Monitoring, Detection and Reporting of Security Incidents in CESNET NREN

Authors

BARTOŠ Václav ČELEDA Pavel KREUZWIESER Tomáš PUŠ Viktor VELAN Petr ŽÁDNÍK Martin

Year of publication 2013
Type R&D Presentation
MU Faculty or unit

Institute of Computer Science

Citation
Description Network anomalies and incidents are no longer exceptions in current networks. These undesirable activities may influence the network itself or its services. Naturally, the goal of a network operator is to reveal all threatening activities and handle them accordingly. A suitable monitoring infrastructure plays a key role in such a process. The monitoring infrastructure provides informative data about the traffic. An analysis of this data may help revealing anomalies while storage of this data allows to track and diagnose a cause of the observed incidents retrospectively. The presentation deals with a deployment of the research monitoring infrastructure in CESNET2 network. It describes an architecture consisting of metering points as well as of collectors and data analysis. The results demonstrate that the deployed infrastructure provides wide scale insight on the behavior of ingress and egress network traffic.

You are running an old browser version. We recommend updating your browser to its latest version.

More info