Using NetFlow Data For Robust Network Security

NetFlow analytic data can spot dangerous traffic patterns including anomalous "hot-spots" of activity and compromised hosts.

Ericka Chickowski

December 24, 2013

1 Min Read
NetworkComputing logo in a gray background | NetworkComputing

While NetFlow data may traditionally be seen as a network infrastructure tool, smart security teams can get tons of benefits out of the collection of IP traffic statistics, too.

"Security professionals should consider every NetFlow and IPFIX router a security camera that allows them to go back in time and investigate suspect traffic reported by any number of security appliances," says Michael Patterson, CEO of Plixer.

According to Dr. Vincent Berk, CEO of FlowTraq, security pros may have to battle to get their hands on the data if other infrastructure people—the ones 'responsible for moving packets but not securing them—are at all territorial. But it is worth the effort.

"This has created a climate where security professionals have increasingly had trouble getting their hands on streams of NetFlow throughout their organizations," Berk says. "However, the advanced values that a security professional can get from NetFlow is enormous."

Read the rest of this article on Dark Reading.

About the Author

Ericka Chickowski

Contributing Writer, Dark Reading

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights