Packet Capture + Flow Analytics = Holistic Network Visibility

Tuesday, October 25th, 2016 at 1:00 PM EDT (17:00:00 UTC)
Brian Ford

This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

Sponsor

You can now attend the webcast using your mobile device!

Overview

Security breaches resulting in the loss of sensitive confidential information are a regular occurrence as organizations struggle to compete with today's sophisticated attackers. The question today is not whether your network will be breached... but when. The need to respond to advanced threats quickly has never been greater. To address this problem, organizations need end-to-end, holistic security that addresses the entire attack continuum - before, during, and after an attack.

Security professionals can speed incident response in several ways. There are two main technologies that you can choose from to gain greater insight into your network activity - flow analysis and packet analysis. Both can help you troubleshoot security and network incidents and find out what is happening on a network. But oftentimes one is sacrificed for the other, usually because of budget concerns or a lack of resources.

Join this webinar to learn:

More about each of these technologies and how they each approach forensic investigations
How a layered approached to security can provide a much more holistic view of network activity
How flow and packet analysis each can help provide context and insight to help facilitate incident response

Speaker Bio

Brian Ford

Brian Ford is a Senior Technical Marketing Engineer in the Advanced Threat team, part of the Security Business Group at Cisco Systems. Brian rejoined Cisco as part of the acquisition of Lancope in January 2016. He was Senior Solutions Architect for Lancope, the makers of StealthWatch, an industry leading context-aware security analytics solution. In this role he worked with technical staff and executives from companies in a variety of fields to help create synergistic data analytics solutions to address network and Internet security problems. Prior to joining Lancope in 2014, Brian was Senior Consulting Engineer in the Research and Advanced Development Group of Cisco Systems where he participated in the development of Cisco security solutions and products. His research areas included network forensics, incident response, anomaly detection and mitigation, security information sharing, and security analytics.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.

Webcasts