Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
998
Views
1
Helpful
2
Comments

Why Network Visibility and Analytics is important?

Meddane
VIP
VIP

on ‎02-16-2023 01:29 AM

Network security is a constant war. When defending against the enemy, you must know your own territory and implement defense mechanisms in place.

1-Firewall is there to protect your inside network from threats in internet. But misconfiguration and mistake is possible, how to detect it?

2-If a policy rules on firewall or WSA are changed which causes some rules placed on the top. How to detect this?

3-If an authorized server is used with stolen credentials and the attacker perfoms scanning and reconnaissance attack. How to detect this?

4-If you are using DNS Layer security with Umbrella as the trusted DNS server, and users are using rogue DNS servers with risk of traffic redirection to malicious websites. How to detect this violation?

5-If you have a huge volume of exfiltration data. How to detect this?

6-You want to build policy segmentation on firewalls and other security products but you dont want to disrup critical business activites. How to to use policies without enforcing them?

7-You want to detect malware in encrypted traffic without decryption while maintaining Data Integrity. How to do this?

DNS Policy.PNG

 DNS Log1.PNG

 DNS Log2.PNG

 

Comments
Sheraz.Salim
VIP
VIP
‎02-16-2023 01:57 AM

@Meddane  Nice one. very informative.

Meddane
VIP
VIP
‎02-16-2023 04:34 AM

@Sheraz.Salim Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents