Networking

10:30 AM
Connect Directly
RSS
E-Mail
50%
50%

Lancope Adds Application Awareness, Visualization Tools To Network Behavior Analysis

Lancope's StealthWatch 6.0 network behavioral analysis tool features granular application awareness, flexible grouping of network assets for reporting and analysis, and relational mapping for network visualization.

Lancope's StealthWatch 6.0 network behavioral analysis tool features granular application awareness, flexible grouping of network assets for reporting and analysis, and relational mapping for network visualization.

Network behavior analysis plays on both the security and network operations sides of IT by collecting and analyzing network flow telemetry via Netflow, sFlow, JFlow, etc., to identify and remediate the cause of anomalous activity, such as traffic spikes, performance degradation, and communication with unexpected IP addresses that might indicate botnet activity or data exfiltration.

"The same sort of instrumentation points and same sort of measurements can be used quite effectively in both realms," says Jim Frey, research director, enterprise management, for Enterprise Management Associates.

On the security side, the addition of application awareness, through deep packet inspection, helps enterprises identify potentially malicious activity and applications, such as peer-to-peer or social networking sites, that may be banned or restricted by corporate policy. On the network side, fine-grained application awareness enables ops teams to determine if reports of "slowness" are caused by network problems or application issues, such as authorized or unauthorized video streaming, an issue with an authorized business application or a malicious program that needs to be referred to security.

"Is it the network or the application? Everyone points fingers when users report 'slowness' in something," says Joe Yeager, Lancope product manager. "It's always the networks that are blamed, but the networks are only responsible 20 percent of the time." Understanding the cause of performance issues saves organizations from throwing bandwidth capacity at what appear to be network issues but may be related to applications or a faulty DNS server.

Previous
1 of 3
Next
Comment  | 
Print  | 
More Insights
Hot Topics
14
White-Box Switches: Are You Ready?
Tom Hollingsworth 7/28/2014
11
Fall IT Events: On The Road Again With 10 Top Picks
James M. Connolly, Editor in Chief, The Enterprise Cloud Site,  7/29/2014
7
Understanding IPv6: Link-Local 'Magic'
Denise Fishburne, Cisco Champion,  7/24/2014
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed