To get the most out of a sensor, place one at each of your network aggregation points – core switches are ideal – or in an area where having network visibility combined with traditional logging or endpoint data sources would make for a powerful combination. This allows it to get full visibility without impacting the performance of your network. Our sensor plugs into your network as a passive, non-inline component. Rapid7s Network Traffic Analysis offering is powered by the Insight Network Sensor. Additionally, you can use your network sensor data as a foundation for custom-built reports and dashboards listing top applications, top external clients making inbound connections, and other data points. Once you start collecting data in InsightIDR, you can view processed network traffic in the Log Search feature.
With Network Traffic Analysis for InsightIDR, you can use network data to detect malicious intruders, generate rule-based alerts, and add critical context to investigations. ENTA gives you access to all raw network flow data and the rich metadata collected by the Network Traffic Sensor including IP addresses, ports, content based application recognition, and other metadata attributed to specific users and devices.Ĭheck out the Insight Network Sensor documentation.
NTA is powered by the Insight Network Sensor, which includes out-of-the-box capabilities such as Intrusion Detection System events and DNS and DHCP events.Įnhanced network traffic analysis (ENTA) is an Ultimate package feature, previously available as an add-on module.
NTA also includes a built-in Intrusion Detection System (IDS) with a set of custom Rapid7 signatures and various other built-in detections that enable you to gain a deeper understanding of attacker activity, detect intrusions earlier, and meet compliance needs. Network Traffic Analysis (NTA) allows you to monitor the traffic that flows across your network, and provides your team with visibility into which systems are communicating with each other, what applications and protocols they are using, with whom they are talking, and more.
0 kommentar(er)
