Network Behavior Anomaly Detection

Flow-based Network Behavior Anomaly Detection

Faced with the need for continuous intelligence about the behavior of workstations, servers, and network devices, network, security and datacenter administrators rely on behavioral, flow-based anomaly detection and network performance monitoring  to efficiently monitor operations and enhance the security posture of their network — whether physical or virtual.

Research by TechValidate

StealthWatch by Lancope fulfills the need for effective security, network and application performance monitoring by:

  • Unifying visibility across virtual and physical networks with the capability to seamlessly and centrally manage and monitor global infrastructures from a single dashboard
  • Eliminating network blind spots and reducing total network and security management costs
  • Protecting networks against fast growing threats, such as APTs, application misuse, information theft and misconfigured devices, without the need for signature updates
  • Enabling scalable, continuous real time monitoring of network behavior to better understand network usage, discover assets, identify malfunctioning devices and detect trends
  • Delivering insightful network intelligence for detailed application usage reporting, host-level audit trails or network activity, spam detection and application failure notification
  • Combining intelligence from the internal network with behavioral analysis of data from perimeter devices to deliver optimal contextual awareness
  • Tying network and security issues to specific users
  • Expediting troubleshooting through quick access to real-time and historical data

A proven, veteran solution, StealthWatch combines flow-based anomaly detection and network performance monitoring to optimize security, network and virtual operations while maximizing limited resources by:

  • STREAMLINING security, network and virtual monitoring into one process
  • REDUCING the time and resources allocated to network security and operations across physical and virtual networks
  • ELIMINATING the cost and complexity associated with non-integrated point solutions