ASAM

NetFlow Analyzer | Security Module

The neural system of most of the enterprises is the network. With the emergence of social networking, video streaming, peer-to-peer technology, cloud computing and SaaS, it's safe to say that modern enterprises are only as good as their networks especially in terms of the bandwidth and security they provide. Be it banks securing their data against thefts or business organizations securing their network against security threats and attacks, the lurking threat of getting breached, compromised and damaged by an unknown zero-day intruder is always relevant. Moreover, continuous evolution of intrusion techniques has made the task of ensuring network security increasingly difficult in spite of becoming all the more critical.

Predominantly, the security systems are classified into three types. They are (i) Firewall Systems, (ii) Intrusion Detection/Prevention (IDS/IPS) Systems and (iii) Network Behavior Analysis (NBA) Systems also known as Network Behavior Anomaly Detection (NBAD) Systems. While all three of them have their own unique strengths and weaknesses, they complement each other to form a holistic network security strategy. However, the first two are widely prevalent and perceived as essential components, the third is not so. This leaves the network vulnerable to several zero-day attacks, unknown worms, internal threats, etc., as well as letting them lag behind in terms of overall traffic visibility, access policy decisions, security posture assessment and a reasonably sure confirmation of network security.

comprehensive enterprise network security

Unified bandwidth monitoring and zero-day security analytics

Bandwidth monitoring & traffic analysis and network security analytics & behavior anomaly detection are interdependent and complementary by nature. NetFlow Analyzer, coupled with the Security module, unifies these complementary solutions to provide a holistic and reliable decision support system in a single user-friendly interface. While NetFlow Analyzer gives you an in-depth visibility in to your network traffic and bandwidth utilization, the Security module offers continuous network security monitoring and network anomaly detection capabilities.

one holistic view

Security Module

The Security Module is a network flow based security analytics and anomaly detection tool that helps in detecting zero-day network intrusions, using the state-of-the-art Continuous Stream Mining Engine™technology, and classifying the intrusions to tackle network security threats in real time. The Security module offers actionable intelligence to detect a broad spectrum of external and internal security threats as well as continuous overall assessment of network security (Network Security screenshots).

asam benefits

The Security Snapshot of the Security module displays a list of grouped threats/anomalies as problems and further, the problems are categorized in to three major problem classes (Bad Src-Dst, DDoS, Suspect Flows). The set of classes used for classifying problems with a brief description is given here (Problem Taxonomy). The pie charts and line graphs help the user grasp the overall network "security posture" in one glance. On further drill-down it displays a list of individual events/anomalies, of a specific problem, with detailed information collation for closer investigation by the operator.

the Security module, offered as a simple add-on module of NetFlow Analyzer, our network analysis tool, leverages the underlying platform's agentless centralized data collection and forensic analysis capabilities, to offer greater value. NetFlow Analyzer is a robust, scalable and a proven platform offering bandwidth monitoring and unified traffic analytics.

Related pages:

Download 30-day free trial | Request Demo

NetFlow Analyzer has helped us reduce the time taken to isolate threats like worms and virus attacks. It has also helped us to solve network incidents faster, and do better capacity planning.

- Fred Hassard Sr. Network Engineer in Adventist Health

 

Featured links

Other features

Network Bandwidth Monitor

View how enterprise network bandwidth is used. Allocate enough bandwidth for applications critical to business.

Network traffic monitoring

Get real-time visibility into your network traffic using NetFlow Analyzer. Know who your top talkers are on the network in real-time.

Cisco IP SLA Monitoring

Monitor critical factors affecting VoIP, Video performance and ensure best-class service levels. Ensure seamless WAN connectivity through WAN RTT monitoring.

Monitoring and reporting on Cisco CBQoS

Validate the effectiveness of your QoS policies using CBQoS reports from NetFlow Analyzer. Prioritize your network traffic accordingly.

Capacity Planning report

Assess future network requirements based on capacity planning reports.