The implementation of a solution capable of continuously monitoring network traffic gives users the information necessary to optimize performance and improve network security, minimize the surface of hacker attacks, increase security and improve resource management. This is where Network Traffic Analysis (NTA) comes into play. Let’s figure out what is NTA?
Network Traffic Analysis (NTA) is a method of detecting malware and anomalies of various types based on checking data passing through network nodes or through data transmission channels. Usually NTA is used for:
Collecting data about what happened and is happening on the network in real time;
Malware Detection;
Detection of vulnerable protocols and ciphers;
Diagnostics of an unusually slow network;
Elimination of “blind spots” in protection and comprehensive monitoring coverage of the entire infrastructure.
What is the data source for NTA?
It is important to consider the types of data that NTA analyzes:
Data about the current flows received from devices such as routers and switches.
Packet data in the form of a copy of traffic from SPAN, mirror ports and network TAP, virtual vTAP, RSPAN, ERSPAN and GRE.