Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Netflow Auditor for security forensics

November 2011 Products & Solutions, Infrastructure

The amount and diversity of traffic traversing modern networks creates complex challenges for network operators, security analysts and system administrators. Uncovering network performance and security issues before they become critical is essential. Often, serious attacks or compliance breaches only become evident too late even though they may have been occurring over an extended period.

One of the most useful methods for analysing network traffic is using NetFlow. Cisco developed NetFlow years ago and it has quickly become the industry standard for generating IP traffic information. Analysis of network traffic is becoming increasingly important, not just for determining utilisation root cause and forecasting bandwidth needs, but also for security analysis. With the introduction of NetFlow Auditor, NetFlow analysis has become useful in the intrusion detection field, through looking for abnormal traffic flows, in incident handling and forensics fields. Flow records can be exported from a diverse range of network equipment providing the opportunity for pervasive continuous monitoring and the ability to see what is happening on the network in real-time.

Analysis of flow records can be used to detect policy violations, to report on the network activities of compromised hosts and to detect some forms of scanning and denial-of-service attacks. In order to keep their networks running efficiently and securely, network operators need to build a deep understanding of traffic characteristics and the kinds of events taking place in their networks.

NetFlow Auditor software enables customers to fully automate the entire network anomaly detection and risk mitigation life cycle. NetFlow Auditor’s granular forensic ability, scalability and unique intelligent baselines deliver a complete and flexible toolkit for flow-based network behavior, forensics monitoring and analysis. It will alert on an event or condition in the network that is identified as a statistical abnormality when compared to typical traffic patterns gleaned from previously collected profiles and baselines.

For more information please contact Denan Erasmus, Barlow Communications, +27 (0)11 886 4730, [email protected]





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Innovations shaping the safety and security landscape
Integrated Solutions Products & Solutions
TMT Services and Supplies is excited to connect with all attendees, share insights, and explore the latest trends and innovations shaping the safety and security landscape.

Read more...
Putting security in gear
Asset Management Products & Solutions
The inaugural Securex Cape Town 2025 will showcase a number of companies focused on vehicle and fleet security on South Africa’s dangerous and often crime-infested roads.

Read more...
Managing assets and clear communication
Asset Management Products & Solutions
Communication is essential for security management as well as efficient asset control. A few companies at Securex Cape Town 2025 might have the solution you are looking for.

Read more...
Drones and a hint of access control
Surveillance Products & Solutions
Drones are an indispensable tool for security operations, with more functionality and capabilities than ever. Securex Cape Town 2025 will naturally have drone service providers available to light the way for interested parties.

Read more...
Advanced time & attendance solutions
Technews Publishing Access Control & Identity Management Products & Solutions
From biometric devices to a powerful mobile app, you will see how businesses of all sizes save time, cut costs, and improve productivity with BioSyn.

Read more...
See crime stopped in seconds
Products & Solutions Security Services & Risk Management
Fog Bandit, a leader in security fog, is bringing its instant crime-stopping technology to Securex Cape Town 2025. Experience the innovation trusted worldwide to protect retailers, warehouses, and high-value sites.

Read more...
Software security is a team sport
Information Security Infrastructure
Building and maintaining secure software is not a one-team effort; it requires the collective strength and collaboration of security, engineering, and operations teams.

Read more...
Electrical fire safety in lithium-ion battery rooms
Fire & Safety Residential Estate (Industry) Products & Solutions
Pratliperl is a non-combustible, ultra-lightweight aggregate that can be mixed with cement and applied as a plaster or screed to walls, floors, and ceilings. When applied at just 30 mm thickness, it delivers a two-hour fire rating.

Read more...
The first choice for electric fence management
Stafix Perimeter Security, Alarms & Intruder Detection Residential Estate (Industry) Products & Solutions
In South Africa, over 500 housing estates use JVA Perimeter Patrol, making it a widely used Electric Fence Management providing seamless integration with alarms, CCTV, VMS, access control and control room third-party software.

Read more...
New JVA MBxL energiser range
Stafix Perimeter Security, Alarms & Intruder Detection Residential Estate (Industry) Products & Solutions
The latest MBxL energisers stand out for their simplicity, allowing you to push the “On” button and have the unit tick away, or to configure it through our virtual keypad (VKP).

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.