Problem solve Get help with specific problems with your technologies, process and projects.

Does network speed impact the ability to monitor network activity?

Expert Brad Casey explains the relationship between network speed and the ability to monitor network activity in the enterprise.

What is the real correlation between data security, network speeds and network monitoring? Some say the higher the network speed, the bigger the risk to data security, and in turn the more difficult it is to monitor network activity. Is that true, or is that just a myth?

Ask the Expert!

Have questions about network security for expert Brad Casey? Send them via email today! (All questions are anonymous.)

Well, it really depends. Yes, the network speeds may result in larger volumes of data to monitor, but it also allows for better performance when processing encrypted traffic because the overhead that is inherent in all encryption becomes more transparent to the end user. So to me, this is a double-edged sword.

If your organization has the manpower, technology and know-how, then I would say that this is a myth. On the other hand, if your organization lacks resources in any of these three areas, then I would most definitely say this is true. Manpower allows for a greater division of labor and, at least theoretically, a quicker, more efficient approach to network monitoring. What is referred to in terms of technology is whether your network infrastructure has sufficient capacity to withstand the higher throughput. It may be said that this is basic with regard to how higher network speeds can help or hurt a given network. Know-how refers to the competency of those who are responsible for maintaining the network infrastructure. After all, what good is increased throughput and better technology if no one is capable of operating within the environment?

Furthermore, if your organization is really serious about security, and it's willing to allocate the money and aforementioned resources necessary to monitor network activity, then the difficulty quotient is nil. However, if you work for a startup and resources are hard to come by, then a high-speed network may be rather difficult to monitor with any degree of accuracy due to the large amount of data involved. I hate to be wishy-washy, but this question gives birth to answers with dozens of caveats.

This was last published in August 2013

Dig Deeper on Real-time network monitoring and forensics

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.