet been detected by other security tools, such as firewalls, proxies, anti-virus or endpoint detection technology. The Sensor Manager Application can help you identify protocol-misuse, scanning, brute force, HTTP, HTTPS and DNS tunnelling, beaconing to/from command-and-control C2 servers, the early stages of ransomware and signs of data exfiltration, to name but a few.


With the right-click of a mouse, any network event displayed in the Sensor Manager Application can be correlated with the exact packet capture that was recorded at the time the event was created and transferred from the sensor to the PC for analysis. Complex Wireshark filters can be generated on the fly to enable quick searches across all captured streams and pinpoint the specific packets relating to a suspected attack.


At any point in time, you can create and download informative snapshot reports (xls, pdf & doc) showing the network connections, protocols and anomalies discovered by the Sensor Manager Application and share them across your security operations teams.


The network meta-data that is collected will be stored in a Microsoft SQL Database which can be administered in-house and easily integrated with your other software running alongside with the Sensor Manager Application, enabling a more enhanced and collaborative threat detection capability. Having your data stored in Microsoft SQL Databases makes the task of back-up and restoring your data simpler for your colleagues and your databases can easily be shared across several Sensor Manager Applications for offline investigations by your security operations teams.

Included in a subscription purchase
  • Sensor Manager Application Installer Package for Microsoft Windows.

  • Microsoft SQL Express LocalDB Database (included in the installer package).

  • Database Build Script for installing the Sniffa Database on a remote Microsoft SQL Server (if required).

  • Licence Activation Key to unlock the software for the duration of your subscription period and restricted to the purchasing options chosen.

  • Build Script and/or ISO Image for Sniffa Sensors (compatible for certain versions of Ubuntu platforms). Provided with your Activation Key.

  • Sensor Manager Application Upgrades if they are released during your subscription period.

  • ASP.NET Web User Portal Application Files compatible with Microsoft IIS Server.

  • Splunk Application Pack for Threat Hunting Sniffa, Snort, Suricata and Zeek Metadata logs in Splunk Enterprise or Cloud.

  • Email support for the duration of your subscription period.

Sensor Manager Subscriptions will be locked to a single server or pc seat using a subscription licence key, so running multiple management server seats will require multiple licence keys to operate. Contact us to discuss the best options for your networks.

Available to buy Online

Click 'Buy Online' from one of the options below and you will be connected to our payment platform to complete your purchase.

1 Year Single Sensor Subscription Licence for the Sensor Manager Application to be installed on any Microsoft Window OS
Bring Your Own Sensor Model

Sensor & Manager Bundle

Perpetual licence of the Sniffa Splunk Add-on with one years updates. Further information about the Sniffa Splunk Application can be found on Splunkbase.

Splunk Application

1 Year Single Sensor Subscription Licence for the Sensor Manager Application to be installed on any Microsoft Window OS and a Sniffa S2 Open-Sensor 1Gbps Appliance Pre-installed ready to go

If you cannot see the item that you would like to buy or you have additional questions regarding the purchase options, please contact us to discuss any requirements you might have.
We will be more than happy to help.

£1120.00
£450.00
£1656.00
Sensor Manager

For Sensors 10Gbps

For when you need to run our Sniffa Sensors on Hardware Appliances for ≥ 10Gbps Bandwidth

We have partnered with the best in class companies.

Contact us to find out more.

Contact us

Whether you have a request, a query, or want to see a demo of our products, use the form below to get in touch with our team.