Special Offer w/ OnDemand: Get an iPad (32 G), Galaxy Tab A, or Take $250 Off OnDemand Training thru Jan 27


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Packet Capture + Flow Analytics = Holistic Network Visibility

  • Tuesday, October 25, 2016 at 1:00 PM EDT (2016-10-25 17:00:00 UTC)
  • Brian Ford


  • Cisco Systems

You can now attend the webcast using your mobile device!



Security breaches resulting in the loss of sensitive confidential information are a regular occurrence as organizations struggle to compete with today's sophisticated attackers. The question today is not whether your network will be breached... but when. The need to respond to advanced threats quickly has never been greater. To address this problem, organizations need end-to-end, holistic security that addresses the entire attack continuum - before, during, and after an attack.

Security professionals can speed incident response in several ways. There are two main technologies that you can choose from to gain greater insight into your network activity - flow analysis and packet analysis. Both can help you troubleshoot security and network incidents and find out what is happening on a network. But oftentimes one is sacrificed for the other, usually because of budget concerns or a lack of resources.

Join this webinar to learn:

  • More about each of these technologies and how they each approach forensic investigations
  • How a layered approached to security can provide a much more holistic view of network activity
  • How flow and packet analysis each can help provide context and insight to help facilitate incident response

Speaker Bio

Brian Ford

Brian Ford is a Senior Technical Marketing Engineer in the Advanced Threat team, part of the Security Business Group at Cisco Systems. Brian rejoined Cisco as part of the acquisition of Lancope in January 2016. He was Senior Solutions Architect for Lancope, the makers of StealthWatch, an industry leading context-aware security analytics solution. In this role he worked with technical staff and executives from companies in a variety of fields to help create synergistic data analytics solutions to address network and Internet security problems. Prior to joining Lancope in 2014, Brian was Senior Consulting Engineer in the Research and Advanced Development Group of Cisco Systems where he participated in the development of Cisco security solutions and products. His research areas included network forensics, incident response, anomaly detection and mitigation, security information sharing, and security analytics.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.