According to a recent New York Times' article, there have been cyberattacks on critical infrastructure Saudia Arabia recently. While these attacks were not elaborated on in full detail (at least not in the article), it is important to understand the importance … [Read more...] about Protecting Critical Infrastructure from Cyberattacks with Network Traffic Analytics
Correlating NetFlow with RADIUS Usernames
Correlating NetFlow with RADIUS Usernames to improve context security awareness is something we have done for several vendors including Cisco ISE, Microsoft Network Policy Server, Forescouts CounterACT and others. Even with all of these supported, we still get … [Read more...] about Correlating NetFlow with RADIUS Usernames
The Danger of Google’s Massive Harvesting
It’s pretty safe to say that most users are well aware that companies like Google, Facebook, LinkedIn and hundreds of others are harvesting data out of their customer’s end user devices. What many aren’t aware of is that you don’t even need to be visiting … [Read more...] about The Danger of Google’s Massive Harvesting
UDP Packet Forwarding
If your company has a couple of SIEMS or maybe more than one NetFlow collector, you could probably benefit from a UDP Packet Forwarding system. Here’s the reason: many syslog and flow exporting devices can only export to one or two devices but, when you have … [Read more...] about UDP Packet Forwarding
User Authentication Monitoring
Despite continued improvements in malware prevention, the success rate of infections still out paces the industries best detection methods. This is true even though signature matching picks up on many types of viruses however, it seems the nastiest contagions … [Read more...] about User Authentication Monitoring
Sankey Flow Graph
One of the greatest benefits of NetFlow collection for traffic analysis, is we’re provided with the ability to visualize the flow of our network traffic. This is a huge improvement over the traditional method of parsing row after row of big data in a … [Read more...] about Sankey Flow Graph
DNS Unlocker Malware
Our malware detection team plays particularly close attention to DNS traffic because a lot of serious exfiltration occurs as the result of DNS abuse. Since most traffic to the DNS can’t be blocked without potentially crippling Internet activity, we watch for … [Read more...] about DNS Unlocker Malware
NetFlow Vs. Packet Capture
Until the introduction of flow technologies like NetFlow and the standard called IPFIX, companies relied largely on two technologies. The first was SNMP which allowed customers to trend different performance metrics for long periods of time. Metrics included … [Read more...] about NetFlow Vs. Packet Capture
Google Map Integration | GPS Coordinates
We were an early adopter of supporting Google map integration in our NetFlow collector system. Since then, we have had customers asked that we pull in the location information from SNMP (syslocation), IPAM solutions and other GPS coordinate applications in … [Read more...] about Google Map Integration | GPS Coordinates
Cisco IWAN Training
One of the biggest questions being asked of IT professionals is, “Are we using our bandwidth to its fullest potential”? Of course we have many tools to help answer that question, fortunately Cisco has developed another to add to our arsenal. With Cisco’s … [Read more...] about Cisco IWAN Training
Social Media