Email Alerts
-
How does advanced malware use the network against you?
Find out how advanced malware can be detected by tracking its abnormal network behavior. Feature
-
Advanced threat protection: Behavior-profiling network communications
Advanced threat protection specializes in detecting advanced and persistent malware inside networks? Feature
-
Implementing Cisco ASA tools for effective network traffic monitoring
This chapter on controlling network access explains how to implement Cisco ASA tools to ensure effective network traffic monitoring. Book Chapter
-
Wireless sniffing best practices using Wireshark
Wireless sniffing using Wireshark lets engineers troubleshoot poor performance and connectivity problems, as well as analyze traffic activity on the network. Book Chapter
-
Virtual network security: A vendor comparison
In this vendor rundown, we compare the emerging options for virtual network security in your data center. Feature
-
Network auditing tools for war driving: Video and quiz
Test your knowledge of network auditing tools by viewing this video and taking the quiz that follows. Know how to best tackle network access points and get a chance to be rewarded. Quiz
-
Managed intrusion prevention services handle sophisticated attacks
Adopting managed intrusion prevention services can help avert increasingly sophisticated network attacks. Feature
-
Choosing a next-generation firewall: Vendor comparison
Next-generation firewalls are becoming a must. Read our comparison of application-aware firewall options available from the leading firewall vendors. Feature
-
Cisco ASA and BGP peering problems: Command line tips
If you run into BGP peering problems because of a Cisco ASA or PIX firewallin the middle, there are a few simple command line fixes that will quickly solve the problem. Fast Packet blogger Brandon Carroll explains. Fast Packet
-
Creating a firewall policy fault model with automatic correction
Firewall policy problems may be at the heart of firewalls that mistakenly block legitimate traffic or allow in troubled traffic. At LISA 2010, researchers propose creating a firewall policy fault model that can be used to implement automated correcti... Research Report
- See more Essential Knowledge on Network Security Monitoring and Analysis
-
New McAfee IPS offers 40 Gbps throughput
The new NS series of McAfee IPS appliances offers 40 Gbps. McAfee has also acquired NGFW vendor Stonesoft. News | 09 May 2013
-
Security vendors team up to detect targeted attacks on networks
Security vendors team up to detect malicious attacks that target networks. News | 06 May 2013
-
Networking Update: Cisco buys Ubiquisys, strategies for analyzing VoFi
In this week's roundup, bloggers discuss Cisco's acquisition of Ubiquisys and offer strategies for VoFi analysis and engineering firewall policies. Fast Packet | 10 Apr 2013
-
Networking blogs: Better BYOD policies, Aerohive updates HiveManager
In this networking blog roundup, learn why better BYOD policies are user-oriented, and find out what the HiveManager update means for WLAN security. Fast packet | 20 Mar 2013
-
Network Innovation Award: Palo Alto Networks next-generation firewalls
Palo Alto has won the SearchNetworking Network Innovation Award for next-generation firewalls that work throughout campus and data center networks. News | 15 Mar 2013
-
Networking blog roundup: Cisco NAM; why BGP matters in an SDN world
In this week's networking blog roundup, bloggers consider the significance of the new Cisco NAM and troubleshoot high CPU usage in an ASA firewall. Fast Packet | 25 Feb 2013
-
ForeScout CounterACT integrates with MDM vendors AirWatch, MobileIron
ForeScout CounterACT combines its network access control product with mobile device management from AirWatch and MobileIron to help IT enable secure enterprise mobility. News | 18 Feb 2013
-
Cyber-security services: Identify, respond to and evaluate an attack
Enterprises need more than just security products. Sourcefire introduces new cyber-security services to help customers respond to malware. News | 25 Jan 2013
-
Networking in 2013: Will enterprise network security management get easier?
Gartner analyst Greg Young predicts network security management will get a 2013 makeover with more correlation among vendors. SDN security draws scrutiny. News | 14 Jan 2013
-
Next-generation firewall management: Smarter boxes, more complexity
A new survey shows that next-generation firewall management is more complex, with new layers of rules and policies to write and track. News | 29 Nov 2012
- See more News on Network Security Monitoring and Analysis
-
How to implement cloud-based security services
Implementing cloud-based security services has rewards, but network pros must evaluate the cloud provider's architecture for security and reliability. Expert Tip
-
Network security assessment: Test firewalls, IDS in multiple ways
Network administrators need to test internal systems such as firewalls and IPS/IDS devices to ensure their networks are safe. Tip
-
Network security assessment: Internal testing relies on various tools
Network administrators need to know what steps to take to protect their networks against internal threats. Tip
-
SSL certificate management: A practical guide
Certificate management is faced by many but understood by few. This guide provides a refresher of the basics and covers common tasks. Tip
-
Are application signatures the new firewall-rules bloat?
We've all heard of firewall-rules bloat, but the problem could get worse considering all of the application signatures that must be maintained in next-generation firewalls. Tip
-
Do you need virtual firewalls? What to consider first
With virtual firewalls, you can avoid routing traffic out of the virtual environment to pass through a physical firewall. But there are challenges to consider in going virtual. Tip
-
Deep packet inspection vendors: Quite the diverse crew
Deep packet inspection vendors can vary from traditional network infrastructure vendors to third-party specialists. Here we run down a smattering of providers and their offerings. Tip
-
Deep packet inspection tools: Proxy vs. stream-based
As more enterprises consider deep packet inspection tools, network managers must choose the technique that works best for them. Tip
-
Network access security challenges: Mobility requires new strategies
With employees accessing core applications on personal devices, engineers are facing new network access security challenges that require intelligence on all components. Tip
-
Planning a virtualization firewall strategy
Creating a virtualization firewall strategy entails determining exactly how you want to protect your virtual environments and then implementing firewall segmentation for security. Tip
- See more Tips on Network Security Monitoring and Analysis
-
What to consider when choosing an MDM system
Choosing an MDM system can be a complicated process, but expert Rainer Enders breaks down the considerations into straightforward terms in this tip. Answer
-
How can I calculate perimeter firewall throughput?
Learn how to use a capture filter in Wireshark, to determine network throughput on a firewall by monitoring incoming packets and using a simple equation to find a baseline throughput, from our expert Michael Gregg. Ask the Expert
-
Is there a way to trace my stolen laptop computer?
Learn some useful preliminary techniques on how to safeguard your computer should it get stolen and make it recoverable using certain trace software, from our expert Michael Gregg. Ask the Expert
-
How do I find the application on my network that's dropping packets?
Learn how to use Wireshark to trace dropped packets being sent from a PC on your network or an external application/service and secure SMTP ports, from our expert Michael Gregg. Ask the Expert
-
Where can I find a sample security audit report? How can I run my own?
IT organization security audit reports aren't for circulation. Our network enterprise security expert explains how professionals can sample a technical report by running their own. Ask the Expert
-
Troubleshooting VLANs: How to monitor 802.1q tagged traffic
When troubleshooting a virtual LAN (VLAN), learn how to monitor 802.1q tagged traffic within a network in this advice from our routing and switching expert. Ask the Expert
-
How can I block my competitor's IP address range from my website?
Are you looking for free network tools to find an IP address range? This advice from our security expert shows you whois tools available to you and then explains how to block these ranges from viewing your Web resources, in this expert response. Ask the Expert
-
What software monitors and locks users from accessing my router?
Learn which software programs monitors and locks unauthorized users from accessing your router for Internet use in this expert response with our network security expert, Michael Gregg. Ask the Expert
-
What is a genetic algorithm and where can I learn more about them online?
Learn about genetic algorithms as well as where to find online resources for understanding them. Ask the Expert
-
What are the best methods for handling rogue access points?
Our network security expert, Michael Gregg, explains how to enforce network policy and handle rogue access points (APs) in this expert response. Ask the Expert
- See more Expert Advice on Network Security Monitoring and Analysis
-
darknet
A darknet is a routed allocation of IP address space that is not discoverable by any usual means. Definition
-
Metasploit Project - Metasploit Framework
The Metasploit Project is an open source computer security project that provides a public resource for researching and developing exploit code. Definition
-
deep packet inspection (DPI)
Deep packet inspection (DPI) is an advanced method of packet filtering that functions at the Application layer of the OSI (Open Systems Interconnection) reference model... (Continued) Definition
-
netstat
Netstat is a common command line TCP/IP networking utility available in most versions of Windows, Linux, UNIX and other operating systems... (Continued) Definition
-
firewall
A firewall is a set of related programs, located at a network gateway server, that protects the resources of a private network from users from other networks. Definition
-
port mirroring (roving analysis port)
Port mirroring, also known as a roving analysis port, is a method of monitoring network traffic that forwards a copy of each incoming and outgoing packet from one port of a network switch to another port where the packet can be studied. Definition
-
FCAPS (fault-management, configuration, accounting, performance, and security)
FCAPS (fault-management, configuration, accounting, performance, and security) is an acronym for a categorical model of the working objectives of network management. Definition
-
Nessus
Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools. Definition
-
blended threat
A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion. Definition
-
Mobile network management applications offer monitoring on the go
As smartphone and tablet devices in the enterprise grow, vendors are developing mobile network management apps for iOS and Android, offering accessible views into the network. Photo Story
-
How to implement cloud-based security services
Implementing cloud-based security services has rewards, but network pros must evaluate the cloud provider's architecture for security and reliability. Expert Tip
-
New McAfee IPS offers 40 Gbps throughput
The new NS series of McAfee IPS appliances offers 40 Gbps. McAfee has also acquired NGFW vendor Stonesoft. News
-
Security vendors team up to detect targeted attacks on networks
Security vendors team up to detect malicious attacks that target networks. News
-
Network security assessment: Test firewalls, IDS in multiple ways
Network administrators need to test internal systems such as firewalls and IPS/IDS devices to ensure their networks are safe. Tip
-
Network security assessment: Internal testing relies on various tools
Network administrators need to know what steps to take to protect their networks against internal threats. Tip
-
Networking Update: Cisco buys Ubiquisys, strategies for analyzing VoFi
In this week's roundup, bloggers discuss Cisco's acquisition of Ubiquisys and offer strategies for VoFi analysis and engineering firewall policies. Fast Packet
-
SSL certificate management: A practical guide
Certificate management is faced by many but understood by few. This guide provides a refresher of the basics and covers common tasks. Tip
-
How does advanced malware use the network against you?
Find out how advanced malware can be detected by tracking its abnormal network behavior. Feature
-
Advanced threat protection: Behavior-profiling network communications
Advanced threat protection specializes in detecting advanced and persistent malware inside networks? Feature
-
Networking blogs: Better BYOD policies, Aerohive updates HiveManager
In this networking blog roundup, learn why better BYOD policies are user-oriented, and find out what the HiveManager update means for WLAN security. Fast packet
- See more All on Network Security Monitoring and Analysis
About Network Security Monitoring and Analysis
Network traffic analysis and monitoring tools can detect threats and vulnerabilities in your enterprise network. This section explains how to monitor and analyze the security of all networks, and provides information on how penetration testing and ethical hacking methods can better secure corporate data.
Network Management Strategies for the CIO