menu

Network Security Analytics: It Makes Good Sense

Heidi Gabrielson
SHARE ON:

A couple years ago, I bought a new townhouse in a quiet suburban neighborhood. It’s lovely but, as I’m a single woman with only an attack cat to protect me, the first thing I did was call a locksmith to install deadbolts on all the outside doors, including the door leading to the basement. The second thing I did was get an alarm system. It’s the sensible thing for a woman to do, right?

Pounce, the cat.

Pounce the cat. Looks can be deceiving. Don’t be fooled; she’s the meanest cat around.

So why don’t we do the same thing when we consider the security of our business?

Sure, we use anti-virus and firewalls, intrusion detection systems, and network access controls. They are meant to prevent threats from penetrating our defenses—our proverbial deadbolts.

But, what happens when the bad guys get past those defenses?  Do you have any motion detectors inside your network to detect threats?

Cyber crimes on the rise

It probably comes as no surprise that cyber-attacks are happening more frequently and are getting more sophisticated. For example, in 2017, there was a 91% increase in DDoS attacks1; a 600% increase in IOT-based attacks2; and an 8,500% increase in cryptominer detections3.

In fact, the average targeted malware compromise is present for 205 days before detection4. Clearly, there needs to be a better way of finding and mitigating threats. Gartner recommends shifting security budget from preventative measures to detection and remediation approaches5.

Introducing SteelCentral NetProfiler Advanced Security Module for Network Security

SteelCentral NetProfiler Advanced Security Module transforms network flow data into security analytics, providing essential visibility for broad threat detection, investigation, and mitigation.

Built with security operations teams in mind, this new optional software module for SteelCentral Enterprise NetProfiler, provides rich threat detection capabilities in a single, easy-to-use solution. These new capabilities include:

  • Threat Intelligence: alerts provides a daily update on potential enterprise threats, and alerts when your system communicates with blacklisted sites. This allow you to investigate and quickly take action.
  • Distributed Denial of Service (DDoS) detection: quickly and accurately identifies a broad range of DDoS attacks so you can make informed mitigation decisions to end interruptions sooner.
  • Cyber Threat Hunting: enables you to proactively search for hidden security threats on your network before they become business-impacting events!
  • Network Security Analytics: baselines traffic and automatically identifies threats that generate unusual patterns, such as unexpected new services, hosts, or connections.
  • Incident Forensics: provides full historical details so you understand the complete scope of the attack; offers the ability to drill into packets for even greater details.
Advanced Security Module dashboard provide network security analytics

The Security Dashboard lists all policies that have been triggered (left side), their severity, source, destination, and more. The Threat Feed on the right shows potential threats with links to additional third-party information, and the ability to run reports in your environment with one click.

The Advanced Security Module leverages NetProfiler’s full-fidelity network flow analytics, which captures and stores all the data you need for forensic analysis. It delivers the crucial insights and empirical evidence to detect and investigate advanced persistent threats that bypass typical preventative security measure as well as those that originate inside the network. With the NetProfiler Advanced Security Module, you can accurately assess the severity and scope of security incidents. You can then quickly initiate mitigation actions to reduce the likelihood that attackers will get the data they want. ​​

The bottom line is that sooner or later, the bad guys will beat your traditional perimeter security defenses. Alternatively,  a trusted employee or third party will simply walk out with data on a thumb drive. Without network security analytics, you are blind to these types of security breaches. Just as a home alarm system makes good sense, so does adding the NetProfiler Advanced Security Module to your NetProfiler. Think of it as a motion detector for your network. It’s the sensible thing to do.

Learn more about the new SteelCentral NetProfiler Advanced Security Module.

 

TechRepublic, Nov 2017

2 Gartner, Shift Cybersecurity Investment to Detection and Response

3 May 2017 3 Symantec, Internet Security Threat Report 2018

4 Mandiant, Cyber Security in 2018

5 Gartner, Shift Cybersecurity Investment to Detection and Response

No Responses to “Network Security Analytics: It Makes Good Sense”

Leave a Reply

Your email address will not be published. Required fields are marked *