1.3. Presentation of the GCap

The GCap is an IDS type detection probe deployed at each site.
It enables:
  • capturing and analyzing network traffic from TAPs

  • reconstructing the files present in the analyzed flow (according to type and size parameters)

  • carrying out an initial analysis

  • generating alerts and / or metadata type events

  • transmitting files / codes / events to the GCenter

For more information, please refer to the GCAP documentation.