Active Network Forensics Solution

The main challenge faced during computer related investigations is the lack of sufficient evidence to pin point which device on the network was used to perpetuate the crime.

A computer network consists of devices each of which produces log files of its own. These devices include PCs, Servers, routers and firewalls. PC’s are a great source of computer logs, they have records of network activities which contain the details of which websites they visit and what activities they do on the network.

The challenge for network administrators is the inability to check computer logs from one PC to another as a network may have thousands of computers. Network administrators rely on a passive approach to detect threats and events that have happened on the network, this in turn makes them ineffective in preventing crimes before they happen or catch the perpetuators in the process.

SCL has a more active way to monitor network traffic in real time during an attack on the network, isolate where the attack is coming from and stem the attack before any real damage is done on the network.

Our solution collects all logs on a computer network and forwards them to a single computer in the network where Data Analytics can be used to analyses the logs and figure out which computers or network devices have been engaged in suspicious activities. This is a more active way of handling system threats both from the inside and outside attackers.

Visit Summit Security to know more