System Component Description

MetaDefender NDR is deployed on dedicated, high-performance commodity hardware, generally provided by the users after consulting with OPSWAT. The latest MetaDefender NDR installation image is available as an ISO and a deployment specialist can assist you with the installation process.

A typical MetaDefender NDR deployment environment consists of multiple sensors called "Collectors" and a single server called "Manager".

All updates, configuration, and tuning are accomplished through the Manager. Users interface with MetaDefender NDR through our on-premise web-­based User Interface (UI), our powerful and open RESTful API, or via SIEM integration. Furthermore, there are integrations available within your existing security infrastructure for a variety of antivirus and sandbox technologies that serve in a complementary capacity to MetaDefender NDR's analysis process.

Collectors are implemented at strategic points within the network and monitor the HTTP and SMTP sessions. Various analytic services running on each collector carve files, URLs, IP addresses, emails, and other artifacts out of these sessions. A single session can have multiple files and/or artifacts associated with it. Each of these files and artifacts are analyzed by a variety of internal, third-party, local, or cloud-based resources and results are then combined to produce an overall threat score.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
System Hardware Specification Requirements
On This Page
System Component Description