Exeon.NDR

Hybrid, distributed, and increasingly encrypted networks create blind spots that traditional security tools can't see into. At the same time, attackers move laterally and faster across IT, OT, and cloud environments.

Exeon Analytics is a Swiss security analytics software vendor delivering holistic visibility, reliable detection, and actionable response across all networks. By combining AI-driven behavior analytics with expert-built detection logic, Exeon.NDR uncovers hidden threats, reduces blind spots, and enables compliant, sovereign cyber defense.

What Exeon.NDR contains

• Exeon.NDR virtual appliance
• Parser to ingest log data
• Data Lake to store normalized log data
• Analytics platform based on IoC, network expert ruleset, supervised & unsupervised machine learning algorithms
• Web GUI for investigations
• Integration into Microsoft Sentinel
• Powerful Rest-API

What you gain with Exeon.NDR

Exeon.NDR addresses medium-sized and large companies with high security requirements and complex infrastructures. CISOs, SOC teams, heads of infrastructure, network administrators, and IT management can benefit from Exeon.NDR if they are looking for the following solutions:

• Full network visibility, no blind spots: See all assets and communication paths across IT, OT, cloud, and hybrid environments – even when traffic is encrypted.
• Early detection of advanced threats: Identify lateral movement, APTs, and unknown attacks using Al-driven behavior analytics and expert rules.
• Less noise, better SOC efficiency: Reduce noise with correlated, high-fidelity alerts and intuitive network visualizations that speed up investigation and response.
• Lower Total Cost of Ownership (TCO): No sensors or agents to maintain, combined with strong data reduction that lowers SIEM ingestion and storage costs.
• Fast deployment & integration: No sensor or agent installation required. Built-in detection rules and open APIs enable quick SIEM, SOAR, and SOC integration.
• Compliance, data sovereignty & privacy: Supports NIS2/DORA with fast visibility and reporting. On-prem deployments and metadata-based analysis ensure data privacy.

Recommended VM sizing for Exeon.NDR

Depending on the quantity of internal, analyzed IPs in the company following VM appliance sizing is recommended for running Exeon.NDR:

• Up to 2500: E8as Standard v4 (8 cores, 64 GB RAM)
• Up to 5000: E16as Standard v4 (16 cores, 128 GB RAM)
• Up to 10000: E20as Standard v4 (20 cores, 160GB RAM)
• Up to 20000: E32as Standard v4 (16 cores, 256 GB RAM)

The recommended VM sizing considers the ingestion of network data into a single VM appliance. If additional log data sources such as proxy or secure web gateway are to be ingested resp. analyzed or a multi-node VM deployment is requested, please contact your Exeon partner to define the appropriate VM sizing.