Network Behavior Analysis

• Network Security Monitoring and Network Behavior Analysis technologies are the state of art methods for detecting operational and security problems in computer networks of all sizes. Even Gartner says it is no longer possible to rely on five to ten years old solutions (firewall, IDS/IPS, antivirus,...).
• Systems based on these technologies works on the principle of detection of network anomalies and an undesirable behaviour, which is based on the permanent evaluation of network traffic statistics (NetFlow records). The main advantage over standard IDS and SNMP monitoring systems lies in the orientation on the overall behaviour of devices in a network. This enables administrators to get a real insight into the network and react to yet unknown or specific threats.
• For a simple explanation of NetFlow can be said that these data flows are similar to phone-call listings - NetFlow is defined as a sequence of packets with the following information: destination/source IP address, destination/source port number and protocol type.

• The deployment of NSM/NBA solutions is non-invasive, which means zero interference to the current network topology. Thus there can not be any problems such as network latency, network outages, etc. The passive probe (e.g. FlowMon ADS or NetHound BOX) monitors the data flows on the perimeter or in a problematic network branch.
• These systems can be easily deployed in 20 minutes.

Take a look on a short presentation about NetFlow technology

How can you start to generate NetFlow data?

Find out if you are able to generate NetFlow data in your network. Learn more about the options of how to get NetFlow from your network.

Selected references:

	dm drogerie markt, s.r.o. Show reference
	JIC - South Moravian Innovation Centre Show reference
see all references