network behavior analysis

Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or departures from normal operation. An NBA solution offers protection for a network in addition to that provided by traditional anti-threat applications such as firewalls, antivirus software and spyware-detection programs.

An NBA program passively monitors the communications between hosts and clients in real time and flags unknown, new or unusual patterns that could indicate the presence of threats. An NBA program can also monitor and record trends in bandwidth and protocol use. These functions can minimize the time and labor involved in locating and resolving problems. An effective NBA solution may proactively forestall serious security breaches and render complex and time-consuming disaster-recovery procedures unnecessary.

An NBA solution is not effective on its own. It should be used in addition to conventional firewalls and solutions for the detection, blocking and removal of malware.

Read more about network behavior analysis: - Mathew Schwartz outlines how NBA works and the rationale for its deployment. - Denise Dubie describes real-world applications of NBA. - ConSentry Networks offers a comprehensive network security solution.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Is centralized logging worth all the effort? Network log records play an extremely important role in any well-constructed security program. Expert Mike Chapple explains how to implement a... How will the centralized logging of network flow data benefit an enterprise? Network security expert Mike Chapple strongly recommends network flow logging as part of a well-rounded security program. There are two common... Can reputation services be applied to network security? Reputation scores can be used to block spam, but can these services be applied to the security of the network? In this expert Q&A, Mike Chapple...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary network behavior anomaly detection  (SearchSecurity.com) Network behavior anomaly detection (NBAD) is the continuous monitoring of a proprietary network for unusual events or extraordinary trends...... nonce  (SearchSecurity.com)