Alarm Conditions | Network Behavior Analysis
Scrutinizer Helps Answer Tough Questions
- Which assets are under attack?
- What threats did I miss?
- Are users following corporate policy?
- Is my business in compliance with regulations?
- How do I get through this mountain of data?
- How can I deal with all of these point products?
- Are my infrastructure investments adequate?
- How do I improve my security posture?
Intrusion detection and prevention has gone beyond the firewall
Viruses have been reinvented to deploy them selves in ways that often get by even the best firewalls.
Compromised end systems in your company can be used to scan other systems and create problems that ultimately
leave your company looking like the culprit.
Scrutinizer inherently looks for strange traffic patterns such as abnormal traffic levels or hosts communicating over numerous TCP/UDP ports. Scrutinizer can notify you directly or send messages to your NMS (Network Management Solution).
Scrutinizer ships with traffic rules that should be modified after the product has determined a baseline. These rules are basically Alarm Conditions that can be used to automatically alert you when trouble is recognized.
Notify Attacking Companies
When Scrutinizer tells you that an outside host is causing problems, click on the police man icon
and launch an email to the company or service provider responsible
for that host. Scrutinizer will fill in the details including the destination email addresses!
