In a previous blog I introduced you to the malware detection capabilities of Plixer’s intelligence product. I would like to circle back to some information shared in that blog to talk about its ability to detect behaviors like lateral movement across the LAN segments of the network related to data accumulation.
Before I get started, I want to talk about strategies used for network visibility and why flow technologies should be at the top of the list.
Read moreIn our new release of Scrutinizer version 19.1.0, we have included a handful of new reports that help to provide more information on the NetFlow collected from your network. These are the Client – Server reports, which can show directionality of requests and responses to give insight into who is asking for what and what kind of responses they get.
Read moreInbound traffic that is captured and exported as NetFlow by your NAT router only shows that the destination of the inbound internet traffic is your external IP address. But what if you want to know what private host initiated that traffic? Today, I’d like to go over how Plixer Scrutinizer can report on this traffic and expose the internal address of this traffic.
Read moreWith the onslaught of malware and cloud applications increasing, network traffic intelligence has become increasingly important. When an infection is unearthed and the incident response team moves in to figure out what exactly has happened, one of the first things they will do is request the logs, including the flow (NetFlow and IPFIX) data. Network and application issues are troubleshot in a similar way.
Read moreToday I want to show you how to configure sFlow on your Arista device and demonstrate its featured output through Plixer Scrutinizer. Our goal is to define multicast flow on our switch.
Read moreIt can happen to anyone, even the most seasoned of network security personnel. You can be searching for something on Google, see a seemingly innocent link that looks like exactly what you’re looking for, and click it. Next thing you know, your computer screen is flashing with a message that says your computer is infected and you need to call the following number ASAP. If this does happen in your office, don’t worry: we can help.
Read moreI am often exposed to new network devices and the ways that they support and configure flow-monitoring technologies. So I was excited to learn this new Cisco Firepower Threat Defense NetFlow configuration.
This configuration uses all the same NSEL configuration commands that you would use on a Cisco ASA, in just about the same order as I described in this Cisco ASA configuration blog. The difference is that you are applying the commands using a GUI interface and not CLI.
Read moreAs more and more devices are added to the internet, a larger swath of insecurity comes with them. Botnets and compromised devices are the main sources of headache for attacks on infrastructure, with Distributed Denial of Services attacks becoming a major tool for the bad actors to break systems or cover their tracks during an operation. Plixer Scrutinizer provides a method for alarming on these attacks in real time.
Read moreWhen we hear about a cyberattack these days, there’s often a reference to when the network was originally compromised. In recent years, the need to determine how long that compromise was on the network, who else was involved, and how you’re going to gain this visibility has moved to the forefront of the SecOps team’s needs.
Read moreThe process of setting up a new network map has changed a bit in the newest Plixer Scrutinizer v19.1.0 release. Today, I’d like to go over setting up a new network map and configuring new connections between map objects.
Read more