- Advanced Malware Detection
High-speed Malware detection with 5 network intelligence sources at once. - Threat Prevention
Find and shut down exploits, Bots, C&C, Phishing attempts or sites with bad IP reputation. - Flow Analysis & Monitoring
Protect your intellectual property. Monitor communication patterns that can go unnoticed. - SIEM & Log management
Collect and correlate events from ALL your security devices. Easily comply with security standards. -
Software as a Service
Multiple administrators can share analysis and collaborate using advanced reporting tools. - Network Antivirus
Real time Malware scanning of files transmitted using 46 antivirus solutions at once.
Flexible Architecture
Unlike other product the MSS allows to flexibly choose the appropriate security data storage solution for each deployment. The table below indicates the storage location options for each subscription type.
| Subscription Type | Security events and System logs | Sensor configuration | Application Data and Payloads |
|---|---|---|---|
| MSS SaaS | MetaFlows Cloud | MetaFlows Cloud | Sensor Disk |
| MSS SaaS Local | Sensor Disk | MetaFlows Cloud | Sensor Disk |
| MSS Global Enetrprise | MSS GE controller | MSS GE controller | Sensor Disk |
In the MSS SaaS option the Sensors can either export security event messages to the MetaFlows cloud or store them on the local sensor storage. In either case, you access your security information and shut down Malware through a browser. The advantage of storing the events in the MetaFlows Cloud is that they are globally and anonymously correlated to give you better security. Storing event data on the local sensor disk allows certain organizations (like Government) to still benefit from MetaFlows' advanced security technology while complying with local policies governing event storage.
By design, it is always the case that application data (packet payloads) never leave the local sensor’s disk. In our system this separation is very strict. This division makes SaaS-based security event monitoring much more practical. Very sensitive payload data contained in the packet logs is protected by the customer’s own network security infrastructure inside the sensor (usually placed behind a firewall).
Malware Detection Appliances
MetaFlows offers turn-key Malware Detection appliances with the best cost-performance ratio in the industry. Subscribers can order and configure MetaFlows Network Security Appliances through the subscription page of the MetaFlows Security System or by contacting MetaFlows directly. The appliances are based on open standards that allow quick and seamless integration in any existing infrastructure and shipped with the MSS and system software pre-configured for maximum performance.
|
![]() |
|
|
|---|---|---|---|
| RAM | 9 GB | 24 GB | 32 GB |
| Hard Drive | 1 TB | 4 x 1TB | 4 x 2TB |
| Processor | Intel Core i7 | 2 x Intel Xeon 6 core (24 HW threads) | 4 x AMD 6276 (64 HW threads) |
| Ethernet Cards | 3x1Gbps | 2x1Gbps + 2x10Gpbs | 2x1Gbps + 2x10Gpbs |
| Throughput | 800 Mbps | 3-5 Gbps | 5-10 Gbps |
| Or you can build your own appliances and just use our software only plans. | |||
Malware Detection Software
The MetaFlows Security System software can be easily installed on your own hardware* to monitor 10Mbps to 10Gbps networks. The software can run on CentOS 6, as a virtual machine or in your cloud-based assets.
| Platform | Linux CentOS 6.x or RHEL6 | VMware ESX4 or Server | Amazon EC2 CentOS 6.x |
|---|---|---|---|
| Download Link | linux.zip | MetaFlows_SensorVM-2.0.zip | AWS EC2 |
| How to install |
unzip linux.zip cd nsm ./setup.sh |
unzip MetaFlows_SensorVM-2.0.zip open MetaFlows_SensorVM-2.0/VM.vmx |
Launch Instance |
*Activation requires registration at http://nsm.metaflows.com
Subscription Plans
The MSS subscription cost is based on the number of sensors you operate at any given time. The cost of each sensor is primarily determined by the amount of traffic it needs to inspect (measured in bps) and its features. Our software is offered in 3 feature / performance tiers of Bronze, Silver & Gold via Monthly, Annual & 2 Year subscription terms.
| Sensor Software | Number of Processing Cores | Sustained Performance | Features |
|---|---|---|---|
| Bronze | 1 | 100Mbps | BotHunter & Snort with daily Emerging Threats Pro, SRI Malware Threat Center & MetaFlows International Honeypot Network intelligence feeds and monthly SourceFire VRT Rule sets (Oink code required), p0f, Ntop, Soft/Hard IPS, Event storage for 1 year, and access to both Real Time monitoring and Historical Reports. |
| Silver | 1 | 100Mbps | Includes all Bronze Features + Log Management & SIEM integration + Vulnerability Scanning, all available through our powerful forensics interface. |
| Gold | 8 | 1Gbps | Includes all Features Features + Performance up to 1Gbps |
| Gold Add-on* | 4 | 500 Mbps | Provides incremental processing power to Gold Sensor Software. You can add this item incrementally to meet your increased performance demands. |
* This option allows for exceptionally High Performance processing. For example, for 3 Gbps performance we recommend a total of 24 cores (1 Gold + 4 x Add-on), 5 Gbps performance requires 32 cores (1 Gold + 6 x Add-on) and 8 Gbps performance requires 64 cores (1 Gold + 14 x Add-on). Please contact us for additional information or for a quote.
How to Deploy
The MSS is the only Malware Detection system with the flexibility to shut down Malware either in Inline mode or Passive mode
Passive Configuration |
|||
![]() |
Placing a computer inline is not always desirable because of reliability/latency concerns. MetaFlows' proprietary Soft IPS technology reliably blocks unwanted traffic in passive mode as well. MetaFlows does this by injecting spoofed TCP packets into the network to disrupt unwanted communications. This idea (also employed by the Great Firewall of China) is not new but it has been refined to the point that makes a passive Soft IPS configuration as effective as an inline deployment without its potential drawbacks. |
||
Inline Configuration |
|||
![]() |
Thanks to our breakthrough with PF_RING inline, our appliances can also work as a traditional IPS but at a fraction of the cost. They can sustain from 800 Mbps to >5Gbps of bridged Ethernet traffic while matching thousands of Malware rules. There is no need for specialized hardware. See our appliance detailed performance numbers. |
||
Product Comparison
The matrix below compares important features of existing IPS products. This product comparison is based on public data and may not reflect proprietary information not available to us. If you think we need to correct this matrix please do not hesitate to contact us and we will promptly correct any mistakes.
| Feature | MetaFlows | Open Source Snort | SourceFire | Fireeye | Dell | Juniper | PaloAlto Networks | Cisco | McAfee |
|---|---|---|---|---|---|---|---|---|---|
| Behavioral Malware Detection | |||||||||
| Antivirus | SonicWALL | Sophos | |||||||
| Signature Detection | |||||||||
| SIEM 3rd party Log Management | |||||||||
| Flow Analysis | |||||||||
| Passive Service Discovery | |||||||||
| Vulnerability Assessment | Nessus | Qualys | |||||||
| File Carving | |||||||||
| Scalable to 10G bps | |||||||||
| Software only or Appliance | |||||||||
| No upfront costs; pay as you go | |||||||||
| Does not Require Significant Service Contract |
As you can see from the matrix, MetaFlows' MSS offers an unprecedented mix of features and also provides very flexible deployment options which do not require upfront costs or capital expenditures.
Security Data
Unlike other product the MSS allows you to flexibly choose the appropriate security data storage solution for each deployment. The table below indicates the storage location options for each subscription type.
| Subscription Type | Security events and System logs | Sensor configuration | Application Data and Payloads |
|---|---|---|---|
| MSS SaaS | MetaFlows Cloud | MetaFlows Cloud | Sensor Disk |
| MSS SaaS Local | Sensor Disk | MetaFlows Cloud | Sensor Disk |
| MSS Global Enetrprise | MSS GE controller | MSS GE controller | Sensor Disk |
Try it on your network.
You need to see it to believe it. Get started now
If you don't find what you're looking for in our FAQ section, Contact Support and we'll get back to you ASAP!
MetaFlows uses 5 different network intelligence sources at once to determine if an event is important. These sources of network security intelligence are combined with a ranking algorithm that prioritizes security events according to continuous, global measurements. Unlike other products the MetaFlows Security System is based on shared network intelligence coming from several sources (5 normally but up to 7 in some instances). The integration of multiple feeds from our partners helps reduce the false positive rates.
With the MetaFlows Security System, packets with sensitive information are only stored on the sensors inside your network (which are highly secure Unix-based open-source systems). So even if the cloud were to be compromised, non of your application data would be exposed simply because it's not there. We only store your security events in our cloud. Security event data exchanged between you and the back-end is encrypted end-to-end: from your browser to our web servers; from the sensor to our web servers; and from the browser/console to the sensors. All authentications are performed using public key cryptography (the same one used to secure your access to your online banking). To secure our cloud we continuously monitor our networks and routinely perform penetration testing of our infrastructure to ensure our computer security.
Yes, our sensor software can monitor network traffic in any environment. In fact, our sensor can also be installed as a virtual machine.
A virtual machine's performance depends on the resources that are given to it: the more memory and processors available, the better it will run. Our sensor technology automatically scales to the capabilities of the hardware or the virtual machine on which it is installed. Our virtual sensor will only take the memory and processors that are allotted to it. The sensor's software continuously monitors the dropped packet rate and provides real time feedback on its operation which is viewable from the MetaFlows console.
We have a number of reports available at this time and will be continuously adding new ones with flexibility in mind. The beauty of the SaaS model is that you will get any and all upgrades without ever having to perform any system management operations.
Our global and local correlation technologies are continuously fed intelligence data that prioritizes security incidents based on event ranking and IP reputation.
Before you can add monthly subscriptions or yearly licenses, your account must be converted from a trial account to a subscription account. This allows you to take advantage of a number of features only available to subscription users:
- Daily signature updates from Emerging Threats
- Private online 1-on-1 chat support, plus priority e-mail support
- Use unlimited sensors on a single account
- MetaFlows historical reporting with unlimited storage capacity for 1 year
Absolutely, you can. MetaFlows allows you to purchase either a month to month subscription or an annual subscription.
Yes, MetaFlows offers chat, email, and support ticket capabilities as our primary customer touch points. We have also produced a series of tutorial videos to assist subscribers in download and installation, tuning, and other key self-help tools. Phone support is limited to 9AM to 6PM PST.
Get Started
Call 877.664.7774
Contact Us
Start a free 14-day trial
Customer Login
White Papers
Product Overview Security-as-a-Service Amazon EC2 Security Gateway Setup
Technology
Shared Network Intelligence BotHunter Soft IPS Network Antivirus Flow Analysis Vulnerability Scanning SIEM and Log Management File Carving
Schedule a Live Demo
Partnerships
| Become a MetaFlows partner About MetaFlows News Room | ||
© 2012, MetaFlows Inc - All Rights Reserved Sitemap








