Advanced Security Analytics Module (ASAM), is one of the most significant Add-Ons for any enterprise class network looking to utilize flow based monitoring technology. Without any additional hardware or export configurations, this simple Add-On to NetFlow Analyzer can act as your network Intrusion Detection System leveraging on the prevailing flow data collection in place.
Compelling reasons to choose a flow based security analytics system over complex and expensive signature based threat detection systems is ease of deployment and cost effectiveness. ASAM does not require any base lining period and manual intervention for it to detect network anomalies. ASAM starts reporting on anomaly events immediately after the installation of the module.
Below are the salient features of the ASAM Add-On for NetFlow Analyzer:
1. Real time threat detection
ASAM, built using the state-of-the-art “Continuous Stream Mining Engine” technology, helps identify numerous threats in your network in real time. The underlying engine is optimized for scalability with very less memory and CPU footprints.
2. Security Snapshot Report
Security snapshot gives you a quick understanding of different types of intrusion activities over a configurable time period.
3. Highly Customizable
Discarding and White listing based on
* Security Events
* IP addresses
* Flows matching specific criteria
ASAM, giving more power to the you, helps see threats based on your specific requirements also. Ensures near zero false positives occur by filtering known good data.
Additionally ASAM does not require signature or pattern definition updates to detect security threats, instead the analytics engine is capable of identifying threats by correlating transactions using a robust “date time span offset” clustering algorithm, delimited based on active and inactive time outs and threshold violations for various flow fields.
To know more about ASAM and the anomaly types detected by ASAM, check the link here.
Try the 30 day fully featured trial of NetFlow Analyzer with ASAM Add-On. Feel free to talk to the support team for any questions on NetFlow Analyzer and ASAM.
Thanks