We are happy to announce the latest version of GREYCORTEX MENDEL. Version 2.8 includes three new important features: the first is the Event Collector. Released as part of v2.7 (a limited release), the Event Collector offers the opportunity to centrally monitor events from several remote GREYCORTEX MENDEL collectors. The second major new feature is the Correlation Engine. This tool correlates individual, less-serious events – which together may be indicative of attacks within the network, to more effectively alert security analysts. Finally, MENDEL 2.8 includes proxy pairing functionality which identifies source or destination addresses hidden by proxy servers, which will allow security analysts to better identify potential issues on the network and provide even greater visibility.
New Features
- Added a beta version of the Correlation Engine, including seven tuned rules which further increase security (The feature may be turned on by going to Settings->System Components)
- Added a proxy pairing feature to display source or destination addresses hidden by a proxy server
Improvements
- Optimized the display of charts and tables in the Network module
- Added information about the type of key exchange algorithms in HTTPS and TLS flows
- Improved the calculation of flow metrics to show values valid for specific parts
Bug Fixes
- Fixed issues with disabling deep packet inspection and enabling rules in IDS
- Fixed an issue with updates to older installations
- Fixed issues with MS-SQL protocol parsing at higher speeds
- Fixed an issue with displaying current values on the Network Services tab
- Fixed an issue with displaying multiple VLAN IDs in a single flow
- Fixed issues with parsing SMB flows
- Fixed issues with editing export definitions
- Fixed an issue with pagination results in the Peers graph
- Fixed issues with restarting services
- Fixed an issue with filtering by protocol type
- Fixed an issue with deleting user-defined filters
- Fixed an issue with saving user-created or user-defined filters
- Fixed an issue with displaying VLAN statistics in the Analysis module
- Fixed an issue with exporting records in CEF and Syslog formats
- Fixed an issue with long hostnames
- Fixed issues with calculating the minimum and maximum duration of flows
- Fixed link formatting in Exports
- Fixed an issue with displaying ASN names in flows
- Fixed an issue with displaying host information in the Analysis module
- Fixed the calculation of RTT and ART metrics in long term flows with unfinished communication
- Fixed an issue with the validation of row counts in Column Manager
About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.
MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.
MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.
