Network session analysis

Network session analysis

Network session analysis is a method of monitoring network activity and availability to identify issues, such as operational or security problems. It can also be used to detect malware, such as ransomware. 

Network traffic analysis (NTA) is a critical tool that helps improve performance, identify threats, and spot abnormalities.

Common use cases for NTA include:

• Collecting a real-time and historical record of what’s happening on your network
• Detecting malware such as ransomware activity
• Detecting the use of vulnerable protocols and ciphers
• Troubleshooting a slow network
• Improving internal visibility and eliminating blind spots

Benefits of NTA include:

• Improved visibility into devices connecting to your network (e.g. IoT devices, healthcare visitors)
• Meet compliance requirements
• Troubleshoot operational and security issues
• Respond to investigations faster with rich detail and additional network context

Some of the use cases for analyzing and monitoring network traffic include:

• Detection of ransomware activity
• Monitoring data exfiltration/internet activity
• Monitor access to files on file servers or MSSQL databases
• Track a user’s activity on the network, though User Forensics reporting
• Provide an inventory of what devices, servers and services are running on the network
• Highlight and identity root cause of bandwidth peaks on the network
• Provide real-time dashboards focusing on network and user activity
• Generate network activity reports for management and auditors for any time period