Let the community know what you think. Share your opinions now!
Modern Security Operations teams have access to vast amounts of data, but this has not translated into greater effectiveness. The goal of NTA is to not only eliminate blind spots with unprecedented visibility, but to also cut through the noise of alerts with high-fidelity behavioral analytics.
In addition, it should dramatically reduces the time required to take action, from days to seconds, through automated investigations. To achieve these goals, NTA takes advantage of new machine learning and network traffic analytics technology. At its core, NTA which should be powered by an open, programmable, and extensible real-time streaming analytics platform and cloud-based behavioral analytics for full layer-7 visibility.
It depends what your environment is. We have very good experiences with two solutions. When you're using Cisco Networking, their Stealthwatch solution (also part of their EA, a full NBA/ADS* solution) does a very good job and gets more and more integrated in their Networking, Security and Admission Control solutions. When you are looking for a less expensive solution, we have very good experiences with Flowmon, a spin off from the University of Brno (Tsjech Republic) and a very mature NBA/ADS* solution as well. In NL Flowmon is successfully in use by education, healthcare, finance and transportation.
*NBA/ADS: Network Behavior Analysis / Anomaly Detection System.
Network Performance, bandwidth utilisation, data flow speed, Bottlenecks, nodes issues, network medium issues, segmentation efficiency, distributed network requirement as a solution, multicast required as a solution or re design it.
Hi community,
I work as the Regional Manager at a Tech Services company.
Currently, I'm exploring open-source Network Analyzer and Network Configuration managers.
Which one would you recommend and why?