首页 > 最新消息
News最新消息
    • 2014
    • -
    • 03
    • -
    • 02
  • 技术信息: 网络攻击分析的四大要点 The Four Pillars of Cyber Attack Analysis

  • 网络攻击分析的四大要点

    发表于2014年2月27日由WildPackets公司。

    在这个复杂攻击的时代,网络取证(network forensics )是每个企业主关心的信息或系统的安全性的一个重要功能。当系统发出通知提醒您的IT团队有潜在破坏的那一刻,你会有一系列的问题想要了解底发生了什么? 什么伤害已经造成?安全性是如何被破坏?您是否可以重现攻击以确保它不会再次发生?以下是如何得到你所需要的答案:

     

    1). 网络记录和分析 - 最佳的一流的网络记录提供了一套完整的实时统计数据,快速的数据收卷,同时实时网络监控,快速搜索和收集数据的取证分析。一个第一流的解决方案,在10G和40G甚至网络网络中断或入侵可以被识别,分析,重构,和解决。

     

    2). 搜索和检查 - 不是花时间在Log Files中寻找问题,网络取证(network forensics )的搜索和检测技术,可以让管理员和安全专业人员在存盘的网络流量中找出安全事件的迹象。

     

    3). 趋势分析和基线 - 通过对于网络和应用程序使用的刻画规范或基线,安全人员能够更好地检测到违规行为。趋势分析有助于发现出现在网络上的问题,并可能防止其再次发生。它也提供网络规划团队有关预期的网络增长的信息。

     

    4). 报告 - 通过捕捉数据和分析转成报告,让安全和IT专家们可以记录他们的调查结果和检讨攻击发生后网络上可能的曝光点。

     
    网络取证(Network forensics)对您的组织提供网络全貌,使其更容易确认已发生的攻击。不幸的事实是,网络入侵是不可能停止的。关键是要尽可能在事件发生前作最好的准备。

    关于WildPackets的网络取证解决方案的更多信息,请点击这里。

     

    The Four Pillars of Cyber Attack Analysis

    Posted on February 27, 2014 by wildpackets.

     

    In this age of sophisticated attacks, network forensics is an essential capability of every business owner concerned about the security of information or systems. The moment that a notification alerts your IT team of a potential breach, you need to make sense of exactly what happened by answering a series of questions. What damage has been done? How was security breached? Can you reproduce the attack in order to ensure that it won’t happen again? Here is how to get the answers that you need:

     

    Network Recording and Analysis – Best-in-class network recording offers a complete set of real-time statistics, quick data rewinding, simultaneous real-time network monitoring, and rapid search and forensic analysis of collected data. With a top-flight solution, network disruptions or intrusions on 10G and even 40G networks can be identified, analyzed, reconstructed, and resolved.

     

    Searching and Inspection – Rather than spending time wading through log files in order to find irregularities, network forensics search and inspection technology allow administrators and security professionals to pinpoint signs of security events in archived network traffic.

     

    Trend Analysis and Baselining – By characterizing norms—or baselines—for network and application usage, security personnel are better able to detect irregularities. Trend analysis helps to find problems that appear on the network and possibly prevent them from reoccurring. It also provides input to network planning teams about anticipated network growth.

     

    Reporting – By capturing data and distilling analysis reports, security and IT experts log the results of their investigations and review possible points of network exposure after an attack has taken place.

     

    Network forensics presents your organization with a complete picture of your network, making it far easier to confirm that an attack has occurred. The unfortunate truth is that network invasions are unlikely to stop any time soon. The key is to be as prepared as possible in the event that it happens to you.

     

    For more information on WildPackets’ network forensics solutions, click here.