By alerting your security team to suspicious activity early on-whether the threat is coming from outside or inside your network-NTA solutions can provide the extended visibility you need to mitigate the security incident. Once an NTA solution determines what normal behavior on your network looks like, it can alert your organization when anomalous behavior occurs. Whether you are on-premises, in the cloud, or some combination, NTA solutions can give you much needed visibility and context into what is happening on your network. NTA solutions ingest telemetry from multiple network devices like routers, switches, and firewalls to determine what "normal" behavior for these devices looks like and how parts of your network are being accessed and by whom.Įverything touches the network, so this visibility extends all the way from headquarters to branch offices, data centers, roaming users, and smart devices. NTA solutions can analyze all the entities or devices that make up your network-whether they are managed or unmanaged.
In addition to monitoring north-south traffic that crosses the enterprise perimeter, NTA solutions monitor east-west communications by analyzing network traffic or flow records. When abnormal traffic patterns or irregular network activities are detected, these tools alert your security team to the potential threat. They use a combination of machine learning and behavioral analytics to generate a baseline that reflects what normal network behavior looks like for the organization. NTA solutions continuously analyze network telemetry and/or flow records (like NetFlow).
0 kommentar(er)
