Comodo NxSIEM SensorReveal what is hidden.

Comodo NxSIEM Sensor

Comodo NxSIEM Sensor

NxSIEM sensor is a passive network monitoring device that seamlessly weaves together three core functions: network monitoring, full packet capture, network-based and host-based intrusion detection, providing important amount of data for powerful network security analysis. By only deploying NxSIEM sensor in your or your customer's network, you can instantly gain significant security visibility.

NxSIEM Sensor fuses signature and anomaly based intrusion detection that monitors network activity and logs any connections, DNS requests, detected network services and software, SSL certificates, and HTTP, FTP, IRC SMTP, SSH, SSL, and Syslog activity, providing a real depth and visibility into the context of data and events on your network

NxSIEM Sensor Benefits

  • Network Security Monitoring

    NxSIEM sensor passively integrates to your network and logs activities. These activity are then enriched, correlated or analyzed by Comodo NxSIEM to generate real alerts. Comodo NxSIEM sensor generate high quality network monitoring logs that is fully compatible with NxSIEM predifned content.

  • Intrusion Detection

    Comodo NXSIEM detects intrusions or intrusion attempts by the NxSIEM Sensor's IDS and monitoring capabilities combined with powerful analysis and correlation features of NxSIEM cloud. This combination significantly eliminates false positives and gives you timely and correct information about intrusion attempts towards your network.

    Comodo’s SIEM cloud has many predefined correlation rules designed for NxSIEM sensor that starts generating alerts on suspicious situations immediately after installation of the sensor.

  • Full Packet Capture

    Comodo NxSIEM sensor is capable of performing full packet capture. This enables both detailed analysis for critical incidents and forensic analysis after an attack using captured packets

  • Instant Analysis on NxSIEM Cloud

    Comodo NxSIEM sensor generates logs that is completely compatible to NxSIEM and every information sent from the sensor is normalized, classified and correlated by NxSIEM cloud. This provides easy and immediate security intelligence system enablement across your customer's network.Timely and meaningful alerts that have adequate severity and priority levels are generated automatically without stringent process of defining custom rules, queries or reports.


  • Passive device, no network overhead
  • Can be deployed on dedicated hardware or virtual environments
  • Network Based Intrusion Detection
  • Host Based Intrusion Detection
  • Full Packet Capture for deep analysis
  • Transport data to NxSIEM Cloud through SSL Channels
  • Integration via network tap or SPA