Network Intrusion Detection, Cyber Threats, Advanced Persistent Threats (APTs), Polymorphic Malware, Event Correlation – today all of these terms are foremost on many IT Security Professionals minds. What cyber security layer can we add to our existing protection efforts that will bring us greater peace of mind? Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

This is part #1 of a two part series on detecting P2P botnets with NetFlow. For years botnets such as Zeus and Spyeye made use of a centralized command and control (“C2″) server. This approach to botnet management was easily detectable using reputation services and other black-listing technology. While many botnets still use a traditional C2, a new breed of botnet has emerged that removes the need for a C2. These botnets make use of peer-to-peer technology to download configuration data and commands as obtaining the C2 IP to upload stolen information to the attacker. In part #1 of this blog series we’ll explore how P2P botnets work then cover detection and mitigation of P2P botnets in part #2.

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Plixer is pleased to announce a new weapon in the war against Internet threats: the all new Internet Threat Center (ITC). Based on hundreds of observation points deployed across the Internet, the ITC provides a near-realtime view of malicious actors across the globe. Plixer customers gain access to the ITC via regular updates to Internet host reputation data downloaded from the ITC to their Scrutinizer installations. NetFlow data collected from routers and switches within their network is compared to ITC data to alert when ITC suspects are active within the customer’s network environment.

This blog provides an overview of the Internet Threat Center and a brief tour of its features…

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

The Zero Trust model is a relatively new network security design model that requires network segmentation and segregation of employees from critical internal resources. The basic idea is that the internal network is no longer explicitly ”trusted.” BYOD policies and the mobile workforce have brought new threats to the internal network that just weren’t there five years ago. It’s no longer practical to assume “bad guys outside, good guys inside.” Let’s take a look at exactly what this means…

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Network forensics can be an intimidating subject. When IT personnel hear the word “forensics” they often recoil with visions of complicated software such as EnCase. Or they may think about expensive packet capture solutions such as Niksun’s NetDetector product line. While these tools can serve a specific purpose, your first line of network forensics defense should always be found in NetFlow and IPFIX…

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

IPFIX is taking the world by storm!  Taking it beyond the standard network traffic from routers and switches, you can now get traditional message formats such as syslogs, Microsoft event logs, SNMP traps and more exported as IPFIX!!! And with our IPFIX collector, reporting on this unified message format is similar to monitoring network traffic.

Do you want quick and easy access to Syslog reporting?  What better solution than your NetFlow and IPFIX reporting solution?  With IPFIXify, you can export syslogs as IPFIX records.  Then using Scrutinizer Flow Analyzer as your flow reporting solution, you can then store, report on, correlate and analyze all of those logs.  Check out this list of reports available for Syslog reporting!

Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

A twitter feed debating Australia’s  purposed government plans to log internet traffic caught my attention this morning and got me thinking about Identity Aware NetFlow.  Although storing user information is a hot topic for many countries around the world, the fact is that there are quite a few data retention laws that already exist .  Many companies are required to adhere to compliance laws and are scrambling to meet these requirements. This is why Identity Aware NetFlow has become such a valuable asset; it helps these companies meet their requirements with minimal overhead. It does this by using NetFlow/IPFIX technology which is already a part of their router or switches OS. Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!

Join the NetFlow Developments group on LinkedIn.

The IT Consumerization or “Bring Your Own Device” (BYOD) movement is already well underway and the iPhone5 launch will see even more employee sourced devices hitting the enterprise network. Even if you’re lucky enough to work for a company that provides iPhones to their employees, you probably don’t want to wait for IT to upgrade your iPhone now do you? You’ll want to BYOD.

So in support of iPhone5 users everywhere, here are three essential components of a BYOD-ready company: Policy, Education, Technology. Let’s discuss…

Read more »

This is a conversation I find myself having more and more lately so I thought it would make sense to discuss in detail just exactly how security information management systems (SIEMs) and NetFlow are related and why SIEMs are a poor choice for NetFlow collection.

Read more »

There are many uses of NetFlow but one of the most important and often overlooked is the network security value NetFlow and IPFIX can provide. Based on feedback gathered over 10 years from hundreds of NetFlow customers, here’s the top five uses of NetFlow analysis for network security in ascending order…
Read more »

For a free 30 day trial of Scrutinizer, Download Now!

Sign up for Advanced NetFlow Training™ coming to a city near you!