How Encrypted Traffic Visibility works

We achieve our high protection rates (99.99%) and deliver efficiency by using metadata to score encrypted traffic flows.

  • Your encrypted data is gathered by our collectors which extract metadata that is sent securely to the Barac platform for real-time analysis.
  • Using machine learning and advanced behavioural analytics we identify known attacks, abnormal traffic and infected beaconing.
  • Alerts are sent via API to your cyber teams via an easy-to-use web interface or straight into your SOC. Alternatively, we can provide direct integration with your existing SIEM platform.
  • Dataflows can be terminated or re-routed through defined service maps, allowing for optimal use of your existing network and security infrastructure.
  • Using the Barac platform reduces costly false positives in encrypted data by over 99%.

Agnostic approach = improved ROI

Barac Encrypted Traffic Visibility is hardware and software agnostic. Which means there’s no need to replace your existing cyber technology. Our solution can rapidly integrate with your existing infrastructure to deliver protection across all your encrypted and unencrypted data. So, your existing cyber investments are put to optimum use.

Key benefits at a glance

  • Expose hidden threats without decryption
  • Detect abnormal traffic
  • Detect in real time
  • Integrate with SIEM/SOC
  • TLS 1.3, FIPS, GDPR compliant
  • No need to decrypt
  • HTTPS traffic
  • Crypto-compliance monitoring improved
  • Maximise security investments
  • Improve efficiencies & false positive reductions
  • No traffic slowing for decryption
  • Easily scalable to fit future needs

Advanced features

The Barac R&D team are continuingly working on enhancements to our Encrypted Traffic Visibility solution. As new features are added, they are automatically made available to existing customers. Here are the latest additions:

Beaconing detection

Utilising micro segmentation algorithms, we detect services that are hogging your bandwidth, and protect you against command and control servers and abnormal activity.

Pre-emptive DNS scoring

Until now, DNS protection has relied upon blocking the ‘known-bad’. But, using machine learning and supervised classification algorithms, we can now spot bad DNS signatures before anything bad actually happens.