Arbor Networks Tracks User Activity
- By Kathleen Ohlson
- July 27, 2005
Arbor Networks is introducing an anomaly detection and internal intrusion prevention system that traces inappropriate behavior back to users—down to their names.
Peakflow X User Tracking searches for the identity of corporate network users who are spreading or are involved in attacks on corporate networks. The software maps anomalous behavior and network violations back to an employee or a contractor, regardless if the anomaly is a worm, malware spreading, rogue wireless points or an unauthorized employee attempting to access confidential information. For example, it is designed to detect an outside contractor at a financial company trying to internally access bank transaction servers or someone smuggling confidential data onto a hard drive, according to Arbor Networks.
Peakflow reassembles all flow information collected directly from existing switches, routers and firewalls; a single Peakflow X collector monitors live traffic from 10 core switches without taps, sniffers or mirror ports.
The software offers IT administrators visibility into their organizations’ networks, enforcing legitimate user access to applications and machines. Peakflow alerts network administrators to floods, traffic shirts, unauthorized network usage, attacks and other incidents.
The product recognizes whether traffic levels are appropriate when detecting and preventing attacks on critical servers and links; automatically updates current Internet service threats; and detects slow, fast and stealth scans. The software builds virtual perimeters to critical internal network resources, such as branch offices, departments, business units and individual data centers, preventing infections from attacking other areas in the company.
Peakflow also reports for internal and external auditing information such as top talkers, traffic statistics, the correlation of network hosts and services, and the sensitive resources that were accessed and by whom.
Kathleen Ohlson is senior editor at Application Development Trends magazine.