|Trisul Network Analytics 3.0 released|
|Tuesday, 14 May 2013 10:37|
Dear Network and Security Monitoring people :
We are pleased to announce that Trisul 3.0 is immediately available for download.
Please visit the download page to get the latest packages.
We have packages available for :
Trisul is totally free for monitoring the most recent 3-day window.
Release highlights (see here for more)
Trisul 3.0 is a major step forward in the technique of monitoring everything. This release introduces Full Text Search (FTS) technology to make certain kinds of resources instantly searchable. Now SSL Certificates and HTTP Headers are FTS indexed which means you can search for any arbitrary string in them and get instant results. Trisul 3.0 also adds a keyspace search tool which can tell you about traffic in suspicious netblocks instantly.
Full Text Search
SSL Certificate chains and HTTP Headers are stored in an FTS index.
SSL traffic is no longer a black box as Trisul 3.0 will count traffic by a) SSL organizations ( amazon, google, twitter, etc) b) SSL Cipher Suites (how much traffic by RC4, AES, etc) and c) by Certificate Authorities.
Key space search
All keys are stored in a format suitable for fast long term spatial analysis. The best use case for this is to check all your past traffic (months at a time) for activity within malicious netblocks. You can also use this tool for other types of spatial analysis like MAC addresses or ports.
New Github repo
All analysis of Trisul is scriptable so you are not stuck with repeating same processes via the user interface. We have a new GitHub repo "trisul-scripts" where many such scripts are released.
Enhancements & Fixes
Thanks for your wonderful support for Trisul. We are growing release to release. Join us !!