“Our hardened appliance connects into the monitor port of a networking switch, and our virtual appliance monitors VMware virtual switches,” says Jonathan Gohstand (left), VP of product management and strategy at PacketSentry, based in Sunnyvale, Calif. “Through these connections, we're able to capture, decode and analyze traffic moving through the infrastructure, and we can also enforce user and group-based policies in real-time by injecting connection resets.”
Its unique architecture allows the tool to monitor and enforce all user activity with no agents or in-line appliances, says Gohstand. “Unlike other solutions, our product addresses a wide range of issues, such as compliance, IT admin controls, insider threat and network segmentation in a manner which is operationally efficient.” Updates are pushed out via a secure support connection, he says.
And, it was an easy install, adds McRae. “PacketSentry was running and providing usable data in half a day.”
Further, Gohstand points out that there were no noteworthy challenges installing the offering on a government system when compared to corporate customers.