Network forensics is the recording, storage and analysis of network traffic. As networks continue to get faster and connect to more devices, it becomes even more important for IT engineers to be able to replay, re-examine or closely analyze traffic so they can identify the cause of performance problems and uncover the source of security attacks.
In a 2014 WildPackets survey, “Trends in Network Forensics: A Look at Adoption, Uses and Importance,” findings suggested that organizations are severely limiting their ability to properly monitor and troubleshoot their 10G or faster networks due to the lack of network forensics solutions in place. The survey not only revealed how many organizations currently have a network forensics solution, but how they are using it to effectively monitor and analyze their networks performance.
This slideshow highlights the other findings from WildPackets’ Trends in Network Forensics survey.
Click through for findings from a network forensics adoption survey, conducted by WildPackets.
A variety of uses
Perhaps most surprising is that the survey found organizations are not deploying network forensics solutions for any one particular use. For example, 25 percent of respondents are using network forensics to troubleshoot security breaches, 24 percent are using it to verify and troubleshoot transactions, and the rest of the respondents are using it in some degree to analyze network performance, verify VoIP problems or validate compliance.
Reasons for implementing a network forensics solution
Being able to identify security threats within an organization’s network is often one of the key reasons organizations implement a network forensics solution, and not surprisingly, 38 percent of respondents are using their network forensics solution for that very reason.
Reasons for implementing a network forensics solution continued
Other top reasons for implementing a network forensics solution include identifying low-performing network segments (29 percent), bad voice and video-over-IP quality (17 percent) and faulty transactions (15 percent).
The biggest benefits network forensics solutions provided to respondents included improved overall network performance (40 percent), reduced time to resolution when troubleshooting transactions (30 percent) and reduced operating costs (21 percent).
Organizations of all kinds depend on their networks, and lately those networks have become increasingly busy and complex. Seventy-two percent of organizations experienced an increase in network utilization in the past year and, as a result, their ability to capture and analyze data has suffered. As a result, respondents experienced slower problem identification (38 percent) and less real-time visibility (25 percent). However, a network forensics solution has the ability to solve each of these problems.