These records can help security professionals when responding to an incident. During an attack, for example, network...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
flow information often effectively reveals the quantity (but not content) of a network's extracted data. The logged info can also help identify systems infected with malicious code. Networking professionals can use the data to troubleshoot network anomalies and analyze bandwidth utilization. I strongly recommend network flow logging as part of a well-rounded security program.
Additionally, in a large enterprise, flow data may quickly consume large quantities of storage space. You'll need to estimate your storage needs and develop a retention policy that balances business needs with the technical capabilities of the system.
Dig Deeper on Network Behavior Anomaly Detection (NBAD)
Related Q&A from Mike Chapple
Vulnerability scanning tools are necessary to be fully compliant with PCI DSS, but the tools need to come from a PCI DSS Approved Scanning Vendor. ...continue reading
Healthcare clearinghouses like Mass HIway are a new trend in health IT, but what are the security implications? Expert Mike Chapple explains what you...continue reading
The FFIEC Cybersecurity Assessment Tool has faced harsh criticism since its 2015 release. Expert Mike Chapple reviews the tool and how it can be ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.