|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: A useful oversimplification for network surveillance?
> We use both -- NetFlow gives us trending data which helps us > identify issues and patterns, Snort allows us to perform a deeper > analysis -- I don't think you could use one and not the other and > have effective traffic inspection. Of course, but you do this to support certain processes in your organization. I just wonder how a process might look like which actually needs data gathered by an IDS, at the ISP level. (Drawing pretty charts showing the number of attacks you've blocked doesn't count, IMHO.)
|