|
IT Management >
Systems Operations >
Security >
Network Security >
|
|
|
ALSO CALLED:
Cyberforensics,
Security Forensics,
Digital Forensics,
Forensic Analysis,
Forensics
DEFINITION: Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents. (The term, attributed to firewall expert Marcus Ranum, is borrowed from the legal and criminology fields where forensics pertains to the investigation of crimes.) According to Simson Garfinkel, author of several books on security, network forensics
…
Definition continues below.
|
|
Network Forensics White Papers
(View All Report Types)
|
|
1 Match
|
There are currently no reports cataloged under the topic:
Network Forensics
Please conduct a new search.
|
| |
NETWORK FORENSICS DEFINITION (continued): … systems can be one of two kinds:"Catch-it-as-you-can" systems, in which all packets passing through a certain traffic point are captured and written to storage with analysis being done subsequently in batch mode. This approach requires large amounts of storage, usually involving a RAID system."Stop, look and listen" systems, in which each packet is analyzed in a rudimentary way in memory and only certain information saved for future analysis. This approach requires less storage but may require a faster processor to keep up with incoming traffic.Both approaches require significant storage and … Network Forensics definition sponsored by SearchSecurity.com, powered by WhatIs.com an online computer dictionary
|
|
|
|
TechTarget provides enterprise IT professionals with the information they need to perform their jobs
- from developing strategy, to making cost-effective IT purchase decisions and managing their
organizations' IT projects - with its network of
|
|
|
Definitions:
|
|
 |
|
All Rights Reserved,
Copyright 2000 - 2013, TechTarget |
|
|
|
|
