Corelight Sensors

Corelight AP200 Sensor
(2Gbps)

Corelight AP1000 Sensor
(10Gbps)

Corelight AP3000 Sensor
(25Gbps)

Corelight Sensors transform network traffic into high-fidelity data for your security teams, extracting over 400 data elements in real time. Designed by the creators of open-source Bro, Corelight Sensors provide a turn-key solution tuned for performance at enterprise scale. Configure in minutes, and gain visibility into your network activity.

Got a SIEM? Make it better with Bro.

Bro is not another pane of glass or analytic stack. Instead it makes the stack you already have better. Whether you use Splunk, Elastic Stack, ArcSight, QRadar, Spark or just about anything else, ingesting Bro logs will give your threat hunters and incident responders more to work with.

Highly-structured, real-time network data.

If you typical response to alerts involves digging through piles of PCAP files or trying to piece together data through thin NetFlow records, there's a better way. It's Bro. Bro generates a wide range of rich network information, including logs for;

Corelight is the foundation for a modern security stack.

  • Network data as "ground truth" for security
  • Data-driven first, detection-driven second
  • High flexibility and easy repeatability

network packet broker Corelight sensor stack
Example analytics stack with Corelight Sensor

netflow bro pcap
Where do Bro logs fit in your analytics stack

Data that’s more useful. Clearly.

In real time, we extract what really matters from the never-ending river of network traffic, transforming packets into actionable logs designed by and for security professionals. Bro's unique data makes it easy to reconstruct what happened, connect the dots, and understand patterns.

A Modern UI that has you up and running in minutes

Corelight's new streamlined and intelligent UI makes configuring, deploying and managing Corelight Sensors even easier (it was already pretty quick). You can click to select inputs, output targets, and all the important settings to fit into your security stack quickly.

PLUG-and-PLAY

The Corelight Sensor is zero maintenance; you provide the traffic feed and and specify where to send logs and extracted files - nothing more. New features roll out seamlessly, through regular, automatic updates, and you get support from the creators of Bro

TUNED FOR ENTERPRISE PERFORMANCE AND SCALE

Engineered from the ground up with keen attention to detail, the Corelight Sensor runs a minimalist, custom OS, based on the Linux kernel. A specialised NIC provides the performance that large-scale deployments require, with built-in support for merging high-volume traffic feeds.

JUST WHAT YOU NEED, NOTHING EXTRANEOUS

The Corelight Sensor provides a carefully tailored subset of Bro functionality, focusing on efficient file extraction and reliable export of Bro's renowned network logs to Splunk, Kafka, Syslog, S3, or an external file server.

newgen systems logo

PROFESSIONAL SERVICES

With over a decade of experience in designing and building enterprise grade monitoring solutions, our professional services team is here to take your organisation from monitoring zero to monitoring hero.

Corelight Sensor AP 200 | 1000 | 3000

2 | 10 | 25 Gbps monitored traffic
1U rack mounted appliance
15 minute out-of-band deployment

When Corelight's chief scientist created Bro at Lawrence Berkeley National Laboratory in 1995, he never imagined it would be used worldwide more than 20 years later. For over 20 years the founders of Corelight have been building and improving the open source software, and now they've founded a company called Corelight.

Get in touch

Whether you're already using Open Source Bro in some capacity in your organisation or not, you’ll likely find a lot of value out of what Corelight are doing to enable faster threat hunting. If you'd like to hear more then please leave your details and one of our experienced Solution Architects with be in touch.

 

 

Get in touch

Whether you're already using Open Source Bro in some capacity in your organisation or not, you’ll likely find a lot of value out of what Corelight are doing to enable faster threat hunting. If you'd like to hear more then please leave your details and one of our experienced Solution Architects with be in touch.