We decided to launch a Rolling Review to help you ensure that the NBA product you're considering will integrate with your current IDS, vulnerability scanner, and security incident and event manager (SIEM) while handling your throughput needs. We've invited six vendors to send products to our University of Florida Real-World Labs. See "Network Behavior Analysis Rolling Review" for more testing details.
MAKE ROOM ON THE COURT
Pure-play NBA vendors initially focused on network security because, simply put, they were good at it. Once their systems create a baseline of what normal network behavior looks like, they can detect anomalous activities. For example, say a desktop computer whose daily actions comprise Web browsing, access to network shares, and e-mail traffic suddenly begins accepting connections on TCP port 65500 or starts communicating on UDP port 17028 with hundreds of other hosts around the world. An NBA system would fire off an e-mail to the security team about the sudden change, maybe even implement a firewall ACL or disable the switch port to prevent collateral damage.
Because NBA requires an intimate understanding of an enterprise's unique traffic patterns, it's a natural fit for vendors to add network performance monitoring features ranging from simple functions, like identifying top talkers, to more advanced reporting to assist with network optimization and planning. Essentially, this feature set is why NBA vendors promise both network and security teams visibility that they've previously not possessed, including alerts when new hosts appear on the network and the ability to find where bottlenecks exist and tie users directly to their network traffic flows.
Smelling an opportunity for expansion into a prospering space, network performance vendors including NetQoS are busily adding NBA capabilities to their product lines. While security-focused individuals and vendors claim NBA as part of a comprehensive security strategy, these network performance vendors tout the technology as a natural extension of yesterday's network management systems. For example, Steve Harriman, NetQoS's VP of marketing, says NBA is key to optimizing networks for application performance.
No matter which viewpoint you favor, enterprise IT groups are the ultimate winners: More competition in the NBA market from vendors with different perspectives means abundant new features and lower prices.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
