<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

Clear NDR Licensing and Pricing

Stamus Networks delivers world-class threat detection and response solutions without the inflated costs of traditional NDR pricing models.

 

Unlike other NDR vendors, who charge per device/IP address or per user, our flat-rate pricing is based on the number of links being monitored and speed of the links – with unlimited hosts, IPs, and users – giving you unparalleled visibility at a fraction of the cost.

 

Pricing starts at less than $6,000/year per probe.

 

Simply tell us about your network environment, and we’ll provide a customized quote tailored to your unique needs – ensuring you get maximum threat protection without overpaying. 

Complete this Form to get a Custom Clear NDR Quote

Complete this online quote generator form to receive a customized quote for your implementation of Clear NDR.

If you need help determining how many probes you’ll need, please refer to the section below on “Determining Probe Requirements

How Licensing for Clear NDR works

Licensing (and pricing) is based exclusively on the number and performance of the Clear NDR network probes - the number of probes and the port speed of the link each probe is monitoring.

 

Probes are connected to a network TAP, packet broker, or SPAN/mirror port\, passively monitoring traffic without interfering with the network flow.

 

It is the port speed of the connection between the TAP, packet broker, or SPAN/Mirror port that determines the license level - 100 Mbps, 1 Gbps, 10 Gbps, 40 Gbps, or 100 Gbps (coming soon).

 

The central analytics system managing all the probes - Clear NDR Central Server - is included with the probe license. 

 

The license also includes unlimited hosts, unlimited users, unlimited API integrations, daily threat intelligence updates, and enterprise customer support.

Determining Probe Requirements

Clear NDR probes can be deployed in various ways, each with its own set of pros and cons. Clear NDR Probes are virtual or physical sensors that are deployed at strategic points in the network, such as the perimeter, data center, or cloud environments. This provides granular visibility and scalability, but requires careful planning to ensure adequate coverage.

Probes should be deployed where they can monitor critical traffic flows. Examples include:

 

  • On-prem at the Internet Edge/Perimeter - This is your first line of defense. Probes here monitor all incoming and outgoing traffic, detecting external threats like DDoS attacks, intrusion attempts, and malware downloads.These should be deployed just inside your firewalls.
  • DMZ (Demilitarized Zone) - Your DMZ (on-prem or in the cloud) hosts externally facing servers. Probes here focus on detecting attacks targeting these vulnerable systems, like web servers, email servers, and DNS servers.
  • Data Center Core - This is the heart of your network. Probes here monitor east-west traffic, detecting internal threats like lateral movement, data exfiltration, and insider threats.
  • Critical Asset Segments - Place probes in front of high-value assets like databases, point of sale terminals, regulated devices, file servers, and sensitive data repositories.
  • Cloud Environments - Monitor traffic within and between cloud environments (e.g., AWS, Azure, GCP) to detect cloud-specific threats and misconfigurations. 
  • Remote Sites/Branch Offices - Extend visibility to remote locations to detect threats targeting these often less-secure environments.

 

By carefully considering these factors, you can ensure that your NDR probes are strategically positioned to provide comprehensive visibility and effective threat detection across your entire network.  

 

Ultimately, the best placement options depend on the specific needs and architecture of the network being monitored. Factors to consider include network topology, traffic volume, security requirements, and budget. 

 

Using the form above, please share the details of your probe requirements so we can provide your custom quote.

ABOUT STAMUS NETWORKS

Stamus Networks is the global leader in Suricata-based network security and the creator of the innovative Clear NDR™ system. Designed to close visibility gaps and reduce alert fatigue, Clear NDR transforms raw network traffic into actionable security insights with unmatched transparency, customization, and effectiveness. Trusted by leading financial institutions, government agencies, and participants in NATO’s largest cybersecurity exercises, Stamus Networks delivers proven, high-performance network detection and response solutions. Stamus empowers security teams – delivering clarity amidst complexity – with greater control, fewer false positives, faster response times, and a more responsive, open approach than legacy vendors.

Indianapolis, USA Paris, France

Privacy

© 2014-2025 Stamus Networks, Inc. All rights Reserved.