Federal Government

Federal Government

Network Security Forensics

True Network Security Requires Forensic Capability

Network forensics analysis is an emerging investigative discipline that combines elements of network management and network security to help businesses and government agencies maintain maximum uptime of mission-critical networks. In theory, it uses reconstructive traffic analysis to investigate and define network events, enabling their speedy resolution and preventing recurrences. Network forensics not only allows security analysts, network managers, or criminal investigators to reconstruct what happened during and after a network event, but it also answers the question "What happened before the network event?"

McAfee Security Forensics

McAfee® Security Forensics is a network forensics tool is an industry-first. It offers complete historical archival, retrieval, and analysis of raw packet streams. In turn, these capabilities allow network and security analysts to research and understand if, when, and how any network event occurred, including a cyber attack. In the federal environment, where network-attached resources carry high financial and/or public-relations value, the McAfee Security Forensics solution lets network and security administrators achieve near real-time, historical certainty that the network is secure and performing efficiently.

McAfee believes that in an ideal world, network and security management tools would automatically and proactively predict and detect all network-related events and then prevent them from impacting business operations. McAfee Security Forensics presents a giant step toward this ideal. It is a prerequisite for a network protection strategy that, for the first time, allows enterprises to determine how they need to change defenses in anticipation of future threats.