Disaster Recovery Monitoring
A question that I have been getting a lot recently is, “how can someone better their disaster recovery monitoring”. Tools that utilize SNMP are going...
All
incident response
Building your incident response team
What do you normally do when you find an infected machine on the network? if you don’t have a good answer to that question...
Tracking brute force Attacks
Tracking brute force attacks on your network can be a very time consuming process. It often ends up with you running around the office...
Fortigate NetFlow Configuration
I was working with a customer a couple weeks back, and wanted to share a sample Fortigate NetFlow configuration that we came up with....
Integrating NetFlow and SIEMs: Enterprise incident response solutions
If you’re an avid follower of our blogs, then you know that network threat detection using NetFlow analytics is a valuable enhancement to network...
Detecting Network Scans using NetFlow
As a continuation of our Network Security series, I wanted to write a blog on detecting network scans using NetFlow and IPFIX. Since a...
Network Forensics and Incident Response Using NetFlow and IPFIX
Network forensics can be an intimidating subject. When IT personnel hear the word “forensics” they often recoil with visions of complicated software such as...