MENDEL 3.3 RELEASED


2019-04-16

上一篇新聞 下一篇新聞

  ESET 

香港

MENDEL 3.3 RELEASED

   

GREYCORTEX has released the latest version of our MENDEL network traffic analysis solution. Version 3.3 has several important new features which improve detection and response for the network security team.

The biggest is that MENDEL’s detection and visibility capabilities are now available for SCADA/ICS environments. This new capability goes beyond support for several protocols found in earlier versions of MENDEL, and extends it to a whole new module, including the ability to visualize not just devices, but time series in IEC 61850 Goose, SNMP, and IEC104 protocols.

Not content with just SCADA features, we have added new reporting for managers and security analysts, detection and logging of TLS 1.3, and fingerprinting of encrypted traffic on the JA3 framework, as well as increasing the capabilities of the multi-sensor configurations.


New features

New managerial and security analyst reports summarize network data and security threats

New module for processing and visualization of SCADA protocols, including new dashboards for visualizing time series in IEC 61850 Goose, SNMP, and IEC 104 protocols

- Added support for parsing CC-link protocol

- Added support for parsing Enip/CIP protocol

- Added support for parsing Kerberos protocol

- Added support for parsing TFTP protocol

- Added support for parsing IKEv2 protocol

- Added support for parsing FTP protocol including parsing FTP data streams

- Added detection engine for SSL/TLS client fingerprints JA3

- Added multi-disc installation of MENDEL

- Added GUI localization into Polish and Korean

- Introduced new light color scheme

- Integration with firewalls from Check Point

Please note New system of reports will replace in the near future the old type of reports. If you use them don’t forget to configure new reports.


Enhancements

- Improved installer with enhanced user interface and new features

- Improved dark color scheme

- Redesigned severity color scheme

- Reorganized main menu for better accessibility

- Redesigned user dashboards for better user experience

- Improved network capture module for better performance and less resource consumption

- Improved network models for faster detection and reduced storage demands

- Improved task planner and optimization of parallelized processing in the service for better resource consumption and management creating faster processing for multiple sensors on one collector

- Improved detection and reparation of unusual, incomplete, or swapped flows

- Improved parsing of incomplete or unidirectional flows

- Improved network capture default configuration for better capture on all configurations

- Improved processing of Active Directory events for better calculation of logged users

-Improved Mikrotik plugin

- Added button to restore user dashboards to default

- Improved creation of complex firewall rules in plugin

- Improved HTTP proxy pairing for incomplete or invalid communication

 

Bug Fixes

In general, our development team focused on improving the user experience and reporting.


Contact your local GREYCORTEX partner to find out how you can put MENDEL v3.3 to work for you. 

 

 

About Version 2 Limited

Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About GREYCORTEX

Founded in 2016 in Brno, Czech Republic, GREYCORTEX helps organizations make their IT and OT operations secure and reliable with uses advanced artificial intelligence, machine learning, and data mining methods which detect advanced threats to security and risks to reliability that other solutions miss.

上一篇新聞 下一篇新聞

返回前一頁