|
Network Behavior
Anomaly Detection (NBAD) technologies
Many network managers have yet to fully realize the untapped security
potential available within their network managers. By
collecting, processing and analyzing NetFlow data, exportable from
Cisco routers and L3 switches, network
managers can easily extend the value of their network
infrastructures.
Flowviewer
product collects NetFlow exports from
enterprise routers and L3 switches, and generates traffic reports that
help understand the nature of traffic on the network.
Apart from NetFlow data analysis and reporting, Flowviewer product includes a lot of enterprise features that are useful in
managing NetFlow data that is exported from several devices. These
features offer a lot of benefits to enterprises as well as service
providers.
IPS technology provided by traditional security controls through
host-based conversations and traffic pattern analysis, so IPS technology can detect known attacks.
Flowviewer
product analysts not only recognize the existence of these gaps
but also specifically recommend Network Behavior Anomaly Detection
(NBAD) technologies, which analyze NetFlow data, to fill these gaps.
Network Behavior
Anomaly Detection (NBAD) is the continuous monitoring of a proprietary
network for unusual events or trends. NBAD is an integral part of
Network Behavior Analysis (NBA), which offers security in addition to
that provided by traditional anti-threat applications such as sasser , MSBlast and spyware-detection software.
Curelan Worm analysis program: analyze the tcp flag of
packets to see if it is a normal traffic. This program can successful
detect CodeRed, Nimda, Slapper, Blaster, Spyware in Taiwan.
Flowviewer
product is designed to identify
malicious behavior and alert or even block when anomalies are detected.
Ex﹒The worm detection procedure of
Flowviewer product
Intranet Security Leak
|
