-

   Web_Control

 - e-mail

 

 -

 LiveInternet.ru:
: 02.07.2010
:
:
: 84

:

(0)

NetFlow .

, 10 2013 . 10:27 +

Verizon (Verizon Data Breach Investigations Report), 14% . , , 76% , , 29% - . , .


, , , , , , . , . , . , .
, , SIEM, IDS/IPS, NetFlow , . .

NetFlow
, NetFlow , . NetFlow , , , email , ( ).

3867803_InsiderThreatGTRI (700x525, 41Kb) Lancope’s StealthWatch System, NetFlow- , , , . Lancope , , .
3867803_Picture1 (700x495, 39Kb)

- . StealthWatch. ( IT, HR ), NetFlow .


:  
(0)

DDoS. ?

, 23 2013 . 23:06 +

" " (distributed denial-of-service, DDoS) 1999 ; trin00, . , : , . , DDoS.

DDoS

DDoS .


  • -, , . , . , - , . DDoS , . , . DDoS. , , .

  • DDoS , . IP-. , . , (spoofing), .

  • : , , DDoS. , , , , . , , "", "". , - .

DDoS- , . , , , .
, . , , . DDoS-. , , .

, Lancope StealthWatch. "" ( ) , . StealthWatch , DDoS:


  • . , , . , .

  • . FlowSensor FlowSensor VE, StealthWatch , - .

  • . StealthWatch , .

  • . , .

  • . . , StealthWatch .

  • SYN. "" TCP SYN, .

  • . HTTP-, , -, , DDoS .

  • . - . " ". StealthWatch .

  • High Concern Index. Lancope, , () , . "" High Concern Index, , , .

  • . , , StealthWatch , .

DDoS - , , . . DDoS - , . DDoS , , , , , , , " ".


:  
(0)

Gartner :

, 25 2013 . 22:07 +

Gartner, . . Gartner .

  Gartner/3867803_Magic_gartner_quadrant_for_firewalls (420x476, 46Kb)
, NetFlow IPFIX (Check Point, Cisco, Juniper Palo Alto Networks). , Barracuda, Dell-SonicWALL Sophos . .. .
, Gartner , 80% , () - 20%. , , , . , Mandiant, , (advanced persistent threats, APT). 
NetFlow IPFIX 100% ,   IP- IP- . sFlow, Fortinet. , - sFlow NetFlow. " , , sFlow , NetFlow, , , , - (CTO) Lancope (Adam Powers). - sFlow NetFlow ".
, , , , . , , , , , , URL, email .


:  
(0)

Gartner 2012 .

, 29 2013 . 12:33 +

  /3867803_greatwall1 (600x450, 102Kb) (2012 .) Gartner 85% . , , . , , 92% . , , , .

, " " zero-day, Symantec Research , , , 312 , 30 . , .

 

, , , . 2000 2005 (Intrusion Detection Systems, IDS). " " . , IDS, , , . , , , , .

/3867803_anonimous (640x480, 26Kb)

-

IDS , (Intrusion Prevention Systems, IPS), . , , . , IPS , , . - , "" . "" . Gartner, "" 4 1.

 

-, , . , .

 

, , , . , , , . , , , . , , . - , , .

 

, , ?

, Gartner, , , . , , .

 

, :
  • P2P- Onion Routing- ?
  • -?
  • , ?
  • ?
, . , , . : , ?

 

, , , . . , . , , , , . , . , . , () .

 

, "", . , . , , - , , , , . , . .. .

 

IDS , . ( ).
: " , , " " , ". "" , , , . , " ".
, , , . , , , () . - .

 

"" . , "", . , : " , ?". , , Lancope StealthWatch, .

:  
(0)

?

, 23 2013 . 20:40 +

. , , . -, , , , - . , . - ...
, :

  • . , "" , "" , .
  • " " . , , , .
  • . IT- " " " " , - . "" .
  • . , , , Syslog, NetFlow .
  • IT . , IT, HR, . " " , .

, "", , .. . , . : http://www.lancope.com/solutions/security-operations/.


:  
(0)

259%? Lancope StealthWatch

, 08 2012 . 20:39 +

Lancope , StealthWatch (ROI) 259% , Forrester Consulting \" Lancope StealthWatch\", 2012 . , StealthWatch 10 .
StealthWatch, , :

  • ,
  • help desk tier-one tier-three
  • .

19 Lancope , . : http://www.lancope.com/news-events/webinars/achieving-259-roi-with-stealthwatch/.
: http://www.lancope.com/resource-center/industry-re...-economic-impact-stealthwatch/


:  
(0)

Lancope StealthWatch " "

, 21 2012 . 19:30 +

Lancope , StealthWatch , , , command-and-control (CnC) .
- .
Cisco Cyber Threat Defence. , Lancope Cisco, . NetFlow, IPFIX , StealthWatch , . .
, , StealthWatch Management Console, . :

  • - , -
  • - , , " " .
  • command-and-control -
  • "" - , command-and-control

.


:  
(0)

Cisco ASA Juniper SRX: NetFlow

, 12 2012 . 20:26 +

Cisco. NetFlow IPFIX. , :

  • (, )

, syslogs, NetFlow. Cisco ASA SonicWall, , .

NetFlow Cisco ASA, NetFlow:

  • , , ..
  • , BYOD ( )

Cisco ASA NSEL:

3867803_ciscoasanselnetflowreporting (700x353, 163Kb)

Juniper SRX J-Flow ( NetFlow, Juniper), sampled NetFlow.   ? sFlow.
NetFlow , (advanced persistent threats). NetFlow
, . NetFlow Sampling, , .

.
. Cisco ASA, Juniper SRX (sampled), SonicWALL, Barracuda, Palo Alto Networks, Checkpoint Fortinet (sFlow) - .


:  
(0)

Mac

, 13 2012 . 18:25 +

, 650 Mac, , Windows. , , (bring-your-own-device, BYOD), .
Apple , . Apple , , Apple , Mac OS X.
. , , Mac. , , , .
, Flashback, , , ? , ?
, BYOD, NetFlow. , NetFlow, , .   , - - ().
, Lancope StealthWatch , , , , , , , .

Lancope


:  
(0)

VoIP NetFlow

, 05 2012 . 13:07 +
NetFlow VoIP Monitoring QoS DSCP. , , Flexible NetFlow.

VoIP NetFlow

" ": A B. TCP hand shake SYN, SYN ACK ACK.
: hops, . . , .
: , , . , .
: . -, , . ( , ), .

VoIP, NetFlow. , , Flexible NetFlow.

:  
(0)

IPFIX vs. NetFlow. ?

, 16 2012 . 13:49 +

NetFlow v5 , NetFlow v9 , Flexible NetFlow , ..., flexible, IPFIX NetFlow?
IPFIX. :

  • Juniper
  • Lancope
  • Nortel
  • SonicWALL
  • Extreme
  • NTOP
  • Plixer

... , , . , , IPFIX.
.   ...


:  
(0)

: ?

, 14 2012 . 12:48 +

. , , , . , , , . ? NetFlow - Lancope StealthWatch.

, 20% ? , P2P, , , .

, ( ), ? .

, . ...


:  
(0)

Lancope ,

, 08 2012 . 20:51 +

Lancope , StealthWatch , , .. bring-your-own-device (BYOD).
, , StealthWatch , .
, , IDS/IPS BYOD. , StealthWatch NetFlow , , .
" , , , - (Joe Yeager), - Lancope. - " 75% , , StealthWatch, , ".
, , IDS/IPS BYOD. , StealthWatch NetFlow , , .
, StealthWatch , , . , , , , , , . , .

Lancope Web Control.


:  
(0)

Palo Alto Networks NetFlow

, 07 2012 . 20:34 +

Palo Alto Networks NetFlow . NetFlow, (DPI, Deep Packet Inspection) , Skype, BitTorrent, Webex . NetFlow HTTP (TCP 80). Cisco NetFlow NBAR - , , . Cisco ASA NetFlow .

Palo Alto Networks/3867803_paloAltoNetworksNetFlowSupport (700x563, 232Kb) . Palo Alto Networks OS v4.1.
NetFlow www.netflowfaq.ru


:  
(0)

Lancope " NetFlow "

, 27 2012 . 22:40 +

(best practices) .
"The State of NetFlow: Advancing Security and Performance through Network Visibility" Lancope, NetFlow . , , . : http://www.lancope.com/resource-center/industry-reports/state-of-netf....
... (http://www.lancope.com/news-events/press-releases/...-network-security-performance/).


:  
(0)

5 2012 Lancope

, 17 2011 . 21:32 +

2012 , . , , . 2011 - WikiLeaks Anonymous LulzSec. , .

Lancope 2012 - :
1. (Advanced persistent threats, APTs) .
2. .
3. .
4. , , .
5. .

...


:  
(0)

TAP, NetFlow? .

, 01 2011 . 12:50 +

, TAP (Test Access Port) . , IDS . NetOptics , AppTap. AppTap , TAP: inline, Ethernet Cat-5, .

AppTap . TAP , -. ...
 


:  
(0)

NetFlow WAN

, 01 2011 . 12:49 +

NetFlow WAN. NetFlow / , .

, . NetFlow . , WAN, .

, WAN, ?

, , 50% -, DSCP -.
...
 


:  
(0)

Forrester : -

, 01 2011 . 12:46 +

Forrester , 48% 2009 , 26% 2008 . IT-, , , .

Forrester, " : ", , . Forrester NAV (Network Analysis and Visibility), , Lancope StealthWatch.

...
 


:  
(0)

SonicWall NetFlow/IPFIX SonicOS v.5.8

, 01 2011 . 12:44 +

NetFlow . , SonicWall NetFlow v5/v9/IPFIX SonicOS Enhanced v5.8.

Lancope - . SonicWall, SonicOS v5.8, StealthWatch . ...

SonicWall .
 ...


:  

 : [2] 1