From: Network World | Opinion
By Jon Oltsik
Organizations are collecting, processing, and analyzing more and more network traffic.
In a recent ESG research report, enterprise security professionals were asked to identify the primary objectives associated with their organization’s network security strategy (note: I am an ESG employee). It turns out that 40% of organizations plan to move toward continuous monitoring of all assets on the network, while 30% plan to capture more network traffic for security analytics.
This data supports a general trend – many organizations are rapidly increasing their activities around network security data collection, processing, and analysis. Of course, this isn’t exactly news. Many enterprises have used security analytics tools based upon NetFlow for many years. Security analysts also have a history of including full-packet capture (PCAP) tools for their investigations. Many use open source software like TCPdump or Wireshark. NetWitness astutely recognized this use case a few years ago, built a successful business around PCAP collection analysis, and ultimately cashed in when RSA Security came calling.
Leave a Reply