Aanval ® by Tactical FLEX, Inc. Login » Create Account  
 
 
 
 

Aanval ®

The industry's leading Snort, Suricata and Syslog SIEM ("Security Information and Event Management") console. Government security and defense organizations from more than a half dozen countries, educational institutions from around the world, global financial organizations as well as space exploration and military weapons manufacturers rely upon Aanval as a part of their security infrastructure.

Create an account, download Aanval or contact our Sales and Support staff to answer your questions.

More Information » Aanval v7 Details

Aanval v7 Available Now!

New prominent features in Aanval v7.

     » No more Adobe Flash!
     » 100% HTML and Javascript
     » Situational Awareness™
     » Completely re-written codebase
     » Supports multi-machine architecture deployments
     » As much as 10x the performance of Aanval v6
     » New event tagging system
     » New message queueing system for reports and searches
     » New ser message notification bar
     » New scrolling event data notification bar
     » New geo location maps / integration
     » New real-time events per second, per hour and day displays
     » New console-wide consistent event display renderers
     » And much, much more!

     » v7 Release and Upgrade Details

Situational Awareness™

New in Aanval v7 is our unique Situational Awareness engine, which provides in-depth event and architecture analysis of the host network.

A list of network events is nearly useless, it's our job to build systems that allow analysts to make determinations quickly while being well informed.

Situational Awareness within Aanval, allows analysts to quickly identify which specific devices, services and approximate areas of the network that are most at risk and which are more likely to be a problem in the future.

Define devices, services, ports and protocols supported on within your environment and let Aanval build detailed summaries of your networks security posture and current risks.

Learn More

False Positive Protection

Aanval includes a powerful event validation engine that performs real-time analysis of events against customizable network, device and service definitions.

False positives are the number one reason intrusion analysis systems fail to provide accurate and timely results. Even small numbers of false positives are costing organizations significant amounts of time, resources and allocated budgets to manage.

Aanval v7's event validation engine automatically tags and filters events to help keep false positives from overpowering true risks, allowing analysts and engineers to focus and get back to protecting the network.

Learn More

Event Correlation

Aanval is a fully integrated event management and attack data correlation engine. Aanval compares and correlates attacks in real-time and provides easy on the eyes charts and visual representations of related attack data across Snort, Suricata and Syslog sourced data.

Using every detail of a normalized event, Aanval compares events against one another as well as groups of events to identify complex attack patterns or determine if a single attack may or may not be related to larger attacks happening within the same timeframe.

Correlation is performed in both real-time and on-demand, allowing analysts to select an event and see which events may be related.

Ranking is simple to understand, Aanval provides a % value for each correlated event, letting the analyst know how confident Aanval is in its decision.

Learn More

Geo Location

Aanval v7 includes a powerful new mapping framework that gives us the ability to do some pretty impressive geo location plotting.

Visualize attack data based on source, destination, risk level and quantity of events--and all of this plotted on a fully interactive map of the world.

View various geo location based displays including our real-time Live Geo Location display as well as newly updated Frequent Offenders and Frequent Attackers displays.

Know precisely where your network threats originate! Zoom, drag and hover your mouse for details of both static and real-time geo location details.

Learn More
 

Every event, every sensor, every device. No Problem.

Aanval is the only SIEM on the market with the ability to automatically scale to meet the needs of its environment. Supporting millions and billions of Snort, Suricata & Syslog events is fully automated and continues as long as storage space is available.

Supporting Snort (the world's most widely used intrusion detection engine), Suricata (powerful multi-threaded, open source intrusion detection engine) as well as any device capable of outputting log information, Aanval imports, normalizes and correlates event information for powerful, fast and scalable analysis.

+

Aanval has been designed to correlate event data and logs from hundreds of vendor products and solutions including those listed below.

Snort Logo Cisco Logo Barracuda Logo Sourcefire Logo Apple Logo
 
Twitter - Follow us! Facebook - Like us! Follow us on Twitter and Facebook!
 
Copyright © 2012 - Aanval® is a product of Tactical FLEX™, Inc. All Rights Reserved.
All logos, trademarks and images are property and copyright of their respective owners.
This site and its products are in no way endorsed by or related to any outside entity unless specifically noted.
800-921-2584 Fon
501-648-0875 Fax
Aanval by Tactical FLEX, Inc.