search youtube arrow-left arrow-right quote close hamburger Twitter facebook linkedin page-header-bottom arrow right arrow left

Author: Scott

Scott provides Pre Sales Technical Support to the Sales team at Plixer. Scott comes from a technical support background, having years of experience doing everything from customer account management to system programming. Some of his interests include coaching youth sports programs here in Sanford, playing drums and guitar in local jam bands, and playing in neighborhood lawn dart tournaments.
Security Operations

Detect abnormal lateral network traffic using machine learning and NetFlow

Posted on - by Scott

In a previous blog I introduced you to the malware detection capabilities of Plixer’s intelligence product. I would like to circle back to some information shared in that blog to talk about its ability to detect behaviors like lateral movement across the LAN segments of the network related to data accumulation.

Before I get started, I want to talk about strategies used for network visibility and why flow technologies should be at the top of the list.

Read more
Configuration

Cisco Firepower FTD NetFlow configuration

Posted on - by Scott

I am often exposed to new network devices and the ways that they support and configure flow-monitoring technologies. So I was excited to learn this new Cisco Firepower Threat Defense NetFlow configuration.

This configuration uses all the same NSEL configuration commands that you would use on a Cisco ASA, in just about the same order as I described in this Cisco ASA configuration blog. The difference is that you are applying the commands using a GUI interface and not CLI.

Read more
Security Operations

Malware detection using machine learning and NetFlow

Posted on - by Scott

Last year Plixer released version 19 of Scrutinizer, and with it came the introduction of Plixer Security Intelligence, our machine learning appliance.

The ML appliance learns and establishes what is normal in network traffic behaviors across hundreds of data models. When Scott’s PC reaches out to an application that he has never touched, or exhibits out-of-the-ordinary traffic behaviors, that activity is flagged and alarmed on.

Read more