GREYCORTEX has released the latest version of our MENDEL network traffic analysis solution. Version 3.1 has several important new features which improve detection and response for the network security team.
False positive management has been improved, including new "default" false positives, host tagging, and usage statistics to improve detection and eliminate false alarms. Version 3.1 also offers a new NetFlow module to process multiple NetFlow sources more quickly. MENDEL is now able to block selected communications via external firewalls and routers directly from within MENDEL. There’s even a new color scheme.
New features include:
  • A new, redesigned false positive manager dialog for improved user experience, including default false positives and host tagging, saving time in false positive creation, and improving accuracy across like devices.
  • Added a new Netflow module to process netflow data more quickly for users with multiple, smaller locations like branch offices where a full MENDEL sensor may not be practical
  • Enhanced the plugin system for reporting events into external systems like routers, firewalls, as well as the use of custom and parameterized scripts, so users can take actions like blocking offending communications via firewall directly from the MENDEL interface.
  • Additional new features include
  • Added integrated NTP protocol visibility
  • Added integrated NFS protocol visibility
  • Added recognition for Out of Order, Zero window, and other packet errors into flows
  • Added the server name field from HTTPS communication
  • Added host discovery time into host dialog
  • Added support for downloading system logs from remote sensors


  • Reworked Samba protocol to improve visibility and parser performance
  • Improved performance of flow storage in the system
  • Improved the Service No Reply detector for better handling of communication errors and tuned settings and descriptions of methods
  • Improved the Malware Spreading correlation rule to eliminate false detections
  • Improved rendering of certificate information
  • Improved the reporting of SPAN port outage events to eliminate false alarms
Bug Fixes
In general, our development team focused on improving the user experience and reporting.
Contact your local GREYCORTEX partner to find out how you can put MENDEL v3.1 to work for you.

About Version 2 Limited 
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Founded in 2016 in Brno, Czech Republic, GREYCORTEX helps organizations make their IT and OT operations secure and reliable with uses advanced artificial intelligence, machine learning, and data mining methods which detect advanced threats to security and risks to reliability that other solutions miss.

Previous News Next News

Return to the previous page