Network Traffic Analysis - Geolocation

WANVector monitors packet traffic and geolocates that traffic in real-time while comparing the discovered destinations to the CyVectors AI cloud. Geolocated destinations are shown on a world map, while also reporting local port, remote port, remote country, and whether the destination is a known threat according to the AI cloud. Additionally, WANVector records packet traffic, discovered destinations, and destination threat level to a local text log and to Windows Event Logs for the Event Forwarding Agent to send to your SIEM as syslog.


This solution is commonly used to find malware command and control traffic over trusted ports like 443.


This software runs on any Windows desktop or server version supported by Microsoft, and can be delivered in bulk by automated software delivery platforms.


WANVector performs scanning of the surrounding network and reports those scan results every two minutes to Windows event logs, and syslog when using CyVectors EFA.

Easy installation

Use case: One WANVector agent per remote office, install CyVectors event forwarding agent to send discovered paths to CyVectors Vector Analyzer or other SIEM platform

  • Real-time packet geolocation on world map

  • Identifies threat traffic on local port or SPAN port

  • AI-backed threat intelligence feeds

  • Reports malicious packet traffic to Windows event logs and syslog

  • Graphical interfaces display country, source port, remote port, and Windows process generating local AI threat matches 


©2007 - 2021 by CyVectors Software