FastNetMon is a very high performance DDoS detector built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow and SPAN/port mirror.
It could detect malicious traffic in your network and immediately block it with BGP blackhole or BGP flow spec rules.
It has solid support for all top network vendors and has unlimited scalability due to flexible design.
You could integrate FastNetMon into any existing network without any changes and additional hardware!
The Darktrace Immune System is the world’s leading autonomous cyber defense platform. Its award-winning Cyber AI protects your workforce and data from sophisticated attackers, by detecting, investigating and responding to cyber-threats in real time — wherever they strike.
Based on our record, FastNetMon should be more popular than Darktrace. It has been mentiond 3 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
If you have a BGP peering with you ISP/upstream provider, ask them if they have a blackhole community you can broadcast to. Usually they are ASN:666. The only downside is you would only be able to advertise your IP address to that, essentially killing your internet (if that's your only IP) as long as the block is up. We usually set our filter to 15 minutes and most attackers give up after that. At this level, you... Source: about 1 year ago
Have you looked at fastnetmon ? It's freemium and It looks like the commercial version would work you, but I think the community edition is aslo worth a look. It's primary function is to detect DDOS attacks, but it can export data in ways that might be useful to you. Source: about 2 years ago
To mitigate DoS attacks means you need information - preferably before the users start screaming. Running sampling on your edge router with something like Fastnetmon will give you alerting of a probable DDoS attack before it becomes a significant problem. Source: almost 3 years ago
Everything you are talking about already exists and has for years. If you do want to stress yourself out, go check out things like https://darktrace.com/ or you read up on what DARPA has in terms of AI and software that can defend & patch itself against attacks and write its own exploits, https://arstechnica.com/information-technology/2016/08/the-world-series-of-hacking-without-humans/. They brought them to DEFCON... Source: about 1 year ago
NetVizura NetFlow Analyzer - NetFlow Analyzer is a solution for bandwidth monitoring and traffic analysis. It helps with traffic investigation, analysis and reporting
Wazuh - Open Source Host and Endpoint Security
Andrisoft WanGuard - DDoS protection software solution for networks. Attacks detected by NetFlow,NetStream,sFlow,jFlow,IPFIX,Port Mirroring and mitigated with firewall filters
Sectrio - Proven OT, IoT, IT, and 5G protection Sectrio secures converged networks through better asset visibility, reduced attack surfaces, and early detection of latent threats.
Arbor - Easily manage product development
Nozomi Networks Vantage - Nozomi Networks Vantage is a simple and easy-to-use cybersecurity solution.