network behavior analysis
Home > Security Definitions - Network behavior analysis
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

network behavior analysis

Show me everything on Network Behavior Anomaly Detection (NBAD)

DEFINITION - Network behavior analysis (NBA) is a way to enhance the security of a proprietary network by monitoring traffic and noting unusual actions or departures from normal operation. Conventional intrusion prevention system solutions defend a network's perimeter by using packet inspection, signature detection and real-time blocking. NBA solutions watch what's happening inside the network, aggregating data from many points to support offline analysis.

After establishing a benchmark for normal traffic, the NBA program passively monitors network activity and flags unknown, new or unusual patterns that might indicate the presence of a threat. The program can also monitor and record trends in bandwidth and protocol use. Network behavior analysis is particularly good for spotting new malware and zero day exploits.

A good NBA program can help a network administrator minimize the time and labor involved in locating and resolving problems. It should be used as an enhancement to the protection provided by the network's firewall, intrusion detection system, antivirus software and spyware-detection program.

Learn more about Network Behavior Anomaly Detection (NBAD)
The key technologies in a network perimeter intrusion defense strategy: This article introduces and defines the myriad technologies and the role they play in an intrusion defense strategy.
Use BotHunter for botnet detection: Got bots? Hopefully not, but how can you be sure? Learn about botnet detection with the help of a free tool, BotHunter.
Combining NetFlow analysis with security information management systems: When NetFlow is used in conjunction with SIMs and correlated with data from other devices and layers, the combination becomes indispensable.
Security information management finally arrives, thanks to enhanced features: In this tip, Mike Rothman reveals how network-behavior analysis and log management technologies have brought some new life to the SIM market.
IDS: Signature versus anomaly detection: Learn the strengths and weaknesses of signature and anomaly detection, and how the two detection methods complement each other.

LAST UPDATED: 08 Dec 2008

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- Mathew Schwartz outlines how NBA works and the rationale for its deployment.
- Denise Dubie describes real-world applications of NBA.
- ConSentry Networks offers a comprehensive network security solution.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
Trend Micro to acquire Third Brigade for virtualization, cloud security
Trend Micro said Third Brigade's technology bolsters its datacenter security strategy by helping its customers protect virtual servers and cloud...
Use BotHunter for botnet detection
Got bots? Hopefully not, but how can you be sure? Learn about botnet detection with the help of a free tool, BotHunter.
Is centralized logging worth all the effort?
Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a...

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
network behavior anomaly detection  (SearchSecurity.com)
Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends......
nonce  (SearchSecurity.com)
A nonce, in information technology, is a number generated for a specific use, such as session authentication.




Get More network behavior analysis Answers
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts