While the annual Black Hat 2010 conference tends to bring a lot of much-needed focus to security, the problem most IT organizations have is that they are never sure what happened on the network. The good news is that a discipline generally referred to as network forensics is getting more robust by the minute. The […]
While the annual Black Hat 2010 conference tends to bring a lot of much-needed focus to security, the problem most IT organizations have is that they are never sure what happened on the network.
The good news is that a discipline generally referred to as network forensics is getting more robust by the minute. The bad news is that an increased focus on corporate security by organizations such as the National Security Agency (NSA) means that companies don’t have a lot time to improve their overall security posture.
The NSA, for example, is launching an effort, dubbed Perfect Citizen, to detect when public agencies and private companies are the focus of a specific attack. That’s all well and fine, said Peter Schlampp, vice president of marketing and product management for Solera Networks. But once an attack is detected, security experts are going to want to research exactly what happened. That means, says Schlampp, companies have to be able to play back exactly what happened on their networks at any given time.
Solera Networks, which this week closed another $15 million in financing, provides a set of network monitoring appliances that can index a million packets a second. That index then allows the appliances to be used to play back an entire series of events on the network in full fidelity.
While the concept of network forensics has been around for a while, the technology is only now starting to be able to capture every event on the network in real time. That should serve to greatly enhance our understanding of how any particular attack is perpetrated.
So don’t be too surprised when some government official knocks on your virtual door in the next several months and starts asking you pointed questions about your company’s overall security posture and what you intend to do to improve it as part of our new national cyberdefense strategy.
Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
