LogRhythm NetMon Freemium

Detect Threats in Real Time with our Free Network Monitoring and Forensics Tool

Achieve enterprise-wide visibility for free. Download NetMon Freemium for real-time network-based threat detection and network-based incident response. Watch the video to the right to learn more about how NetMon can help you detect threats on your network in real time. Or give NetMon Freemium a try today by requesting your download link via the button below.

6 Ways to Use NetMon Freemium to Secure Your Network

Not sure where to get started with NetMon Freemium? Here are six ideas of how to use our free tool to discover threats on your network.

  1. Surface data exfiltration activities: Identify long-running sessions, “low and slow” sessions hidden in normal traffic, anomalous outbound network sessions, and other activities indicative of data exfiltration.
  2. Discover operational anomalies: Verify that you aren’t seeing protocols or traffic that you think you’ve blocked or traffic between systems that should be isolated from each other.
  3. Find hiding security threats: Catch security threats hiding in low-level chatty protocol like DNS, SMNP, or Kerberos.
  4. Detect botnets and beaconing: Identify traffic using anomalous ports. View malformed packet headers. Recognize command and control callbacks.
  5. Expose nuisance apps and bandwidth hogs: Discover when apps that are against corporate policy are being used. Find out who or what is taking up the most bandwidth.
  6. See where your network traffic is going: Identify outbound IP and URL destinations and classify traffic by ingress, egress or lateral motion in your network.

NetMon Freemium vs. Full Commercial License

NetMon Freemium provides the same enterprise grade functionality as a full NetMon license, but with limits on processing, packet storage, and data forwarding. All other features and functionality are fully enabled and usable to help you:

  • Search against all observed network traffic
  • Identify abnormal traffic patterns and application usage
  • Quickly analyze full packet captures

Learn more about an enterprise NetMon license.

Download NetMon Freemium

Ready to deploy NetMon Freemium to quickly identify threats in your IT environment and accelerate incident response?

NetMon Freemium Deployment Scenarios

To understand about how you can deploy NetMon Freemium in your environment, click on the images below:

Sample alt text

On a server: For maximum performance

NetMon Freemium offers up to 1 Gbps throughput. To take full advantage of the throughput offered, we recommend:

  • A system that meets the standard deployment as found in the NetMon Freemium FAQ
  • Download NetMon Freemium and choose the ISO from the download options
  • Follow the install instructions included with the ISO
  • Tapping the network:
    • Use a SPAN port on a core switch
    • Connect to a packet broker
    • Use an active tap
Sample alt text

On a mini-PC: For small and affordable deployments

  • Obtain a micro PC
  • Download NetMon Freemium and choose the ISO from the download options
  • Follow the step by step guide on How to Build a Miniature Network Monitor Device blog
  • Tapping the network:
    • Connect to a SPAN port on a switch
    • Configure a home switch to use port mirroring
    • Use a passive tap (we’ve used the Lan Tap Pro from Hacker Warehouse)
Sample alt text

On a VM running on a computer: For capturing local traffic to/from your PC

  • Ensure your equipment meets the small footprint deployment requirements as found in the NetMon Freemium FAQ
  • Install VirtualBox on your laptop
  • Download NetMon Freemium and choose the VM image from the download options
  • Follow the install instructions included in the Getting Started Guide for the VM image
  • Tapping your network:
    • The VM image is configured to collect from the wireless network port on your machine
    • Only traffic going to or coming from your machine via wireless will be monitored

Minimum Requirements for NetMon Freemium

For best results, a dedicated system that meets the requirements found in the FAQ is recommended. However, NetMon Freemium can be configured to run on a smaller footprint.

NetMon Freemium is Linux-based. The installer includes CentOS 7.2 Minimal and NetMon.

  • Free disk space: 60 GB
  • Memory: 12 GB RAM recommended, 8 GB RAM minimum
  • CPU/Processor: 4 cores recommended, 2 cores minimum
  • Network Interface Controllers (NICs): 2 1Gbps NICs recommended, 1 1Gbps NIC minimum

Learn More About LogRhythm NetMon Freemium

LogRhythm Community