The cost-efficient Open source Packet Broker Visibility solution harnesses truly open source tools for comprehensive visibility and analysis that benefits up to 80% TCO(Total Cost Ownership).
The packet stream to Arkime will be fed by Aviz OPBNOS, providing the capability to filter, load-balance and aggregate traffic from network taps.
Arkime is a large-scale, open-source, indexed packet capture and search system that augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access.
Arkime uses Elasticsearch (ES) as its backend data store for storing and indexing network traffic data. Elasticsearch is designed for fast indexing and searching of large volumes of data. It also provides a flexible query language that allows users to easily search and filter data based on various criteria, such as IP addresses, ports, protocols, and time ranges while also being highly scalable and can handle large volumes of data across multiple nodes in a cluster.
Kibana is a free and open frontend application that sits on top of Elasticsearch(ES), providing search and data visualization capabilities for data indexed in Elasticsearch. Kibana is a data visualization and management tool for Elasticsearch that provides real-time histograms, line graphs, pie charts, and maps. Kibana also includes advanced applications such as Canvas, which allows users to create custom dynamic infographics based on their data, and Elastic Maps for visualizing geospatial data.
Aviz OPB Visibility solution is truly based on open networking principles using open networking switch hardware running software-defined OPB NOS built on OpenSource NOS SONiC providing aggregation, filtering and load balancing of monitored traffic. The monitoring solution is completely designed using open-source analytics software for packet processing, storage and visibility on commodity x86 nodes.
The following OSes should work out of the box:
Arch
CentOS/RHEL 7, 8, 9
Amazon Linux 2
Ubuntu 18.04, 20.04, 22.04
An installation of Docker Container Engine.
