All-in-one 100G “Suricata-on-Steroids” network security appliance
Industry’s highest-performance Suricata-based NIDS, NSM, and NDR solution
Event Logs I PCAP Capture I SIEM Alerts
The NEOXPacketOwl Virtual Series is a versatile, all-in-one Network Intrusion Detection System (NIDS), Network Security Monitoring (NSM), and Network Detection & Response (NDR) virtual probe appliance for cloud, virtualized data centers, and branch edge applications. Powered by an Open Suricata–optimized threat detection engine, PacketOwl Virtual is the industry’s most advanced and scalable virtual solution in its category, designed to identify, analyze, log, and alert on cyberthreats in real time. With its lossless architecture, PacketOwl Virtual also captures and analyzes event-triggered packet data in PCAP format for forensic analysis, incident response, and compliance.
NX-NSMPO-VM-2 — virtual probe with 2 CPU cores and up to 10TB of cloud storage
NX-NSMPO-VM-5 — virtual probe with 5 CPU cores and up to 50TB of cloud storage
NX-NSMPO-VM-10 — virtual probe with 10 CPU cores and up to 100TB of cloud storage
PacketOwl Virtual Network Security
PacketOwl Virtual is a powerful, cloud-ready network security appliance that brings the full capability of PacketOwl’s “Suricata-on-Steroids” engine into virtualized and containerized environments. Designed for unmatched network security Network Security Monitoring (NSM), and Network Detection and Response (NDR) it offers deep visibility and real-time threat response for modern hybrid-cloud and multi-cloud infrastructures.
Deployable as a standalone virtual Clear NDR probe, PacketOwl Virtual is engineered to identify, analyze, log, and alert on threats with high precision. Its advanced event-triggered packet capture and forensic indexing allow for comprehensive traffic analysis and historical insight—without sacrificing performance. With flexible, instance-defined throughput scaling, it adapts seamlessly to your virtual resource availability.
Built for the modern enterprise, PacketOwl Virtual supports fast deployment via Debian package or Docker image, making it ideal for environments running VMware, Kubernetes, AWS, Azure, and Google Cloud. Its lightweight footprint and modular design enable rapid integration into existing cloud security workflows.
PacketOwl Virtual feeds enriched alert and log data into SIEM systems and SOCs, with support for industry-standard log formats and export over GRE or VXLAN tunnels to on-prem logging infrastructure. Log rotation, compression, and user-defined rules ensure optimized log management across diverse environments.
With native PCAP and PCAP-NG support, PacketOwl Virtual maintains full interoperability with tools like Wireshark for deep packet inspection. It delivers enterprise-grade NSM and forensic capability without the need for physical hardware, offering scalable, container-friendly network defense that aligns with today’s agile, cloud-native security needs. Whether deployed in a single tenant cloud, multi-tenant architecture, or hybrid data center, PacketOwl Virtual ensures threat visibility and response at every layer. Shop PacketOwlVirual
MODELS
| SKU | ANALYSIS THROUGHPUT | EVENT HANDLING | EVENT LOGGING | PACKET CAPTURE | DISK CAPACITY |
|---|---|---|---|---|---|
| NX-NSMPO-VM-2 | Instance depended | Instance depended | Instance depended | 10 Gbps | 10 TB |
| NX-NSMPO-VM-5 | Instance depended | Instance depended | Instance depended | 25 Gbps | 50 TB |
| NX-NSMPO-VM-10 | Instance depended | Instance depended | Instance depended | 50 Gbps | 100 TB |
HIGHLIGHTS
The industry’s fastest and most versatile “Suricata-on-Steroids” solution with an all-in-one IDS, NSM, and NDR appliance
Compatibility with Suricata signature-based rulesets and user-defined rules
Purpose-built for hybrid cloud, multi-cloud (AWS, Azure, GCP), software-defined data centers (VMware), service providers, virtual branch, edge, and other virtual deployments
Highly scalable, event-triggered security logs with associated packet capture
Tamper-proof logging for auditing and compliance
Automated log management with intelligent log rotation and compression
Seamless integration with SIEMs, NDR tools, and Syslog, with northbound alerts for SIEMs (e.g., Splunk) and SOCs
Integrated with the Stamus Clear NDR solution as a virtual NDR probe
Full compatibility with existing security ecosystems
KEY FEATURES
- Cloud-native Open Suricata-based IDS, NSM, and NDR
- Instance-dependent scalable events/second handling
- Automated Log Management with smart rotation/compression
- Seamless Integration with SIEMs, NDR tools & Syslog. North-bound Alerts for SIEM and SOC consumption
- Smart Forensic and Zero-Loss Packet Capture (PCAP) at 100Gbps CTD with cloud or on-prem exported storage with smart conditional capture
- Precision Threat Hunting with Lua scripting & forensic PTP timestamps
- Compliance with Government/Federal EO 14028, M-21-30 & FIPS 140-2
Deployment
SERVICE & SUPPORT
Unparalleled Multi-Level Service & Support for Peace of Mind
NEOXPacketOwl Appliances come with NEOX SILVER Support and can be upgraded to GOLD Support for advanced replacement in case of a hardware failure.
FEATURED CONTENT
Creating Solutions for Your Success
Solution brief
NEOX & STAMUS Clear NDR
data sheet
PacketOwl NIDS/NSM/NDR
Product Brochure
A Complete Guide to Products
