Network Security Monitoring

  • Swarm-SecOps – Network Security Monitoring

    We use Zeek as a network security monitor to support investigations of suspicious or malicious activity. Zeek is a passive, open-source network traffic analyzer. Zeek creates an extensive set of logs describing network activity. These logs include not only a comprehensive record of every connection seen on the wire, but also application-layer transcripts. These include […]

    We use Zeek as a network security monitor to support investigations of suspicious or malicious activity. Zeek is a passive, open-source network traffic analyzer. Zeek creates an extensive set of logs describing network activity. These logs include not only a comprehensive record of every connection seen on the wire, but also application-layer transcripts. These include all HTTP sessions with their requested URIs, key headers, MIME types, and server responses; DNS requests with replies; SSL certificates; key content of SMTP sessions; and much more.

    Click here for more about Swarm-Secops

  • IP Performance enabled us to trial the system in a test environment and then between Dubai and Edinburgh. They provided us with full support and fast response to any problems.

    Gavin Wilson, Systems Development Manager,
    Heriot Watt University