Вы здесь

Anomaly Detection

NetFlow Auditor is Part of a Threat Detection Mitigation Plan.

Forensics coupled with add-on Anomaly Detection.

  • Identify Nefarious Traffic, DDoS, SlowDoS.
  • Leverages existing infrastructure.
  • Rapid Deployment.
  • Flexible, Scalable and Granular.
  • Enterprise, Telco and Defence Sensitivity.

Anomaly Detection - Preset Detection Rules

Anomaly Detection - Alert Detection

Anomaly Detection - P2P

Anomaly Detection - Make your own rules 3 Easy steps to monitor anything - Steps 1 & 2

Anomaly Detection - Make your own rules 3 Easy steps to monitor anything - Step 3

Anomaly Detection - Intelligent Baseline Learning

Standard Alerting

Standard Alerting - Heavy Traffic Analysis

Denial of Service Attack (D/DoS) Tactics

  • Most attacks involve packet flooding.
  • Saturate the system with external requests.
  • Force a reset/reboot.
  • Consume so many resources the system is unable to respond.

What is a Denial of Service Attack?

  • An attempt to deny legitimate right to a computing resource.
  • Typical targets: Web services, Email, Network Infrastructure.
  • Intent: Overload the recipient system so it can no longer correctly function or respond to normal traffic.
  • Attacks range from simple e-vandalism to attempted felony theft and cyber-terrorism.
  • From a single source or widely distributed (DDoS).
  • Slow Dos.

NetFlow Auditor License Investment

NetFlow Auditor comes in multiple license tiers for Performance and Professional; The Performance license scales well beyond other products in the NetFlow arena and is designed to provide only real-time functionality with top analysis data in line with the other NetFlow products; the Professional license allows full raw flow capture and forensics with long-term trending. NetFlow Anomaly Detection and Ultra-Long Term Trending and Billing are optional add-on modules.