The MetaFlows Security System (MSS) leverages a number of state-of-the-art network monitoring technologies that, when used together, can detect and prevent security threats like no other technology can. The MSS is easy to use, extremely flexible and supports multiple configuration and deployment options that support bandwidths from 100 Mbps to 10 Gbps. It can be deployed as software on your own hardware or as a turn-key appliance.
MetaFlows offers turn-key Malware threat protection appliances with the best cost-performance ratio in the industry.
Subscribers can order and configure MetaFlows Network Security Appliances through the subscription page of the MetaFlows Security System or by contacting MetaFlows directly. The appliances are based on open standards that allow quick and seamless integration in any existing infrastructure and shipped with the MSS and system software pre-configured for maximum performance.
|RAM||4 GB||24 GB||32 GB|
|Hard Drive||1 TB||4 x 1TB||4 x 2TB|
|Processor||Intel Core i7||2 x Intel Xeon 6 core (24 HW threads)||4 x AMD 6276 (64 HW threads)|
|Ethernet Cards||3x1Gbps||2x1Gbps + 2x10Gpbs||2x1Gbps + 2x10Gpbs|
|Throughput||800 Mbps||3-5 Gbps||5-10 Gbps|
|Or you can build your own appliances and just use our software only plans.|
The MSS sensor software can be installed on your own hardware and can cost-effectively scale on modern, multicore off-the-shelf processors, using CentOS 6, as a virtual machine or in your cloud-based assets.
|Linux CentOS 6.x or RHEL6||VMware ESX4 or Server||Amazon EC2 CentOS 6.x|
|Subscribe through AWS Marketplace|
*Activation requires registration at http://nsm.metaflows.com
The MSS sensor software cost-effectively integrates into a range of existing IT infrastructures.The following table shows how each platform option maps to traffic inspection requirements and compatible subscription types.
|Single CPU 8 Cores|
|Dual CPU 24 Cores||+|
|Quad CPU 64 Cores||+||+|
|Amazon EC2 Instance|
Please see the SaaS service option below for a description of the Bronze, Silver and Gold subscription types.
How to Deploy
The MSS is the only Malware Detection system with the flexibility to shut down Malware either in Inline mode or Passive mode
Placing a computer inline is not always desirable because of reliability/latency concerns. MetaFlows’ proprietary Soft IPS technology reliably blocks unwanted traffic in passive mode as well. MetaFlows does this by injecting spoofed TCP packets into the network to disrupt unwanted communications. This idea (also employed by the Great Firewall of China) is not new but it has been refined to the point that makes a passive Soft IPS configuration as effective as an inline deployment without its potential drawbacks.
Thanks to our breakthrough with PF_RING inline, our appliances can also work as a traditional IPS but at a fraction of the cost. They can sustain from 800 Mbps to >5Gbps of bridged Ethernet traffic while matching thousands of Malware rules. There is no need for specialized hardware. See our appliance detailed performance numbers.
Select the MSS Service Option that best meets your business needs, from SMB to Global Enterprise – from On-premise to Cloud:
Cost Effective, Pay-As-You-Go Simplicity
The MSS subscription cost is based on the number of sensors you operate at any given time. The cost of each sensor is primarily determined by the amount of traffic it needs to inspect (measured in bps) and its features. Our software is offered in 3 feature / performance tiers of Bronze, Silver & Gold via Monthly, Annual & 2 Year subscription terms.
|Sensor Software||Number of Processing Cores||Sustained Performance||Features|
|Bronze||1||100Mbps||BotHunter & Snort with daily Emerging Threats Pro, SRI Malware Threat Center & MetaFlows International Honeypot Network intelligence feeds and monthly SourceFire VRT Rule sets (Oink code required), p0f, Ntop, Soft/Hard IPS, Event storage for 1 year, and access to both Real Time monitoring and Historical Reports.|
|Silver||1||100Mbps||Includes all Bronze Features + Log Management & SIEM integration + Vulnerability Scanning, all available through our powerful forensics interface.|
|Gold||8||1Gbps||Includes all Features Features + Performance up to 1Gbps|
|Gold Add-on*||4||500 Mbps||Provides incremental processing power to Gold Sensor Software. You can add this item incrementally to meet your increased performance demands.|
* This option allows for exceptionally High Performance processing. For example, for 3 Gbps performance we recommend a total of 24 cores (1 Gold + 4 x Add-on), 5 Gbps performance requires 32 cores (1 Gold + 6 x Add-on) and 8 Gbps performance requires 64 cores (1 Gold + 14 x Add-on). Please contact us for additional information or for a quote.
High availability and regulatory compliance architecture
Unlike other product the MSS allows to flexibly choose the appropriate security data storage solution for each deployment. The table below indicates the storage location options for each subscription type.
|Subscription Type||Security events and System logs||Sensor configuration||Application Data and Payloads|
|MSS SaaS||MetaFlows Cloud||MetaFlows Cloud||Sensor Disk|
|MSS SaaS Local||Sensor Disk||MetaFlows Cloud||Sensor Disk|
|MSS Global Enetrprise||MSS GE controller||MSS GE controller||Sensor Disk|
In the MSS SaaS option the Sensors can either export security event messages to the MetaFlows cloud or store them on the local sensor storage. In either case, you access your security information and shut down Malware through a browser. The advantage of storing the events in the MetaFlows Cloud is that they are globally and anonymously correlated to give you better security. Storing event data on the local sensor disk allows certain organizations (like Government) to benefit from some of MetaFlows’ advanced security technology while complying with strict local policies governing event storage.
By design, it is always the case that application data (packet payloads) never leave the local sensor’s disk. In our system this separation is very strict. This division makes SaaS-based security event monitoring much more practical. Very sensitive payload data contained in the packet logs is protected by the customer’s own network security infrastructure inside the sensor (usually placed behind a firewall).
The MSS Global Enterprise (MSS GE) includes all the features of the MSS SaaS solution but it is designed to communicate exclusively within a private network or as a private cloud on a public network. The MSS GE controller can be deployed either as an on-premise high performance Appliance (starting at 1200 Events/Second) or as a private Amazon EC2 instance. Find Out More.. >>
Security events from the MSS GE sensors are securely transmitted to the MSS GE Controller where they are ranked using a unique algorithm mathematically similar to Google’s page ranking. Rather than limiting security event ranking to static policies, the MSS GE derives priorities based on dynamic measurements. The MetaFlows Active Threat Management system and the SRI Malware Threat Center continuously mine the Internet for bad IP address and event reputation data (much like the reputation and number of links to a web page). The MSS GE controller continuously accumulates this security event reputation data and mathematically transforms it every day to improve ranking prediction. The end-result is that the MSS GE lets you quickly find Malware that otherwise would go unnoticed.