O'Reilly logo

Cisco Networking Simplified, Second Edition by Paul Della Maggiora, Neil Anderson, Jim Doherty

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter . Telemetry: Identifying and Isolating Attack Sources

Normal or Abnormal

Although it is critical to deploy the best security tools and systems available, including IBNS, firewalls, IPS, and NAC, it is possible to overlook one of the most useful security tools—“hiding in plain sight.”

Using common network traffic monitoring and analysis tools (such as Cisco NetFlow) that are available on many core Cisco network products (including routers and switches), you can gain a deep understanding of what a network looks like during normal operations and when an anomaly is present in the network.

If you understand and study the normal, the abnormal can become apparent. What comprises abnormal may vary from network to network and from attack to attack. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required