Oct 05, 2012
Strategy: Network Monitoring as a Security Tool
For most organizations, network monitoring tools are a well-established part of IT operations. They serve the critical role of letting the IT shop know when service quality is impacted—for example, when network connections are down (or underperforming) or when critical resources such as servers or applications are down. They also help in numerous other ways to keep technology services running smoothly. Seldom, though, are they used in a focused manner by the security team.
This is unfortunate because, in many ways, network monitoring tools can provide direct benefits for the security organization. Not only are many of the events that these tools monitor for symptomatic of security events such as malware or attacker activity, but they’re also a useful way to help beef up security in situations where budget is hard to come by. Using network monitoring tools creatively can help add security value, and, because these tools often are already in place, they can provide that value at a comparatively low cost. (S5991012)