Home > Industry Challenges > Metadata
How to Use Rich Metadata to Save Time and Money in Managing Your Network PDF Print E-mail

 

Business Problem

Existing network management tools supporting network and security operators are based on capture and storage of every packet on critical links. Yet, storing and analyzing all packets is labor intensive and costly. In some cases, network equipment vendors recommend using NetFlow or similar types of Layer 2 through Layer 4 network traffic analysis tools. Unfortunately these tools do not provide detailed application information.


Who is Affected

Security and network managers of all types of organizations are overwhelmed with information and most sort through large amounts of data, logs and monitoring informatin to determine and resolve problem areas.


Solution

Security and network operators can use metadata instead of capturing and storing all network packets. Metadata condenses information in conversations or sessions to what is most important. Using metadata can result in an approximate 95% savings in storage and transport volume (compared to full packet data) and a 20 times savings in storage costs.

NarusInsight captures network traffic and converts the data to metadata without losing application context. It provides a framework for corporate policies and gives details about security, data protection and user behavior.

Narus software can process data from log files, server logs, router tables, updates and labels, NetFlow and other management protocols and convert them to metadata. In the Narus system all this information is related and interweaved with time and IP sessions to relevant information can be connected. 

Narus metadata can be used for several purposes:

  • Finding a single session of a bot control session.

  • Creating rich traffic and application analysis for third party and traffic detection tools.

  • Determining which packet a particular target is located for Lawful Intercept applications.

If full packets are needed for forensic or law enforcement purposes, they can be stored on disks and examined more closely by forensic tools provided by Solera Networks or search/indexing tools suck as Splunk or ArcSight.


Credible Evidence

Combining metadata with packet capture for cost effective and robust analysis
Combining metadata with packet capture for cost effective and robust analysis




Benefits

  • Saves time and resources during problem analysis.
  • Allows operators to focus on relevant metadata.
  • Helps mitigate security breaches.
  • Saves storage costs.
 
   Copyright © 2012. Narus, Inc., a wholly owned subsidiary of The Boeing Company|
Site Terms