Category: NetFlow

Report on NetFlow for Advancing Network Security and Performance

“The State of NetFlow: Advancing Security and Performance through Network Visibility.” The report features expert commentary from Lancope executives, as well as NetFlow end users and other industry thought leaders, and provides a wealth of information on how to harness the power of flow data for maximized network security and performance. READ MORE

Lancope’s LinkedIn NetFlow Ninjas Group Surpasses 1000 Members

Last week Lancope's NetFlow Ninjas LinkedIn group surpassed 1000 members. The LinkedIn NetFlow Ninjas group consist of network architects, directors, engineers, analysts and security managers who focus on utilizing NetFlow to improve security and network performance. READ MORE

Tracking Worms with StealthWatch

While worms seem to be less prevalent than they were in the past, we do still see them appear now and then. Over the past few months we’ve seen Morto over RDP 3389/tcp and Duqu over SMB 445/tcp rear their heads. Luckily we can use flow data to identify these types of hosts within the network. With Morto, we can simply look for scanning over the RDP port. Ideally you’ll have some Dark IP subnets/ranges within your network making this a little easier if you don’t currently use Lancope’s StealthWatch. Finding incomplete sessions to these IP ranges becomes a red… READ MORE

Securing and Gaining Deep Visibility To What Applications Are Flowing Over Your Enterprise Network

Nick Lippis, from the Lippis Report, discusses with Samuel Pasquier, product manager for Cisco Systems, and Adam Powers, chief technology officer for Lancope, the best practices for securing and gaining visibility into applications that are flowing over enterprise networks with the next generation of NetFlow. The podcast starts with a brief overview of emerging network problems resulting from the increased demands of mobile, media, and distributed network access. Nick emphasizes the network vulnerabilities brought about by not knowing what applications are flowing over an enterprise network. Samuel Pasquier introduces the new Netflow services delivered by the next generation of the… READ MORE

The Virtual Blind Spot Video

CTO Adam Powers presents "The Virtual Blind Spot" which is about visibility and monitoring the virtual network. If you only have 22 minutes to jump into Netflow and Virtual Servers then this is the perfect place to start your study. Adam starts out with a description of  “We can't manage what we can't see..” and touches the key topics of virtualization sprawl, loss of traditional security management tools, difficulty in segregation of digital assets and management of virtualized assets. Each of these conditions help create the “Virutal Blind Spot”. After establishing the problems surrounding monitoring the virtual network, Adam presents… READ MORE