NetVizura A network traffic analysis tool. Agenda Why NetVizura is needed How NetVizura works Where NetVizura is deployed Use cases.

Slides:

Advertisements

Similar presentations

Packets with Provenance Anirudh, Mukarram, Nick, Kaushik.

Advertisements

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

ICmyNet.Flow Network Traffic Analysis System If You Want to See Your Net

Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

1 Address Resolution Protocol (ARP) Relates to Lab 2. This module is about the address resolution protocol.

CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

Final Presentation Topics 1) Firewalls 1) Firewalls 2) Virtual Private Networks 2) Virtual Private Networks 3) Secure Socket Layer 3) Secure Socket Layer.

Measurement in Networks & SDN Applications. Interesting Questions Who is sending a lot to a subnet? – Heavy Hitters Is someone doing a port Scan? Is someone.

Troubleshooting TCP/IP COSC513 FALL By :Ming Wei.

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

Firewalls and Intrusion Detection Systems

Internet Indirection Infrastructure Ion Stoica UC Berkeley.

1 Some TCP/IP Basics....NFSDNSTELNETSMTPFTP UDPTCP IP and ICMP Ethernet, serial line,..etc. Application Layer Transport Layer Network Layer Low-level &

Chapter 6 Network Address Translation (NAT). Network Address Translation  Modification of source or destination IP address  Needed by networks using.

Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.

Draft-novak-bmwg-ipflow-meth-05.txt IP Flow Information Accounting and Export Benchmarking Methodology

Freedom of Expression Harun Kotan ITEC317 Harun Kotan ITEC317.

1 Netflow 6/12/07. 2 Overview Why use netflow? What is a flow? Deploying Netflow Performance Impact.

Company Confidential 1 © 2005 Nokia V1-Filename.ppt / yyyy-mm-dd / Initials Modification Proposals to Current TURN Spec Mikael Latvala.

A fast identification method for P2P flow based on nodes connection degree LING XING, WEI-WEI ZHENG, JIAN-GUO MA, WEI- DONG MA Apperceiving Computing and.

FIREWALL Mạng máy tính nâng cao-V1.

NetfFow Overview SANOG 17 Colombo, Sri Lanka. Agenda Netflow –What it is and how it works –Uses and Applications Vendor Configurations/ Implementation.

ARP Poisoning Rushad Shaikh CSCI 5931 Web Security Spring 2004.

Session 2 Security Monitoring Identify Device Status Traffic Analysis Routing Protocol Status Configuration & Log Classification.

Address Resolution Protocol(ARP) By:Protogenius. Overview Introduction When ARP is used? Types of ARP message ARP Message Format Example use of ARP ARP.

Net-Centric Computing Division Department of Computer Science Bogor Agricultural University KOM 312 K OMUNIKASI D ATA DAN J ARINGAN K OMPUTER Internet.

October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.

Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.

FlowScan at the University of Wisconsin Perry Brunelli, Network Services.

24/10/2015draft-novak-bmwg-ipflow-meth- 03.txt 1 IP Flow Information Accounting and Export Benchmarking Methodology

Firewalls Nicklas Nordenmark Fabian Alenius Peter Renström Nicklas Nordenmark Fabian Alenius Peter Renström.

IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.

1 Firewalls Types of Firewalls Inspection Methods  Static Packet Inspection  Stateful Packet Inspection  NAT  Application Firewalls Firewall Architecture.

An analysis of Skype protocol Presented by: Abdul Haleem.

Open-Eye Georgios Androulidakis National Technical University of Athens.

Network Address Translation External/ Internal/. OVERLOADING In Overloading, each computer on the private network is translated to the same IP address;

Interpreting Network Traffic Flows Bill Jensen, Paul Nazario and Perry Brunelli.

Network Sniffer Anuj Shah Advisor: Dr. Chung-E Wang Department of Computer Science.

Microsoft ISA Server 2000 Presented by Ricardo Diaz Ryan Fansa.

Net Flow Network Protocol Presented By : Arslan Qamar.

1 Internet Firewall Security Present by: Ying Fu Department of Computer Science South Eastern University February, 2001.

1 Virtual Dark IP for Internet Threat Detection Akihiro Shimoda & Shigeki Goto Waseda University

NAT/PAT by S K SATAPATHY

IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.

GOOD MORNING TO ONE AND ALL. OUR TEAM VENKATESH THARUN SADIK FROM AVANTHI ENGG. COLLEGE.

What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.

1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.

Network Layer Security Network Systems Security Mort Anvari.

1 Minneapolis‘ IETF IPFIX Aggregation draft-dressler-ipfix-aggregation-00.txt.

Chapter 8: IP Addressing

Technical Devices for Security Management Kathryn Hockman COSC 481.

IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Guidelines for IPFIX Implementations on Middleboxes Juergen Quittek, Martin Stiemerling 59th IETF meeting, IPFIX WG.

Application Protocol - Network Link Utilization Capability: Identify network usage by aggregating application protocol traffic as collected by a traffic.

CS 3700 Networks and Distributed Systems

أمن المعلومات لـ أ. عبدالرحمن محجوب حمد mtc.edu.sd أمن المعلومات Information Security أمن المعلومات Information Security  أ. عبدالرحمن محجوب  Lec (5)

Denial of Service Mitigation with OpenFlow using SciPass

Prepared By : Pina Chhatrala

Securing the Network Perimeter with ISA 2004

CS 3700 Networks and Distributed Systems

How a Stateful Firewall Works

Hiding Network Computers Gateways

Binary Lesson 5 Classful IP Addresses

CS 3700 Networks and Distributed Systems

Chapter 8: Monitoring the Network

Presentation transcript:

NetVizura A network traffic analysis tool

Agenda Why NetVizura is needed How NetVizura works Where NetVizura is deployed Use cases

3 Why Use NetVizura?

4 1.A flow is unidirectional 2.Defined by inspecting a packet’s key fields (common properties) and identifying the values 3.If the set of key field values is unique create a flow record or cache entry How Does NetVizura Work? Part 1: IPFIX Flow Data

How Does NetVizura Work? Part 2: Define Traffic Patterns Traffic pattern = IP addresses that represent an internal and external network 5 Internal Network: /16 External Network: Internet

NetVizura Deployment 6

Case 1: NCAR’s Top Hosts 7

Case 2: Glade Who does Glade exchange traffic with? 8

Case 3: MSUD Traffic Spike Port Utilization 9

Case 3: MSUD DOS Attack Top Hosts 10

Case 3: MSUD DOS Attack Top ASs 11

Questions? 12