Everything old is new again

June 29, 2015 Kevin Whalen

everything old is new again

Photo by Shirley Halperin via Billboard

This weekend in San Francisco, the four surviving members of the Grateful Dead reunited for the first of five final performances. The reason for the reunion is the 50th anniversary of the band. Despite not appearing on stage as the Grateful Dead in 20 years, and not having a hit in nearly 30, this is the hottest summer tour ticket this side of Taylor Swift. The concert is only the beginning. In recent weeks, there has been a biography by drummer Bill Kreutzman, a terrific band bio by David Browne, a Netflix documentary on guitarist Bob Weir, special editions of Rolling Stone and Newsweek and a mega 80 CD career retrospective box set costing $700 (a bargain).

If you were asked who would be the hottest act of the summer of 2015, these guys wouldn’t have been in the top 4000, let alone the Top 40.

Another example of something coming back into vogue is NetFlow. NetFlow was created by two engineers at Cisco in 1996.

NetFlow technology efficiently provides the metering base for a key set of applications including network traffic accounting, usage-based network billing, network planning, as well as Denial Services monitoring capabilities, network monitoring, outbound marketing, and data mining capabilities for both service provider and enterprise customers.

By 2006, Gartner had published a Marketscope report on 12 vendors focused on network behavior analysis. Then the market never really took off. There was never a Magic Quadrant. Vendors came and went. New approaches to advanced threat detection emerged, and then receded just like so many Top 40 acts. Nearly another decade later, NetFlow is back in vogue, once again as a threat detection tool in the battle against insiders and advanced threats. It’s easy to see why.

For security professionals, NetFlow provides the broadest set of data regarding the activities happening on the network. NetFlow captures the source and destination IP address and port, the type of protocol the traffic uses, the type of service being provided and the logical interfaces for the flow. It enables analysts to use this information to create baseline definitions of normal network behavior, and in real-time, compare traffic against these baselines by performing network behavior analysis (NBA). NBA is used to identify zero-day attacks and other advanced threats that do not yet have signatures—and therefore, can easily slip by other security appliances, such as intrusion prevention systems and firewalls.

Hot new things come and go. Usually, they’re forgotten before they’re gone. This is true in music, and in technology. For Deadheads, the music never stopped. For savvy security professionals, NetFlow never stopped being a great tool in the battle against insiders and advanced attackers.

Sometimes things just work, and work for a long, long time.


The post Everything old is new again appeared first on Arbor Insights - Our People, Products and Perspective.


Previous Article
Tales from The Trenches: Going from 0-60 Seconds with an Incident Response Team
Tales from The Trenches: Going from 0-60 Seconds with an Incident Response Team

In last week’s post, we depicted the key building blocks to crossing the...

Next Article
The Not So Obvious Consequences of a DDoS Attack
The Not So Obvious Consequences of a DDoS Attack

The word “literally” may very well be, quite literally, the most over used...