High-capacity packet capture
Secure your network with confidence
As mobile devices and multimedia content consumption becomes more and more widespread, the volume of data traffic from mobile phones, tablets, PCs, and other smart devices is expected to continue increasing rapidly. Data centers must expand and strengthen their networks to handle this surge in traffic. Application processing and data storage are critical services, and securing a network’s functionality requires effective monitoring of the data flowing through it. Artiza Networks developed etherExtractor to make securing backbone networks more reliable and efficient through high-capacity, lossless packet capture.
The challenges of maintaining network quality and security
- Ensuring subscribers’ promised bandwidth requires monitoring network quality
- Creating a monitoring system that accurately gauges usage status in real time to prevent issues before they occur
- If a problem does occur, minimizing the time required to pinpoint the cause and respond
- Efficient and effective service management
The right packet capture tool overcomes all of these challenges
- Fully captures 100% of packets from ever-increasing traffic loads and makes the capture data usable as fast as possible
- Connects easily to other monitoring and anomaly detection systems
- High reliability with excellent cost performance
- Flexible enough to customize the system for individual use cases
- Speedy support after installing the system
From functionality to usability,
the etherExtractor series evolves
to meet engineers’ needs.
Zero-loss data storage
The etherExtractor series uses high-endurance storage for the enterprise model that enhances reliability and durability with an optimized write method. To guarantee the etherExtractor can write 100% of capture data to storage, the product is rigorously tested through multiple long-duration testing regimens with combinations of short and jumbo packets, ensuring high performance even in the most challenging network environments.
Improve efficiency with support for
remote operation and easy compatibility with
security devices and network monitoring systems.
In addition to the streamlined GUI, the etherExtractor supports remote operation via a web API. Use log outputs from other monitoring systems to establish a flexible and efficient configuration and workflow.
A new standard for reliability and cost performance
Stability that lasts
The latest model of etherExtractor, eE-NEO is built on the knowledge gained from previous models’ extreme long-term operation in commercial network installations. Telecom carriers, data centers, and financial institutions demand stable, constant capture performance over extended periods of time, and the eE-NEO delivers.
IDS for industrial networks
eE-NEO is optimized for secure monitoring of mission-critical control networks. Customizing the parameters to an individual networks’ environment and traffic makes it possible to quickly and accurately identify network problems.
Compact 1U size
All the eE-NEO’s functionality and capture capabilities for interface speeds from 1GbE to 100GbE are condensed into a compact 1U device.
NVMe-compatible SSDs are used for all capture storage and the OS, enabling dramatic improvements in reliability, speed, latency, and failure prediction compared to previous models.
Supports multiple users
Security enhancements allow user authentication and simultaneous operation by multiple users. Each user can operate each capture port from their own dedicated workspace.
5G fronthaul support
Capable of full capture in the highly time-sensitive 5G fronthaul environment (O-RAN), and supports time synchronization using PTPv2 (IEEE1588).
Microbursts are caused by highly concentrated traffic over a very short period. Accurately grasp the time, content, and frequency of traffic concentration, to optimize the investment of server resources.
Start capturing with just 3 clicks
After logging in from the browser:
1. Select a connection port
2. Select a port to capture
3. Start capturing
Based on the popular eE GUI, the capture operation screen has been reconfigured in an easy-to-use wide screen format. The settings screen has also been simplified with tabs for each usage scenario. The “capture profile” feature makes it easy to switch between environment settings.
Monitor the status of each component from a single screen.
- Check the device for temperature abnormalities
- Confirm link speed and link status of capture ports
- View internal storage usage rate and operating status
Intrusion detection engine powered by
Customizable security rules
Specify parameters for customized security rules. This makes it possible to support dedicated control protocols used in factories.
Standard rules can be used as soon as the system is installed, including:
- IP header / IP length errors
- Specific protocol detection such as Telnet, SSH, ICMP, FTP, etc.
- Port scan detection
What are the benefits for checking packet integrity on a control network?
During system maintenance, simply connect to the mirror port to accurately collect diagnostic data related to the control system. This method introduces no new load to the existing network, and eliminates the danger of unexpected malfunctions when adding new devices to the network.
Large storage capacity
Remote operation and trigger functions enable packet collection without requiring an engineer be on-site
Real-time monitoring, statistics, and microburst analysis functions to increase work efficiency
Multiple maintenance plans available
Capture approximately 80 minutes at full-rate 20Gbps
Portable 2G / Portable 4G
Capture approximately 80 minutes at full rate
Portable 2G: Full-rate 2Gbps
Portable 4G: Full-rate 4Gbps
Equipped with replay function for actual traffic data
Even the best generators can’t come close to completely reproducing a network’s actual traffic. With etherExtractor, you can quickly reproduce any problems by replaying actual traffic captured directly from your network. This streamlines the process of conducting repeated evaluations to improve and protect your network.
Microbursts are caused by highly concentrated traffic over a very short period. In network use cases such as online trading and e-commerce, accurately grasp the time, content, and frequency of traffic concentration, to optimize the investment of server resources.
|Model||Portable 2G||Portable 4G||Portable 20G||NEO Lite||NEO Lite 20G
|NEO Basic||NEO Pro
|Number of ports||1GbE SFP × 4 ports||10GbE SFP × 2 ports
1GbE SFP × 4 ports
x 4 ports
|10GbE x 4 ports
25GbE x 2 ports
40GbE x 2 ports (option)
100GbE x 2 ports (option)
|100GbE x 2 ports
40GbE x 2 ports
* In development
|Capture interface||10/100/1000 Base-T
* In development
|Effective storage capacity||1.4TB||2.9TB||11.5TB||5.0TB||60TB||70TB|
|RAID configuration||RAID 0||RAID 5||RAID 10|
|Weight (kg)||About 8.8kg||About 9kg||About 13kg||About 15kg|
Cost reduction and flexibility with Wireshark*
The entire etherExtractor series outputs captured packet data as highly versatile PCAP files, allowing for full compatibility with Wireshark, a popular and free open-source software used for detailed network analysis. Utilizing open-source software reduces the initial installation cost, and solves the issue of high operational cost and performance instability found in some expensive capture products by eliminating the need for costly, continuous software updates. Wireshark, a favorite tool of network engineers in many industries, also provides operational flexibility even if network analysis is outsourced.
- Analyze captured files
- Packet filter function
- Statistics function
- TCP session stream recovery function
* Wireshark is a registered trademark of Wireshark Foundation, Inc.