Home > Services > Network Profiling

Network Profiling

The challenges that the Network Profiling service address:

• The challenge of effectively providing "Anomaly based intrusion detection".
• The challenge of maintaining a "Graphical overview of your network".

Although signature based intrusion detection protects from most common attacks, many intrusions go undetected by commercial IDS/IPS systems. These intrusions can often only be detected by investigating anomalies that occur in your network.

Typically these intrusions result in some form of abnormal network behavior, such as the company webserver suddenly making outbound access attempts towards the Internet. The anomalies triggered by a compromised system will be different for different networks.

By visualizing the traffic patterns of your network, Network Profiling will make it easy to define network flows that are expected. This is known as profiling, where expected traffic flows are collected and summarized as stable profiles. This enables effective exception monitoring of selected or entire parts of your network by labeling profiles as "locked". Any anomalies will be detected and reported instantly.

The visual overviews will also highlight and clearly show remote site dependencies, such as partner VPN-connections.

The service provides:

• 24/7 monitoring for security anomalies
• Graphical representation of selected network segments
• Ability to track policy enforcement
• Reduced risk of data leakage
• Well-defined content for the services specified in the SLA (Service Level Agreement)

Reporting

The service includes incident reports and a monthly summarizing report, presented to the customer by a security specialist.

Result

The Network Profiling service provides state of the art technology to provide anomaly based intrusion detection.

Network Analysis

The increased complexity of current networks leads to hidden costs and unanticipated problems. We use the most innovative, state-of-the-art tools to analyze your complete network and profile short-term or long-term usage, to enable you to:

• determine top error sources, top talkers, and a traffic matrix;
• maintain peak performance and avoid costly network downtime;
• map the network for planning purposes;
• use statistics as a basis for accounting and billing; and
• troubleshoot difficult network problems.

Network Planning

Once deficiencies in your network installation have been determined, GTI recommends the most effective and cost efficient solutions to successfully handle anticipated requirements:

• topologies (Ethernet, Token Ring, FDDI)
• protocols (TCP/IP, IPX, NetBEUI)
• interconnecting equipment (hubs, routers, bridges, switches)
• WAN interconnection (Frame Relay, X.25, PPP, SLIP, ISDN)