Network Analysis Plan
One of the foundations of a responsive and secure IT environment is an efficient and properly functioning network. This area requires specialized knowledge about devices and their configurations. In addition, tracking and analyzing a large number of network packets is a difficult and time-consuming task.
Energy Logserver enables netflow analysis and correlation with network packets. System provides functionalities that in a coherent and structured way allow to classify and visualize network traffic, but also to categorize it by flags, types, and other parameters.
Network Traffic Visualization
Predefined visualizations allow you to correlate network traffic in many aspects in a user-friendly way. We are able to correlate the analysis with geolocation data, IP addresses, flags, tags, traffic characteristics, and many others.
We present data that is available in the Energy Logserver system in a very legible and user-friendly way. Thanks to this approach, browsing network traffic is much more efficient with the use of Energy Logserver.
Network bad IP detection
Reputation of public addresses on the web is like a business card that we present to others. It is very easy to lose a good reputation if our network is used for a botnet attack. Therefore, it is worth avoiding communication with addresses with a known bad reputation.
Energy Logserver allows you to directly visualize and accelerate the analysis of network communication between points of good and bad reputation. With this knowledge, we can take a range of actions from alarming to automation.
Energy Logserver integration with Zeek
Based on open-source and what it has the best to offer, Energy Logserver has expanded its integration with a new tool - Zeek. This globally recognized open-source tool allows you to analyze and categorize network messages, which then Energy Logserver correlates and visualizes. Zeek in architecture takes the place of a virtual probe that receives a copy of network traffic and passes it through predefined filters. These, of course, can be set up to meet your own specifications and unique configurations.