Abstract: Implementations disclosed herein provide a managed security service that distributes processing tasks among a number of network security modules working in parallel to process component portions of a replayed network traffic stream. If a network security module detects a potential security threat, the network security module may generate a delivery request specifying other information potentially useful in further investigation of the potential security threat. The delivery request is communicated to a plurality of other processing entities, such as the other network security modules, and any processing entity currently receiving the requested information may respond to the delivery request. Once a source of the requested information is determined, the requested information is routed to the origin of the request.

Abstract: Implementations disclosed herein provide a network agent embodied in firmware and/or software that replays network traffic of an enterprise network to an entity outside of the enterprise network. The network agent selects and processes the network traffic according to certain policies set by the enterprise network or a third party security management system. These policies allow for a capture and replay of high-integrity data that enables threat analysis.

Abstract: Implementations disclosed herein provide a network agent embodied in firmware and/or software that replays network traffic of an enterprise network to an entity outside of the enterprise network. The network agent selects and processes the network traffic according to certain policies set by the enterprise network or a third party security management system. These policies allow for a capture and replay of high-integrity data that enables threat analysis.