Txais tos rau peb chav kawm mini tom ntej. Lub sijhawm no peb yuav tham txog peb cov kev pabcuam tshiab - . Nws yog dab tsi? Qhov tseeb, qhov no tsuas yog lub npe lag luam rau kev tshawb xyuas dawb ntawm kev sib txuas hauv network (ob sab hauv thiab sab nraud). Kev tshuaj xyuas nws tus kheej yog nqa tawm siv xws li cov cuab yeej zoo li , uas kiag li txhua lub tuam txhab tuaj yeem siv, pub dawb, rau 30 hnub. Tab sis, kuv qhia koj tias tom qab thawj teev ntawm kev sim, koj yuav pib tau txais cov ntaub ntawv tseem ceeb ntawm koj lub network. Ntxiv mus, cov ntaub ntawv no yuav muaj txiaj ntsig zoo li rau cov thawj coj hauv network, thiab rau cov neeg saib xyuas kev ruaj ntseg. Zoo, cia peb tham txog dab tsi cov ntaub ntawv no yog dab tsi thiab nws tus nqi yog dab tsi (Thaum kawg ntawm tsab xov xwm, raws li niaj zaus, muaj kev qhia video).
Ntawm no, cia peb ua me me digression. Kuv tsuas yog paub tseeb tias tam sim no ntau tus neeg xav tias: βQhov no txawv li cas ? Peb cov neeg siv khoom yuav paub tias qhov no yog dab tsi (peb siv zog ntau rau qhov no):) Tsis txhob maj mus rau qhov xaus, raws li zaj lus qhia ua tiav txhua yam yuav poob rau hauv qhov chaw.
Dab tsi tus thawj coj hauv network tuaj yeem tshawb xyuas siv qhov kev tshuaj xyuas no:
- Network Traffic Analytics - Yuav ua li cas cov channel tau thauj khoom, cov txheej txheem siv dab tsi, cov servers lossis cov neeg siv siv cov tsheb loj tshaj plaws.
- Network qeeb thiab poob - Lub sij hawm teb nruab nrab ntawm koj cov kev pabcuam, muaj kev poob ntawm txhua qhov koj cov channel (muaj peev xwm nrhiav tau lub fwj).
- Cov neeg siv kev lag luam analytics - Kev tshuaj xyuas dav dav ntawm cov neeg siv tsheb. Tsheb thauj mus los, daim ntawv thov siv, teeb meem hauv kev ua haujlwm nrog cov kev pabcuam hauv tuam txhab.
- Kev ntsuas kev ua haujlwm ntawm kev siv - txheeb xyuas qhov ua rau muaj teeb meem hauv kev ua haujlwm ntawm cov ntawv thov kev lag luam (network qeeb, lub sijhawm teb ntawm cov kev pabcuam, databases, daim ntawv thov).
- SLA saib xyuas - cia li kuaj pom thiab tshaj tawm qhov tseem ceeb qeeb thiab poob thaum siv koj cov ntawv thov hauv web raws li kev tsheb khiav tiag tiag.
- Nrhiav rau network anomalies - DNS / DHCP spoofing, loops, cuav DHCP servers, anomalous DNS / SMTP tsheb thiab ntau ntxiv.
- Teeb meem nrog configurations - Kev tshawb pom ntawm cov neeg siv tsis raug cai lossis cov neeg siv kev lag luam, uas yuav qhia tau qhov tsis raug ntawm cov keyboards lossis firewalls.
- Daim ntawv qhia - ib daim ntawv qhia ntxaws txog lub xeev ntawm koj IT infrastructure, tso cai rau koj los npaj ua haujlwm lossis yuav khoom siv ntxiv.
Dab tsi tus kws tshaj lij kev ruaj ntseg tuaj yeem tshawb xyuas:
- Viral kev ua si - kuaj pom cov kab mob sib kis hauv lub network, suav nrog cov malware tsis paub (0-hnub) raws li kev soj ntsuam tus cwj pwm.
- Kev faib tawm ntawm ransomware - lub peev xwm los ntes ransomware, txawm tias nws kis tau ntawm cov khoos phis tawj nyob sib ze yam tsis tau tawm ntawm nws tus kheej ntu.
- Kev Ua Phem Txhaum Cai - Kev khiav tsis zoo ntawm cov neeg siv, servers, kev siv, ICMP / DNS tunneling. Txheeb xyuas qhov tseeb lossis muaj peev xwm hem.
- Network tawm tsam - chaw nres nkoj scanning, brute-force tawm tsam, DoS, DDoS, kev cuam tshuam tsheb (MITM).
- Corporate data leak - kuaj pom qhov txawv txav (lossis uploading) ntawm cov ntaub ntawv lag luam los ntawm tuam txhab cov ntaub ntawv servers.
- Cov khoom siv tsis tau tso cai - nrhiav pom cov khoom siv tsis raug cai txuas nrog lub tuam txhab network (txiav txim siab cov chaw tsim khoom thiab kev ua haujlwm).
- Tsis xav tau daim ntawv thov - siv cov ntawv thov txwv tsis pub siv hauv lub network (Bittorent, TeamViewer, VPN, Anonymizers, thiab lwm yam).
- Cryptominers thiab Botnets - kuaj xyuas lub network rau cov cuab yeej muaj kab mob txuas mus rau C&C servers paub.
Qhia
Raws li kev txheeb xyuas cov txiaj ntsig, koj yuav tuaj yeem pom tag nrho cov kev ntsuas ntawm Flowmon dashboards lossis hauv PDF cov ntaub ntawv. Hauv qab no yog qee qhov piv txwv.
General Traffic Analytics
Kev cai dashboard
Kev Ua Phem Txhaum Cai
Cov cuab yeej kuaj pom
Cov txheej txheem kuaj mob
Scenario #1 - ib lub chaw ua haujlwm
Qhov tseem ceeb tshaj plaws yog tias koj tuaj yeem txheeb xyuas ob qho tib si sab nraud thiab sab hauv uas tsis tau txheeb xyuas los ntawm cov khoom siv tiv thaiv ib puag ncig (NGFW, IPS, DPI, thiab lwm yam).
Scenario #2 - ob peb lub chaw ua haujlwm
Video qhia
Txoj kev xaus
CheckFlow audit yog lub sijhawm zoo rau IT / IS cov thawj coj:
- Txheeb xyuas cov teeb meem tam sim no thiab tej zaum hauv koj IT infrastructure;
- Tshawb xyuas cov teeb meem nrog cov ntaub ntawv kev ruaj ntseg thiab cov txiaj ntsig ntawm kev ntsuas kev ruaj ntseg uas twb muaj lawm;
- Txheeb xyuas qhov teeb meem tseem ceeb hauv kev ua haujlwm ntawm kev lag luam kev lag luam (network part, server part, software) thiab cov neeg ua haujlwm daws nws;
- Qhov tseem ceeb txo lub sij hawm los daws teeb meem hauv IT infrastructure;
- Ua kom pom tseeb qhov yuav tsum tau nthuav tawm cov channel, lub peev xwm ntawm cov neeg rau zaub mov lossis kev yuav khoom siv tiv thaiv ntxiv.
Kuv kuj pom zoo kom nyeem peb tsab xov xwm dhau los - .
Yog tias koj txaus siab rau lub ncauj lus no, ces nyob twj ywm (, , , , .
Tsuas yog cov neeg siv sau npe tuaj yeem koom nrog hauv daim ntawv ntsuam xyuas. thov.
Koj puas siv NetFlow/sFlow/jFlow/IPFIX analyzers?
-
55,6%Yog 5
-
11,1%Tsis yog, tab sis kuv npaj yuav siv 1
-
33,3%Nr 3
Voted los ntawm 9 cov neeg siv. 1 tus neeg siv abstained.
Tau qhov twg los: www.hab.com