Your Guide for Buying a Network Traffic Analysis Solution

Gartner recently released its Market Guide for Network Traffic Analysis (NTA), an invaluable tool for organizations looking to assess and compare the wide variety of Network Traffic Analysis solutions on the market. Modern organizations have seen a massive expansion of their cyber terrain as they have had to contend with a higher number of cloud services, distributed devices, more network traffic, and additional endpoints. As the cyber terrain has grown, organizations have had to evolve their defensive strategies, moving from perimeter-focused security to more comprehensive strategies that emphasize holistic visibility of how much do computer scientists make.

What is Network Traffic Analysis?

With such a wide range of products describing themselves as “Network Traffic Analysis” solutions, it is first important to realize not all NTA is created equal. Because of this, it is useful to establish a working definition; Gartner defines Network Traffic Analysis (NTA) as a solution that “uses a combination of machine learning, advanced analytics and rule-based detection to detect suspicious activities on enterprise networks.” According to the Gartner NTA Market Guide, a Network Traffic Analysis vendor must:

• Analyze raw network packet traffic or traffic flows (for example, NetFlow records) in real-time or near real-time
• Have the ability to monitor and analyze north/south traffic (as it crosses the perimeter), as well as east/west traffic (as it moves laterally throughout the network)
• Be able to model normal network traffic and highlight anomalous traffic
• Offer behavioral techniques (non-signature-based detection), such as machine learning or advanced analytics, that detect network anomalies