Today’s threat detection and intrusion prevention systems deployed at companies concerned with cybercrime utilize a layered approach to network protection. Anti-virus programs are deployed on every end system and server. Most of us have access lists on routers and switches and those who need to provide remote access to employees leverage encrypted VPN technologies. Then of course there is the next generation firewall (e.g. Cisco, Dell – SonicWALL and Palo Alto) which performs deep packet inspection to compare bit patterns against regularly updated signatures.
“IPS (or deep packet inspection) is our #1 security defense; NetFlow is a very close #2”
-Gavin Reid, Manager of Cisco CSIRT
Read more »
For a free 30 day trial of Scrutinizer, Download Now!
Sign up for Advanced NetFlow Training™ coming to a city near you!