Andrisoft WANGUARD is an enterprise-grade traffic monitoring and DDoS detection and protection solution that delivers the functionality NOC, IT, and security teams need to effectively monitor and protect their network through a single, integrated package. WANGUARD Sensor relies on sFlow, NetFlow, IPFIX, or Port Mirroring / SPAN.
|Tags||Networking Monitoring Security Netflow iptables Firewall IPFIX sflow DDoS Router switch IPv6|
|Licenses||Commercial EULA Trialware|
|Operating Systems||POSIX Linux|
|Implementation||C PHP 5.2 AJAX SQL|
Release Notes: Server tabs. Filter tabs. Complex SQL filter. Selectable columns. Anomalies can be manually classified. Actions (eg. manual mitigation) can be manually activated. A new Anomalies Overview widget. bgpd.conf is editable from the Console. Data Retention settings for packet dumps.IP Zone shows storage requirements. Warnings when the server has a disk full, no free RAM, or a high system load. A new SIP decoder for VoIP traffic. Scheduled emailed reports for IP Groups, Sensors, Filters, and Servers. Graphs showing totals can be stacked. The packet analyzer shows hex and ASCII dumps of packets.
Release Notes: Full IPv6 support for the Sensors and for the Filter. The Filter now supports all decoders. The Filter supports In-NIC hardware filters present in Intel x520 10Gbps network cards. The Packet Analyzer has been extended with auto-stop functions. Console GeoIP support to see the countries of the attackers. The Sniffing Sensor can use native PF_RING functions. IPv4 and IPv6 mask restrictions have been added to BGP announcements. Graphing IP sweeps can be disabled. Numerical Dynamic Parameters can now be obtained in a shorter form. New decoders have been added: Flows (Flow Sensor only), SSH, Youtube, NetFlix, and Hulu.
Release Notes: New extensible traffic decoders for graphs, accounting, and anomalies: TCP, TCP+SYN, UDP, ICMP, OTHER, BAD, HTTP, SSL, MAIL, DNS, FACEBOOK, and IPSEC. A new, fully-featured traffic thresholds system. A new Flow Collector that supports NetFlow v9, IPFIX, native sFlow, and 32bit AS. A new traffic capturing framework that includes a wireshark-like, Web-based packet analyzer. Combined reports, anomalies overview, and bookmarks. Over 100 other improvements.
Release Notes: PF_RING support was added in the Sniffer. A new RAM storage method is used. RRDCache can now be used to speed up graph updates. NetFlow Archive was added. VLAN/MPLS support was improved. Console themes were implemented. A "Latest Events" Widget was added.
Release Notes: FreeBSD 8 support. LDAP and Active Directory support for user authentication. Events reporting by email and syslog. DB maintenance, scheduled reports, traffic anomaly tables, and .ogs can be exported in Excel format. "All Sensors" options on various parts of the console. New filtering policy options for WANGuard Filter that will allow local filtering. 3 new widgets. Automatic VLAN/MPLS support for the sniffer.