NetScout: How a Common Network Security Technology Stack Aligns IT and Cybersecurity

0

NET SCOUT

January 14, 2022

There’s no doubt that keeping corporate networks secure is becoming increasingly challenging for IT and security teams. In the first half of 2021, cyberattackers launched 5.4 million distributed denial of service (DDoS) attacks– an increase of 11% compared to the previous year.

And cyberattacks equal big paydays for attackers. In the first half of 2021 alone, a ransomware group collected $100 million in payments. The money gleaned from these attacks is then used to buy more expensive attack tools that can be used to further overwhelm corporate IT and security teams.

With attacks on the rise and the added stress they create for businesses, the solution is often to add new security tools to solve the biggest problems of the moment. But this strategy creates additional headaches. Indeed, the the average IT and security team now uses between 10 and 30 security monitoring solutions for applications, network infrastructures and cloud environments.

But these disparate tools create more problems than they solve. In reality, 66% of infosec professionals express concern on their inability to effectively monitor multiple security technologies. And 30% of CIOs say it’s difficult to get an accurate status of network security because the network and security teams maintain separate tools and reports.

For security and network operations teams to work together, it is essential that they adopt a common network security technology stack. To ensure the security and performance of enterprise networks, the common technology stack must provide the following:

  • Stateless protection devices in front of stateful firewalls: Implementing stateless guards in front of stateful firewalls helps block threats such as command and control (C2) traffic, state exhaustion DDoS attacks, and known bad DNS domains. To be effective, these devices must be able to recognize abnormal traffic patterns and have timely and accurate threat intelligence that continuously updates blocklists in real time, allowing them to protect stateful network infrastructure. , filter known cyberattack traffic, and enable IT operations teams to maintain maximum network performance for business needs.
  • Review all East/West traffic: Security experts have come to rely on next-generation firewalls for network perimeter security. Although these firewalls cover network ingress/egress, they leave internal networks open to attack. To bridge this gap, network security must examine all east/west traffic in their legacy networks and hybrid cloud environments, enabling security teams to quickly and easily identify and filter known threats moving laterally in their environments.
  • A common source of truth for network and cloud visibility: It is not uncommon for network and security teams to find that they are using a multitude of disparate tools to collect the same network data. But what is needed to achieve global network and cloud visibility is a common source of network truth derived from network packets and metadata. The right tool should have real-time packet analysis that creates a robust set of locally stored and highly indexed metadata that can be quickly accessed and analyzed for more effective incident detection, investigation and mitigation, all of which are essential to maintaining strong performance and detecting and responding to security incidents.
  • Network traffic analysis capabilities: To ensure network performance and security, teams need to understand network traffic patterns, as well as the disposition of each device connected to the network before an incident occurs. This helps them identify and remediate rogue devices, misconfigurations, and vulnerable systems, while maintaining application performance for business operations. Network traffic analysis capabilities provide end-to-end visibility that allows teams to monitor normal network behavior to identify anomalies that could impact network security or performance.
  • Network detection and response systems: Modern cyber attackers are increasingly deploying anti-detection and forensic techniques to avoid detection by endpoint detection and response (EDR) solutions. In addition to traffic analysis, teams need a way to analyze network data and threat intelligence to detect and investigate abnormal, suspicious, and malicious network activity that is hidden from other cybersecurity tools. Network detection and response systems can detect threats that EDRs and log-based systems miss, while also providing access to a comprehensive source of metadata and network packets. This data is crucial for triage and investigations.

To learn more about creating a common technology stack that better aligns IT and security teams, read the new whitepaper, Why can’t we be friends? Businesses need to refocus on aligning IT and cybersecurity, or contact one of our security experts today to learn more.

Warning

NetScout Systems Inc. published this content on January 14, 2022 and is solely responsible for the information contained therein. Distributed by public, unedited and unmodified, on January 14, 2022 5:21:08 PM UTC.

Public now 2022

All news about NETSCOUT SYSTEMS, INC.

Analyst Recommendations for NETSCOUT SYSTEMS, INC.
2022 sales 852 million

2022 net income 34.4 million

Net cash 2022 264M

PER 2022 ratio 94.9x
2022 return
Capitalization 2,314 million
2,314 million
EV / Sales 2022 2.41x
EV / Sales 2023 2.11x
# of employees 2,409
Floating 56.3%

Chart NETSCOUT SYSTEMS, INC.
Duration :

Period :

NetScout Systems, Inc. Technical Analysis Chart |  MarketScreener

Trends in Technical Analysis NETSCOUT SYSTEMS, INC.

Short term Middle term Long term
Tendencies Bearish Bullish Bullish

Evolution of the income statement

To sell

To buy

Medium consensus HOLD
Number of analysts 2
Last closing price

$31.32

Average target price

$34.00

Average Spread / Target 8.56%
Share.

Comments are closed.