When used with complementary threat management services, such as endpoint security tools, network traffic analytics can provide an even richer perspective on activity and help expedite a response. The current focus of network traffic analytics technology is threat identification in real time, not forensic analysis. Some of these tools can establish behavior patterns associated with encrypted traffic without having to actually decode that traffic.
With significant advances in monitoring and analytics, network traffic analytics tools provide a complete perspective on activity from Layer 2 to 7 to reveal which devices are communicating with one another and the volume and content of their communications. These tools can also examine north-south traffic as it traverses the perimeter. Network traffic analytics tools yield intelligence that gives IT administrators considerable visibility into east-west network activity by parsing flow and traffic data culled from network sensors. These tools employ machine learning and advanced analytics to identify and alert IT of potentially harmful anomalies that stray from the norm. Network traffic analytics tools assess traffic and flow data, constructing a baseline of normal traffic patterns. Aggregated packet data collected from sensors can provide a clearer window into what's happening across the network in near real time.
0 kommentar(er)
