Full Packet Capture for Security
CCTV is ubiquitous in organisations to whom security is important. Compared to theft of physical assets, stealing personal data or intellectual property can be equally damaging or, in many cases, more so.
Capturing and storing all of the traffic on your network using a network recording appliance enables your organisation to replay all the activity that has taken place during an incident, showing exactly what happened, and providing detailed information about the source and destination of the traffic.
Network Traffic Recording for NetOps
Security is not the only use case for recorded network history (full packet capture). We are told by NetOps personnel tasked with investigating network and application performance issues that they too find it invaluable to have the benefit of all the packets to examine in detail, providing them with full contextual awareness.
If your organisation is also collecting and analysing metadata (such as NetFlow or IPFIX) about network traffic, using Scrutinizer, a fully integrated workflow is available from the alert in Scrutinizer, to deep packet inspection on an Endace network recording appliance.
PCAP for Data Lakes and SIEM
Increasingly, we are finding that our customers are implementing full packet capture as part of data lake solutions based on Cloudera’s distribution of Hadoop, or integrating it with their SIEM tools such as Splunk, LogRhythm or Securonix.