Network session analysis
Network session analysis is a method of
monitoring network activity and availability to identify issues, such as
operational or security problems. It can also be used to detect malware,
such as ransomware.
Network traffic analysis (NTA) is a critical tool
that helps improve performance, identify threats, and spot abnormalities.
Common use cases for NTA include:
- Collecting
a real-time and historical record of what’s happening on your network
- Detecting malware such
as ransomware activity
- Detecting
the use of vulnerable protocols and ciphers
- Troubleshooting
a slow network
- Improving
internal visibility and eliminating blind spots
Benefits of NTA include:
- Improved
visibility into devices connecting to your network (e.g. IoT devices,
healthcare visitors)
- Meet
compliance requirements
- Troubleshoot
operational and security issues
- Respond
to investigations faster with rich detail and additional network context
Some of the use cases for analyzing and
monitoring network traffic include:
- Detection
of ransomware activity
- Monitoring
data exfiltration/internet activity
- Monitor
access to files on file servers or MSSQL databases
- Track
a user’s activity on the network, though User Forensics reporting
- Provide
an inventory of what devices, servers and services are running on the
network
- Highlight
and identity root cause of bandwidth peaks on the network
- Provide
real-time dashboards focusing on network and user activity
- Generate
network activity reports for management and auditors for any time period
No comments:
Post a Comment