network behavior analysis

After establishing a benchmark for normal traffic, the NBA program passively monitors network activity and flags unknown, new or unusual patterns that might indicate the presence of a threat. The program can also monitor and record trends in bandwidth and protocol use. Network behavior analysis is particularly good for spotting new malware and zero day exploits.

A good NBA program can help a network administrator minimize the time and labor involved in locating and resolving problems. It should be used as an enhancement to the protection provided by the network's firewall, intrusion detection system, antivirus software and spyware-detection program.

Read more about network behavior analysis: - Mathew Schwartz outlines how NBA works and the rationale for its deployment. - Denise Dubie describes real-world applications of NBA. - ConSentry Networks offers a comprehensive network security solution.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

BROWSE BY TAG Network Intrusion Detection and Analysis,   Network Behavior Anomaly Detection (NBAD),   Enterprise Network Security,   Network Intrusion Prevention (IPS),   Network Intrusion Detection (IDS),   Monitoring Network Traffic and Network Forensics,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Trend Micro to acquire Third Brigade for virtualization, cloud security Trend Micro said Third Brigade's technology bolsters its datacenter security strategy by helping its customers protect virtual servers and cloud... Use BotHunter for botnet detection Got bots? Hopefully not, but how can you be sure? Learn about botnet detection with the help of a free tool, BotHunter. Is centralized logging worth all the effort? Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary network behavior anomaly detection  (SearchSecurity.com) Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends...... nonce  (SearchSecurity.com) A nonce, in information technology, is a number generated for a specific use, such as session authentication.