6. Network Flows and Anomaly Detection

Today, network security engineers face a myriad of daunting conditions. They are tasked with protecting today’s most critical asset—information—facing every possible threat and vulnerability while operating in a landscape of constant change. The business needs change, the network topology changes, the compliance regulations change, the threats change. Modern networks that are highly segmented and decentralized pose serious challenges to monitoring and securing your network the traditional way (with log analysis, SNMP/RMON probes, firewalls, and intrusion detection/prevention probes). Will it scale to provide the same level of coverage tomorrow as it does today while maintaining the same level of cost and ...

Get Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.