High Speed Security Analytics with Forensic Packet Capture

Modern security demands more than logs and alerts — it requires complete, packet-level visibility. FMADIO’s Network Security platform combines lossless packet capture, high-performance storage, and containerized security analytics to deliver the forensic depth and real-time detection for today’s networks.

From threat hunting and intrusion detection to retrospective IOC sweeps and regulatory compliance, FMADIO provides a scalable, flexible foundation for network security operations at full wire speed.

Visualize all IDS alerts

Forensic Packet Capture for Network Security

At the core of every FMADIO appliance is a zero-loss packet capture system built on FPGA-based NICs and SSD-based storage. Packets are timestamped with nanosecond precision and written directly to disk, ensuring that even during high-volume bursts or system overloads, no traffic is dropped.

Captured data can be filtered, indexed, exported as PCAPs, or streamed into security tools for in-depth analysis. Retention scales from days to months — depending only on disk size — with support for multi-hundred terabyte deployments.

This forensic capture layer forms the trusted baseline for breach investigation, insider threat detection, network compliance auditing, and historical traffic reconstruction.


Containerized Security Tools with High-Speed Traffic Access

Every FMADIO appliance supports LXC containers, enabling you to run security tools directly on the same system that captured the packets. These tools — open-source, commercial, or in-house — receive filtered traffic through FMADIO’s proprietary ring buffer, capable of tens of Gbps throughput per ring to a container with built-in backpressure.

This makes it possible to:

  • Run IDS tools (e.g. Suricata, Zeek)

  • Extract DNS, HTTP, or TLS metadata

  • Run ML-based detectors on past traffic

  • Deploy new analytics retrospectively, on already captured data

Unlike typical tap-based architectures, this approach enables IOC sweeps, threat hunts, and malware scans without needing to replay or reprocess archived PCAP files.

Look for suspicious domain lookups

Security Insight – High-Speed Suricata IDS with Forensic Retention

Security Insight runs Suricata in a dedicated container, fed by FMADIO’s high-speed ring buffer. It receives lossless packet streams and writes all alert and metadata events to a local or remote database— including HTTP, TLS, DNS, file, and flow data.

This enables:

  • East-west threat detection and policy enforcement

  • Post-breach analysis with full packet capture context

  • Long-term retention of IDS metadata for audit or compliance

Customers can load any ruleset — including ET Open, ET Pro, or custom signatures — and performance scales to tens of Gbps, depending on rules enabled. Grafana dashboards are included out of the box.

Check what unencrypted connections are being made

Flexible Security Architecture

FMADIO’s security model is designed for adaptability:

  • Run multiple containers per appliance, each with filtered traffic

  • Combine FMADIO-provided tools with your own analytics stack

  • Query raw data, visualize trends, or trigger automated responses

  • Your choice of database (Clickhouse, Elastic, OpenSearch, Splunk etc.)

  • Flexible deployment to suit any size of network

All applications run directly on the capture appliance next to the storage — no additional tap infrastructure or traffic forwarding required. This reduces complexity while increasing agility and visibility.


Built for Modern Security Workflows

  • Post-breach investigation

Deploy updated rules or new tools to scan previously captured traffic for IOCs or malware indicators. Avoid the delays and complexity of replaying PCAPs into external systems.

  • East-west visibility

Monitor internal traffic for lateral movement, policy violations, or unknown applications — without the performance penalty of inline inspection.

  • Zero Trust enforcement

See unauthorized or unexpected communications between segments or zones. Security Insight supports enforcement visibility in distributed, microsegmented environments.

  • Compliance and audit

Retain IDS and protocol metadata with accurate timestamps and deep context. Ideal for NIS2, PCI DSS 4.0, financial recordkeeping, and internal governance.

Check the validity of encrypted sessions

Every Packet Counts

The best security insights come from complete data. With FMADIO, you get:

  • Full packet capture with nanosecond-accurate timestamps

  • Lossless capture at 10G, 40G, 100G rates

  • Containerized analysis tools with flexible deployment

  • Real-time dashboards and historical search via Grafana

  • Control over your tools, data, and architecture

 Request a demo to see FMADIO Network Security in action.