NetFlow Ninjas Blog

Category: NetFlow NetFlow RSS Feed

Insider Threat Protection with NetFlow

POSTED BY Angela Frechette on 05.20.2013  |  0 comments
Despite the fact that external attacks often get more attention in the media, recent data is proving that the threat posed by malicious, negligent or compromised insiders is indeed very real. The best way to detect and prevent insider threats is to have in-depth visibility into the internal environment and a means of filtering and prioritizing the massive amount of data available on the network into concise, actionable intelligence. READ MORE
CATEGORIES NetFlow, Network Security, Network Visibility, StealthWatch
TAGS stealthwatch, netflow, lancope, network security, network visibility, anomaly detection, behavioral analysis, insider threat, forensics, user-centric monitoring

Why Duplicate Flows Are A Good Thing

POSTED BY Andy Wilson on 05.13.2013  |  0 comments
Many people ask about the “problem” of duplicate flows. They are coming from the point of view that duplicate flows are not efficient, are redundant and are a drain on resources; and therefore we should eliminate them. Duplicate flows are inherent in a NetFlow collection strategy, and I would argue that they are a good thing. Here’s why…. READ MORE
CATEGORIES NetFlow, Network Performance Monitoring, Network Security, Network Visibility, StealthWatch
TAGS stealthwatch, netflow, lancope, network security, network visibility, network performance monitoring, duplicate flows

NetFlow Training Courses in May

POSTED BY Angela Frechette on 04.30.2013  |  0 comments
Lancope's University of NetFlow will host four training courses in May in Boston, Montreal, Minneapolis and Chicago. Attendees will learn how to harness the power of NetFlow for dramatically improved network security and risk posture. READ MORE
CATEGORIES NetFlow, Network Performance Monitoring, Network Security, Network Visibility, StealthWatch
TAGS stealthwatch, netflow, lancope, network security, network visibility, apts, advanced threats, insider threat, university of netflow, security intelligence

Lancope’s Analysis of the Verizon 2013 Data Breach Report

POSTED BY Angela Frechette on 04.29.2013  |  0 comments
Verizon has recently published the 2013 edition of its highly regarded Data Breach Investigations Report. Including analysis of more than 47,000 reported security incidents and 621 confirmed data breaches, the report reveals some very telling statistics and trends involving cyber security. Most importantly, it points to the fact that incident response and network surveillance need to be playing a much bigger role in organizations’ overall security strategies. READ MORE
CATEGORIES In The News, NetFlow, Network Security, Network Visibility, StealthWatch
TAGS stealthwatch, netflow, lancope, network security, network visibility, apts, incident response, insider threat, forensics, data breach, security intelligence, social engineering, advanced persistent threat, verizon data breach report

StealthWatch Is Not a Four-Letter Word

POSTED BY David Brooks on 04.26.2013  |  0 comments
Understanding the common complications with SIEM can not only help you better utilize your SIEM, but also know how to augment the data it provides (or in some cases, doesn’t provide). Flow collection bridges the gap between packet capture and SIEMs. Collecting NetFlow can provide a complete repository of host-to-host communication down to the leaf nodes on your network, and this level of visibility is critical for making sense of today’s complex threats. READ MORE
CATEGORIES Flexible NetFlow, General Interest, Integrations, NetFlow, Network Performance Monitoring, Network Security, Network Visibility, sFlow, StealthWatch
TAGS stealthwatch, netflow, lancope, network security, network visibility, analysis, flow telemetry, siem