Current systems for security analysis and monitoring of computer networks are created from two main parts: network probes that capture data and a central collector to store collected data and identify threats. Data in this scenario flow only in one direction: from probes to the collector, there is no automatic feedback loop that would influence the data capture process based on the actual security situation. The described prototype is a complex integrated system that allows reaching a higher threat detection rate and better data capture in high-speed computer networks.
Type: G - Technically realized results (prototype, functional sample).
Keyword: high-speed networks; network monitoring; threat detection; network security; collector; probe; Ethernet
Licence: Licensor (Flowmon Networks) requests a license fee.