IT Management  >   Systems Operations  >   Security  >   Network Security  >  

Network Forensics

RSS Feed    Add to Google    Add to My Yahoo!
ALSO CALLED: Cyberforensics, Security Forensics, Digital Forensics, Forensic Analysis, Forensics
DEFINITION: Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents. (The term, attributed to firewall expert Marcus Ranum, is borrowed from the legal and criminology fields where forensics pertains to the investigation of crimes.) According to Simson Garfinkel, author of several books on security, network forensics  … 
Definition continues below.
Network ForensicsWhite Papers (View All Report Types)
2 Matches
Network Forensics in a 10G World
sponsored by WildPackets, Inc.
WHITE PAPER: This resource outlines the challenges inherent to 10G network forensics, explains why traditional network analysis is ineffective, and offers guidance on how to build and deploy effective forensics in a 10G world.
Posted: 30 Aug 2013 | Published: 30 Aug 2013

WildPackets, Inc.

Protecting and Securing Privacy Data and Sensitive Information in Today’s Healthcare Organization
sponsored by McAfee, Inc.
WHITE PAPER: This document takes a look at several aspects of data protection and HIPAA compliance and explains how a Data Loss Prevention (DLP) solution can help IT professionals discover sensitive data at rest, monitor traffic in real time, and capture events for after-the-fact investigations.
Posted: 08 Mar 2010 | Published: 08 Mar 2010

McAfee, Inc.
2 Matches
 
NETWORK FORENSICS DEFINITION (continued): …  systems can be one of two kinds:"Catch-it-as-you-can" systems, in which all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage, usually involving a RAID system."Stop, look and listen" systems, in which each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires less storage but may require a faster processor to keep up with incoming traffic.Both approaches require significant storage and … 
Network Forensics definition sponsored by SearchSecurity.com, powered by WhatIs.com an online computer dictionary

About TechTarget:

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines

All Rights Reserved, Copyright 2000 - 2014, TechTarget | Read our Privacy Statement