GREYCORTEX has launched version 2.4 of its MENDEL solution. This release features several changes to help you better and more efficiently identify threats within your network. We have added a new incident management feature, as well as new MS-SQL and SIP parsers, multiple false positive elimination in IDS/NBA categories, and support for connecting multiple sensors to one collector. We have enhanced the detection and performance capabilities of our Network Behavior Analysis and Intrusion Detection System engines.

The full list of additional features, improvements, and repairs is below.

Additional Features

  • Added a brand new incident management feature
  • Added MS-SQL and SIP parsers
  • Added multiple false positive elimination in IDS/NBA categories
  • Added support for connecting multiple sensors to one collector
  • Added support for separate modification of IDS signatures per sensor
  • Added dynamic dashboard responsiveness
  • Added support for fail-safe connection and data recovery for remote sensors
  • Added support for deployment in Hyper-V virtualization environment
  • Added license change and renew capabilities
  • Added support for HTTP fields in IPFIX format
  • Added an automatic validity check for ISO installation files


  • Highlighted parsed L7 data in flows
  • Improved detection and performance of NBA methods
  • Improved the IDS core engine
  • Optimized Netflow processing up to 100,000 flows per second
  • Improved support for Netflow processing for most Cisco, Mikrotik, HP, and other network devices
  • Improved logging capabilities using syslog-ng
  • Improved the flow searching algorithm for the event detail field
  • Added a cookies field in HTTP parsers
  • Improved time synchronization using ntpd
  • Added a sensor column in network services
  • Tuned NBA method settings for DNS services
  • Improved dashboard descriptions

Bugs Fixed

  • Fixed update planning to avoid updating too frequently
  • Fixed an error in saving flows caused by data truncation
  • Fixed an export issue in CEF format
  • Fixed the filter for ipv6, ipv4 protocols, and tunneled traffic
  • Fixed network model visualization for the selected subnet/host
  • Fixed bigger packet processing
  • Fixed the displaying filter in dashboard component settings
  • Fixed severity for IP addresses in top lists by traffic
  • Fixed searching in false positive management
  • Fixed report generation
  • Fixed event calculation in dashboards
  • Fixed network configuration for setting IP address, network mode, and dns servers
  • Fixed editing network metric limits for hosts
  • Fixed user data export/import
  • Fixed typos in the event status monitor
  • Fixed the license information display
  • Fixed firewall editing rules

About Version 2
Version 2 is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.