Register Now
Log in
Network Behavior Analysis
 |
||
 | NitroView ESM Information | |
|
| NitroGuard IPS Information | |
 | NitroView Product Brochure | |
|
| NitroGuard Product Brochure | |
 | View Demonstration Videos | |
 | View a Flash Presentation | |
 | Request a Live Demo | |
 |
||
|
||
|
||
|
||
|
||
|
||
NitroView combines flow analysis with security event management and log management for a holistic approach to network behavior analysis. Network flows may be analyzed to detect network anomalies either by:
- Signature-based flow rules to match current usage against automatically-calculated thresholds
- Heuristic analysis of flow data using on-the-fly trending
By combining these three important areas, NitroView is able to:
- Correlate historical trends against live network utilization to immediately identify anomalies.
- Correlate network usage and behavior statistics against both real-time and historical security events to identify network/security relationships
- Correlate network usage against log data — including logs from windows WMI, in order to provide system-, processes-, and OS- level context to the behavior
- Weigh these results by event severity or asset classification
Joseph Clark
Senior Network Engineer
College of Charleston
Network & Event Analysis Topology (NEAT)
Security Tool. Network Operations Tool.
NitroView, with Network & Event Analysis Topology, is a security tool — for event management, forensics, and compliance needs — and it's a network operations tool, for quick network health assessments, behavioral trend analysis, and user location & remediation.
For example: by linking event and flow queries to NEAT (shown), you can instantly see what events, users, and applications are associated with a particular part of your network (including at-a-glance anomaly detection using red indicators), simply by clicking within the topology. However, by instead linking NEAT to other components, the topology becomes an indicator of where a specific event or user is located within your network.