With next week's RSA Conference in San Jose, the talk among several management vendors has turned to security.
As many tout their identity management or security information management (SIM) suites, others are focusing on another area of network management that has been coming to the forefront as a unique defense against the most insidious attacks: network behavior analysis, network anomaly detection systems or network behavior anomaly detection. While the market works on what to call the technology, the technology itself performs traffic monitoring and analysis for security purposes.
Generally speaking, these types of products perform a benchmark of normal traffic behavior and continuously monitor for changes. Then if, for example, a relatively unused host begins to propagate many requests, the anomaly detection system might suspect the host could be falling victim to a worm. Or if enterprise application traffic deemed content-sensitive starts to use Port 80, the port left open on firewalls for Internet traffic, the products could alert that compliance policies could be in the process of being breached.
The products, according to industry watchers, perform multiple IT tasks in the realm of security, compliance and management. In fact, tools for monitoring traffic for potential breaches is becoming a staple in most security managers arsenal. According to Gartner, by the end of 2007, 25% of large enterprises will employ such tools as part of their network security strategy.
Companies such as Arbor Networks, GraniteEdge Networks, Lancope, Mazu Networks and Q1 Labs separately offer products that perform this type of traffic monitoring and behavior analysis of known and unknown threats. Even Cisco's MARS (Monitoring Analysis and Response System) performs network anomaly detection to some degree.
Post a comment
|
Does Verizon's Voyager stack up to the iPhone? |
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
NetScout and analyst Jim Metzler have teamed to deliver a series of IT Briefs on Network and Application Performance Management leveraging research from NetScout's nGenius & Sniffer users.
Delivering IT business value by evolving our thinking from managing application performance to focusing on services.
Successful IT organizations must know how to make the right application delivery decisions in these tough economic times.
Discusses the growing emphasis on network management and the need to implement a holistic view of the end-to-end experience of the user.
Network World on Twitter: Get our tweets and stay plugged in to networking news