What is what in technologies - part 1

We will always try to save your time (as our products do) and these articles will not be so broad. These information should give you a nice knowledge of a thing but in a bit briefer form. Because it is always good to be informed and to know things which are around us.

So, what does NBA mean? We will avoid making heady jokes about one famous basketball league and we will go straight to the point. In this case these three letter are the abbreviation of Network Behavior Analysis. And briefly said, it is a network monitoring program that secures a network of a company.

It completes the security provided by more usual anti-threat tools such as antivirus and spyware software, firewalls and intrusion detection systems. NBA constantly monitors traffic and critical network metrics in real time and alert unusual activities and potential threats within a network operation. It defends a network against advanced and targeted threats, harmful data and other online threats. It also watches bandwidth changes and protocols used in communications.

To have an optimally effective NBA solution, basics of normal network and users behavior have to be recorded in a certain period of time. After these basic parameters are defined and marked as normal, every divergence is reported as anomalous. It works as a collector of data from many data points and devices. Then it is able to give a user a detailed analysis. An NBA program should enable a company to reduce the labor and time expended in detection and resolution of network issues.

Within NBA (or generally within enterprise solutions) we developed our own and unique Advanced Security Network Metrics (ASNM) protocol which monitors more than 70 features of each individual flow. For each network flow, there is a generated information about the source and destination, duration, data and content sizes, and various packet counters and also performance and spectral (signal processing) information. It enables our Threat Intelligence solution to learn to distinguish normal flow characteristics from malicious ones without the need of decoding/decrypting of the data. In comparison with NetFlow´s basic 10 features, the ASNM is much more sensitive and effective. For more information about this, visit TI-security.com.

NBA solutions are here to be great helpers for all network administrators in detecting of various anomalies and potential network threats which suitably accompanies network firewalls, antivirus software and spyware detection tools. And in today´s world full of various cyber threats it is worth it to have such a powerful weapon in the battle against all cyber attackers.

Stay tuned for another part of our new technological series.