Defend your infrastructure
How secure are your networks? Did you know that most implementations of 802.1x NAC can be bypassed in seconds?
Many unmonitored network threats still plague the security of organizations large and small. Broaden your monitoring capabilities and discover threats previously kept under the radar. Artio shines a new light on your network to reveal things no other solution can see.
Artio is the first commercially-available solution to detect Ethernet ghosting / NAC bypass. Artio also detects network scans, partial ghosting / MAC theft, poisoning / MITM (Man-In-The-Middle) and more.
Designed to be simple to install and operate, Artio integrates seamlessly into your existing network monitoring infrastructure (NMS). Individually configure detection engines, network parameters, NMS integration and more through USB with an easy-to-use command-line interface.
Easy to install, easy to operate
Presented as a standard 19" rack-mount unit (1U), Artio is easily integrated into most server racks. With a short depth of only 230mm (including power connector), it will even fit most small network cabinets.
Artio has only two network interfaces - the one labeled "CTL" connects to your monitoring / control network while the other, labeled "DET", connects to whatever you wish to monitor.
The DET port can be connected either directly to a single network, or to a VLAN trunk carrying multiple networks. Tagging can be configured easily through USB.
Artio automatically detects and configures any VLANs you bring to its DET port, resulting in a true plug-and-play installation in many cases. If desired, VLANs can also be manually configured through USB.
Artio is divided into two main parts: the ADE (Artio Detection Engine) probes the network(s) it is connected to and reports back to the ACE (Artio Control Engine), which is connected to your management / control network. As the label suggests, the "DET" port belongs to the ADE while the "CTL" port belongs to the ACE.
The micro-USB port functions as a standard serial port (UART). Simply plug in a computer and load up any terminal application (such as MobaXterm or Putty) to access the Artio system configuration.
No leaks
Ensuring absolute packet-tight isolation between the two sides is critical, therefore we designed Artio in such a way to make this impossible.
This split is not just in software. Two separate processors run each side independently, communicating only over a serial link using a dedicated messaging system for internal event reporting and configuration.
In fact, no operating system is even there to be compromised. Both the ACE and ADE are running custom bare-metal code from read-only memory.
SNMP integration
Artio offers SNMP v2c service through its CTL port. System information and network details can be queried through it. Additionally, SNMP Traps are sent by Artio any time anomalies or intrusions are detected.
A MIB definition is provided along with the Artio system for integration into NMS systems.
Configuration of the SNMP service can be made through the USB command-line interface using simple commands.
Big network? No problem
To cover all your needs, Artio is available as three distinct models. Please refer to the following table for a comparison:
Model | Maximum hosts |
VLAN capabilities (Maximum networks) |
Green | 200 | 1 |
Orange | 400 | 4 |
Black | 800 | 8 |
Each model can monitor up to a certain number of hosts. These can be spread across multiple VLANs on the Orange and Black models.
Detection capabilities
Artio actively monitors every host on the network to detect a wide range of network anomalies including:
- Ethernet ghosting / NAC bypass
- partial ghosting / MAC theft
- ARP poisoning / MITM
- ARP bombing / flooding
- network scans
As soon as an anomaly is detected, it gets reported as an SNMP Trap sent to the NMS, as well as a message on the USB command-line interface.
The status of the network(s) can also be shown on the front panel LCD display.
With a constantly evolving security landscape, no guarantees can be made as to the detection of new methods or previously unseen variants. We are committed to continuously furthering our research and implementing necessary changes to our detection algorithms to ensure the highest level of security for your infrastructure. This is made clear through our support model described below.
Upgrades & support
Each Artio unit is backed by a three-year support contract (renewable). This includes dedicated help and support, exclusive access to upgrades as well as the option to have your unit replaced in case of any malfunction (yes, this covers interns knocking over the network cabinet).
If you experience any issue with your Artio unit, we will replace it free of charge as quickly as possible. No questions asked.
The support contract grants access to all upgrades, both software and hardware. Any new feature that gets added is delivered directly to you, even if that means shipping you a brand new unit.
Upon reaching the end of the three-year support period, the contract can be renewed yearly at a cost of SFr. 1900 per year.
Conditions apply. Please refer to the support contract provided with your Artio system for details.
What's included
Along with each Artio unit, the following are also provided:
- Swiss standard power cord (T12 plug)
- 2x Cat6 cable (1m)
- 1.0M USB cable
Documentation
The documentation for the Artio is available here: Artio User Guide.