Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Netflow Auditor for security forensics

November 2011 Products & Solutions, Infrastructure

The amount and diversity of traffic traversing modern networks creates complex challenges for network operators, security analysts and system administrators. Uncovering network performance and security issues before they become critical is essential. Often, serious attacks or compliance breaches only become evident too late even though they may have been occurring over an extended period.

One of the most useful methods for analysing network traffic is using NetFlow. Cisco developed NetFlow years ago and it has quickly become the industry standard for generating IP traffic information. Analysis of network traffic is becoming increasingly important, not just for determining utilisation root cause and forecasting bandwidth needs, but also for security analysis. With the introduction of NetFlow Auditor, NetFlow analysis has become useful in the intrusion detection field, through looking for abnormal traffic flows, in incident handling and forensics fields. Flow records can be exported from a diverse range of network equipment providing the opportunity for pervasive continuous monitoring and the ability to see what is happening on the network in real-time.

Analysis of flow records can be used to detect policy violations, to report on the network activities of compromised hosts and to detect some forms of scanning and denial-of-service attacks. In order to keep their networks running efficiently and securely, network operators need to build a deep understanding of traffic characteristics and the kinds of events taking place in their networks.

NetFlow Auditor software enables customers to fully automate the entire network anomaly detection and risk mitigation life cycle. NetFlow Auditor’s granular forensic ability, scalability and unique intelligent baselines deliver a complete and flexible toolkit for flow-based network behavior, forensics monitoring and analysis. It will alert on an event or condition in the network that is identified as a statistical abnormality when compared to typical traffic patterns gleaned from previously collected profiles and baselines.

For more information please contact Denan Erasmus, Barlow Communications, +27 (0)11 886 4730, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
Hikvision launches AcuSeek NVR
Surveillance Products & Solutions AI & Data Analytics
By integrating natural language interaction, Hikvision’s AcuSeek NVR enables precise video and image retrieval within seconds, marking a transformative milestone for the security industry's advance into intelligent and efficient applications.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Biometric security key for phishing-resistant MFA
Products & Solutions Access Control & Identity Management
New FIDO-compliant USB, Bluetooth, and NFC BioKeys with biometric login and centralised management for phishing-resistant, passwordless multifactor authentication (MFA) for enterprise users.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
Synology announces the PAS7700
Products & Solutions
The PAS7700 integrates two controllers and 48 NVMe SSD bays within a 4U chassis and can scale up to 1.65 PB of raw capacity with seven additional expansion units.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Analyse, automate, and optimise logistics processes
neaMetrics Surveillance Transport (Industry) Products & Solutions Logistics (Industry)
In today’s rapidly evolving logistics sector, the pressure to improve process efficiency, optimise resource usage, and ensure seamless security is more intense than ever. Smart, proactive surveillance is no longer a luxury — it is a critical operational necessity.

Read more...
Gallagher Security releases OneLink
Gallagher Animal Management Products & Solutions Access Control & Identity Management
Gallagher Security has announced OneLink, a cloud-based solution that makes it faster, easier and more cost-effective to deploy security anywhere in the world, transforming how security can be delivered to remote sites and distributed infrastructure.

Read more...
Seamless visitor management
Secutel Technologies Products & Solutions
Secutel Technologies recently launched SecuVisit, a cloud-based visitor access control system. SMART Security Solutions asked Secutel’s Norman Pretorius for more information on the product and its capabilities.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.