The provision of timely, accurate and comprehensive data is essential for network hygiene. The traffic data is accessed at neuralgic points within the network to paint a complete picture of the behavior of each device. Detecting the communication activities of each device ensures the quality of the data, its completeness, accuracy, recency and location. Capturing data at source, on layer 2, guarantees this quality. This data is processed, correlated, and analyzed to determine which actions are taken. The appropriate response is pushed out immediately to isolate the contaminated part of the network.


Benefits


Gathering information on layer 2 avoids the limitations of relying solely on information collected for behavior at the perimeter, delineated network segment boundaries and endpoint logging. Classic layer 3 segmentation only divides large blind spots in the network into smaller blind spots. Accessing external and internal traffic flows results in a reporting system that details over 600 parameters and metric combinations with virtually endless drill-down. Informed decisions for network policies are based on real device behavior, not on assumptions or an incomplete or false understanding of the situation.

It has long been understood that layer 2 switches are the ideal place for reporting. However, the lack of processing power on layer 2 to sensibly analyze and process the captured traffic has stalled the implementation of a solution at this layer. cognitix Threat Defender resides on layer 2 with enough processing power to determine all the actionable intelligence of layers 2 to 7. Data is aggregated in intervals ranging from one minute to one month. Network operators use the historic information for retrospective analysis to create targeted policies. The real-time data is processed automatically to enforce policies to counteract any potential threat as soon as it emerges.


Related Topics:

  • Deep network intelligence can collect valuable additional information at source to localize and confine inappropriate behaviors

  • Dynamic network objects rely on information from all the devices in the network to target and describe the connection between the individual devices

  • Activity-based rules need to identify all the communication activities between the components in the network regardless of the segment location


Get our newsletter

Subscribe to our mailing list

* indicates required

cognitix GmbH will use the information you provide on this form to be in touch with you and to provide updates and marketing. Please let us know all the ways you would like to hear from us:

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at noreply@cognitix.de. We will treat your information with respect. For more information about our privacy practices please visit our website. By clicking below, you agree that we may process your information in accordance with these terms.

We use MailChimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to MailChimp for processing. Learn more about MailChimp's privacy practices here.