R-Scope Advanced Threat Detection

Real Time Threat Visibility

R-Scope delivers real-time network visibility, situational awareness, and event detection at the speed of today’s enterprise. Our enterprise-ready appliances seamlessly integrate with your IT operations, equipping your teams with easy-to-use tools to defend against rapidly evolving cyber threats.



Smart as a Whip

Zero-days and APTs can’t hide from R-Scope’s network visibility. R-Scope incorporates the most advanced threat intelligence technologies available with context-aware, policy-driven analytics to tease out the threats that are lurking at all levels
of your network.


Plays Nicely with Others

R-Scope easily integrates with existing network security solutions or internally developed security operations center (SOC) infrastructure, including Security Information and Event Monitoring (SIEM)

Better Hunting

R-Scope’s rich metadata provides the information about your network and assets that is necessary in order to fully leverage threat intelligence. Be prepared for the new generation of indicators of compromise. With R-Scope, you can easily compare and contrast metadata specific to indicators such as user-agent, certificate, ciphers, and more. Reduce false positives and increase the value of alerts.


Enterprise Secure

R-Scope is a purpose-built network monitoring appliance that takes security seriously. It supports multiple security roles that map to organizational roles and provides a security update mechanism for both Internet-connected and locked-down appliances. Your security appliances shouldn’t add to your security concerns!


Simple to Deploy

R-Scope’s turnkey, enterprise-ready approach seamlessly integrates with your existing network security and IT infrastructure. Tap it in, turn it on, and start gaining additional visibility into the threats on your network. It’s that easy.


Your Bro, only Better

R-Scope brings the power of Bro to enterprise deployments. R-Scope’s patent-pending Acceleration Layer speeds packet ingestion, while R-Scope’s Manageability Layer streamlines management for admins and analysts with a seamless command-line environment.

R-Scope® puts networks under a microscope so that customers can respond to both known and zero-day attacks before they become crises.

R-Scope is a sensor that enables real-time network visibility providing unprecedented levels of situational awareness at speeds up to 20 Gbps. Our turn-key, enterprise-ready appliance seamlessly integrates into IT operations equipping teams of all sizes with the easy-to-use tools required to defend against today’s and tomorrow’s cyber attacks.

Specifically, R-Scope provides deep network visibility, advanced situational awareness, and real-time security event detection by extracting cyber-relevant data from network traffic. R-Scope leverages the richness of the Bro open-source analytics language, is architected to connect to major SIEM systems, and incorporates the most advanced threat intelligence technologies available. R-Scope is commercially available in compact, ready-to-deploy packages that fit into your environment.

Bro Powered, Enterprise Ready

Leverage the power of Bro in your enterprise with R-Scope Appliances. R-Scope is more than Bro-in-a-box; we add value above and below the Bro engine. Our R-Scope acceleration layer includes patent pending technology to accelerate packet ingest into Bro, while the R-Scope
Manageability Layer wraps the whole system in a seamless command-line environment to streamline management for over-burdened admins and assist busy analysts with productive development workflows.



Hardened for the Enterprise

We start with hardware purpose-built for network monitoring, and then go to extreme lengths to provide a device that is secure to run and easy to administer. Starting from a minimal Linux environment running encrypted file systems, we secure the appliance from BIOS, to OS, to application. R‑Scope is enhanced to support multiple users with multiple security roles to map to the different operational functions within an enterprise. Additionally, we provide a secure update mechanism for both internet-connected devices as well as locked down, restricted access machines.

Streamlined Development Environment

Working with researchers and practitioners, we have developed a streamlined, on-box, development environment to allow production and development Bro instances to run side-by-side. Users can write
applications in our development sandbox, and use PCAP traffic to test. When ready for deployment, the application is released into the production environment. The environment synchronization is
handled by a simple Git repository. Our goal is to keep your production sensor up and running while allowing your analysts to remain productive in development.


Avoid Integration Headaches

We make getting data into and out of the appliance as simple as possible by natively supporting the tools you already know and love. To get data into the box, use your existing Arista™ switch, or Gigamon™ packet broker. To export data, use the built in syslog or scp capability, and then visualize your data by simply connecting R-Scope to your Splunk™ instance or ArcSight™ installation. Download our Splunk app at: https://apps.splunk.com/app/1722/ to see more.

Deploy for the Long Term

R-Scope is available in two appliance models, both of which fit in a compact and efficient 1U form factor. R-Scope PACE™ scales to 20 Gbps of throughput across four SFP+ interfaces. DOMINATE™ scales to 100 Gbps across sixteen SFP+ interfaces. Enterprises can choose which model fits their needs and adopt a platform for network security monitoring that scales with them.

White Papers



R-Scope Executive Summary

R-Scope fills a void left by other Cyber Security products by offering a smarter, richer, and more complete view into your network. With today’s threat landscape, traditional signature-based protection is not enough; we must assume some threat actors will penetrate the perimeter and lurk in the network for weeks or months hunting for your most valuable assets. R-Scope enables the identication of sophisticated attack behaviors by today’s (and tomorrow’s) hackers with a real-time focus on what’s happening right now, in and around your network. By extracting relevant cyber security data from network traffic, R-Scope empowers analysts to react to known and zero-day attacks before damage is done.


Reservoir Labs and FireEye Solution Overview

Reservoir Labs and FireEye have partnered to deliver a solution that provides your security team with high fidelity alerts and introduces new ways of analyzing and cross-referencing your existing logs.  Identify and remediate threats faster by combining R-Scope’s rich metadata with FireEye’s Threat Analytics Platform.



The Gigamon and Reservoir Labs Joint Solution Overview

Reservoir Labs and Gigamon have collaborated to offer customers one of the most flexible IDS deployment options coupled with robust performance. The combination of Reservoir Labs R-Scope and the Gigamon Visibility Fabric™ architecture ensures traffic is analyzed and threats are detected in real time.



Reservoir Labs and Interface Masters Solution Brief

Interface Masters and Reservoir Labs have partnered together to develop an innovative, scalable network security solution. This joint solution incorporates the R-Scope DOMINATE appliance from Reservoir Labs and Interface Masters Niagara 2842 Network Packet Broker.



R-Scope Specifications Sheet

R-Scope® puts networks under a microscope so that customers can respond to both known and zero-day attacks before they become crises. R-Scope is a sensor that enables real-time network visibility providing unprecedented levels of situational awareness at speeds up to 100 Gbps.



Use Case: R-Scope at SUNY Old Westbury

When the State University of New York (SUNY) College at Old Westbury needed to get immediate network visibility across their campus, they turned to R-Scope® PACE.

How to Buy

R-Scope network security appliances are available directly from Reservoir Labs. Contact us or call +1 212-780-0527 for a quotation or for more information on how to strengthen your cyber defense infrastructure with R-Scope.