Security News > 2021 > September > Is Traffic Mirroring for NDR Worth the Trouble? We Argue It Isn't

Is Traffic Mirroring for NDR Worth the Trouble? We Argue It Isn't
2021-09-02 02:20

NDR systems go beyond signature-based detection and analyze all network traffic coming inside or exiting the network and create a baseline of normal network activity.

Using these technologies allows NDR systems to convert information gathered from network traffic into actionable intelligence used to detect and stop unknown cyber threats.

ExeonTrace does not require mirroring the network traffic to detect threats and decrypt encrypted traffic; it uses algorithms that don't operate on payload, but on light-weight network log data exported from an existing network infrastructure via NetFlow.

The complete network visibility will make it feasible to inspect all network traffic entering or leaving your enterprise network.

Traditional NDR solutions need to mirror the complete network traffic though to analyse packet payloads, which is no longer effective in preventing modern cyber threats that leverage encryption to conceal their activities.

Mirroring the complete network traffic is becoming increasingly inconvenient, especially with the massive rise of data volume passing through corporate networks.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/Lv4B5r_kxMk/is-traffic-mirroring-for-ndr-worth.html