Tag: Policy Management

When Enforcement Doesn’t…

Intelligently processing NetFlow records from the network infrastructure provides a reliable and accurate means of determining if enforcement mechanisms are properly handling traffic. Alerting can occur in real time, or historical analysis can be applied to validate designs. READ MORE

Are My Computers for Rent?

In a recent blog entry, Brian Krebs revealed that a Russian-based service is selling the IP addresses, usernames and passwords of computers inside organizations including Fortune 500 companies using the Remote Desktop Protocol (RDP). In the comments section, some readers asked how they can check if their servers are listed in the service’s database. While there certainly is merit in that type of diligence, they could better answer that question by reviewing their own network surveillance data. It is a question that intelligent analysis of enterprise NetFlow/IPFIX can quickly answer. READ MORE

What’s leaving your network could be more important than what’s coming in

Malware, Keyloggers and Remote Access Trojans: What’s leaving your network could be more important than what’s coming in Malware, keyloggers and Remote Access Trojans (RAT) are old news at this point in terms of their application and the potential they harbor for adverse effects on an enterprise network once they’re in place. In fact, just this week, the FBI and IC3 reported that all of those pieces are currently being utilized to steal login credentials and initiate unauthorized wire transfers from financial institutions, in some cases reaching as high as USD $900,000 for a single transfer. In instances where these transactions have… READ MORE

Lancope Extends NetFlow-Based Behavioral Analytics to the Perimeter for Greater Contextual Awareness

Extension of internal monitoring capabilities to the perimeter dramatically improves network visibility, performance and security ATLANTA and LAS VEGAS (Cisco Live conference), July 11, 2011 – Lancope, Inc., a leader in flow-based security, network and application performance monitoring, has announced that it will now combine internal and perimeter-based network monitoring for greater contextual awareness. By integrating NetFlow analysis from the internal network with key data from perimeter devices such as firewalls, Lancope will enable customers to achieve dramatically improved visibility, performance and security. Through its new capabilities, Lancope’s StealthWatch® System will now assign Concern Index™ points to IP addresses that… READ MORE