Monitor your cloud-based assets as if they where in your LAN.
Advanced Cloud IDS >
Analyze actionable incidents reports rather than single IDS/Syslog alerts.
Advanced Intrusion Detection >
Easily create and analyize historical packet captures up to 2 weeks in the past.
Ultimate Threat Hunting >
Inspect TLS traffic without impacting reliability or performance
Passive TLS mirroring >
Advanced Intrusion Detection
Accurately identify and block malware, dangerous user behavior and data exfiltrations that would otherwise go unnoticed.
The MetaFlows Security System

Videos
How we catch Malware Easily protect on premise or Cloud-based assets Detailed installation instructionsIntrusion Detection Software
The MSS network intrusion detection software runs on CentOS/RHEL 7, and therefore, can be deployed (1) on dedicated hardware, (2) as a virtual machine, or (3) in any public cloud like the Amazon EC2, Microsoft Azure or Google Cloud Platform.
The MetaFlows Security System requires a (physical or virtual) Linux machine dedicated to passively analyze network traffic from a mirror/SPAN or agents deployed in public cloud instances (like AWS, Azure or GCP). Once our software is installed, it immediately gets access to the following threat feeds:
- Emerging Threat IDS signatures (~40k IDS signatures updated daily)
- MineMeld feeds (~100k IPv4 addresses, ~100k URLs and ~2,700 domains updated daily)
- Virus Total file signatures (approximately 700k new hashes/day)
- ~19,000 SpiderLbas Rules
Besides ingesting intelligence, each installation also becomes an active contributor to our global cloud-based correlation system. This allows us to identify and prioritize specific event types with good predictive potential to further improve detection accuracy based on dynamic measurements.
Go beyond compliance, improve your security operations.
Advanced Threat Hunting & Forensics
MetaFlows' network intrusion detection software provides indexed packet logging to easily reconstruct what happened in your network past. The time horizon is directly proportional to the storage to bandwidth ratio and can range from a few hours to a few weeks depending on the setup. The time horizon can be adjusted by sizing the storage capacity while leveraging our proprietary packet indexing technology to scale your forensic capabilities to a whole new level.
MORE >
Take charge or your network. Shut down security threats with dynamic IPS policies updated every 12 hours.
Block Threats Without Impacting Reliability
Soft IPS is ground-breaking software-based Intrusion Prevention technology that shuts down threats with zero impact on performance and reliability. It uses powerful active response technology to block unwanted traffic and actively learns which flows need to be blocked by extracting invariants from your communication patterns.
MORE >
Cost-effectively inspect your encrypted traffic without compromising security and reliability.
Passive SSL/TLS Interception
Passive SSL/TLS mirroring does not require a proxy and it is more reliable and more secure than key sharing. Also the cost of passive SSL/TLS mirroring is significantly lower than traditional techniques because it does not require an inline device or any additional key sharing infrastructure.
MORE >
Cost-effective deployment options for both on-premise and the public cloud.
Deploy Anywhere
Our software was designed as an open system and can therefore be easily customized and integrated into any existing infrastructure. It can be installed in minutes on Linux CentOS or RedHat, VMware (Server/Player or ESX4), Amazon EC2 or Microsoft Azure supporting a variety of storage and monitoring configurations. We also provide cost-effective malware detection appliances optimally designed to scale from 50 Mbps to 10 Gbps.
MORE >
Features & Pricing
The software scales with the hardware and can handle from a few Mbps to 10 Gbps. The software cost is determined by the amount of traffic it needs to monitor (measured in bps) and its features. Our software subscriptions are offered in three feature / performance tiers: Bronze, Silver, and Gold and can be purchased on monthly, annual and biannual subscription terms. Amazon EC2 hourly AMIs are billed directly by Amazon.