“Spot the bad guys, stop the bad guys,” are rational and valid goals when it comes to securing your network. In fact, many organisations commit the majority of their security resources and investment to defense and detection, often by deploying automated technologies and solutions. But by their very nature, such solutions focus on protecting against known vulnerabilities and threats, have little context of your own network and can’t be a complete security solution.
NetFlow as a network monitoring and statics technology is not new. To make it work, you need to sample the network and generate NetFlow records, which are sent to a NetFlow collector software application for analysis. NetFlow has been widely adopted and many organisations have invested time and money in learning how to use NetFlow tools to help their network operations teams understand how their network is performing and what is creating fluctuations in traffic.
Earlier this month, I enjoyed some time working with LAN Assistans, our Nordic partner, as we co-exhibited at Nordic IT Security 2013 in Stockholm, Sweden. As part of our participation package, we had a short “open mic” session over lunch to talk about our security topic of choice. Being stripped of my familiar presentation support aids like PowerPoint slides and asked to just stand up and talk really focused my mind (and increased my adrenaline levels!).
I often hear our team talk about our network recording and visualization solutions’ technical innovations, performance and features. In truth, Endace solutions have grown up from a DNA of engineering excellence, so it’s not so surprising that we love talking about our great technology! But for this open mic session, I thought I’d take a different approach and think about what our solutions enable our customers to do…here is a snippet of my “open mic” session: