Lumeta IPsonar

Continuous, on-demand network situational awareness

Lumeta Network Situational AwarenessEnterprise networks are large, complicated and fast-changing. Typically, there are hundreds or thousands of network infrastructure-based changes every month, each of which has impact on the cybersecurity posture of the business. Such dynamic network changes are oblivious to host vulnerability assessment (VA) scanning tools leading to a 20% gap in network situational awareness.

Lumeta® IPsonar® leverages a suite of Recursive Network Indexing techniques to crawl the enterprise network and find the unknown and undocumented.  This makes IPsonar the authoritative source for IP address space and network infrastructure visualization, routed and bridged topology, discovery of connected devices/profiles and cybersecurity anomalies that are really there, right now.


Network Architecture Analytics
  • Validate and reconcile enterprise-wide IP address space – CIDRs actually found in use, versus known
  • Discover and resolve the network’s edge
  • Authoritatively census all attached network infrastructure devices, computers, servers, hosts and other devices like printers, VoIP phones, cameras
  • Clientless and agentless profiling of equipment vendors and operating systems
  • Examination of digital certificates that are self-signed or expired
  • Lumeta IPsonar plug-in framework provides analysis metadata to VA tools for closed-loop remediation


Network Segmentation Analytics
  • Discover unknown, undocumented networks that are actually in use
  • Discover those known/documented networks that are non-responsive, unreachable
  • Find routed (L3) “leak paths” from critical internal networks to the Internet or in between network enclaves
  • Find bridging and forwarding (L2) violations between interfaces of multi-homed hosts or split tunneling violations
  • Issue network segmentation alarms and alerts into SIEM, GRC, device policy management tools for closed-loop remediation


Cybersecurity Analytics

The Lumeta IPsonar Cyber Threat Probe consumes open source and commercial threat intelligence data streams and correlates with Lumeta indexed metadata to:

  • Discover zombie computers compromised by malware that are operating on your network
  • Discover whether known command and control (C2) infrastructure on the Internet is accessible from anywhere inside your network edge
  • Discover whether known Dark Web (TOR) exit nodes are accessible from anywhere inside your network edge
  • Find nefarious TCP/UDP port usage by known malware exploits
  • Find TCP/UDP port usage which may be an indicator of compromise – i.e. RDP, FTP usage violations


Lumeta IPsonar Technology and Architecture


Lumeta IPsonar Use Cases

SANS 20 Critical Security Controls

Audit & Compliance

Mergers & Acquisitions

Operationalizing Threat Intelligence