"Unveiling the Security Illusion: The Need For Active Network Forensics"

Active Network Forensics - A Dynamic Defense

"Active network forensics makes all past and present network data instantly visible and allows perfect fidelity through replaying past traffic, enabling organizations to detect and understand the full source and scope of any security event so they can protect against further attacks. Active network forensics also enables an organization to validate that the same attack doesn't work again after they've implemented appropriate counter-measures. Combining high-speed data capture, indexed storage, and comprehensive analysis tools, active network forensics is analogous to putting a security camera on a network. Doing so instantly exposes any specific network event, making even the most sophisticated and targeted attacks plainly visible both when they happen, and at any time in the future. Active network forensics dramatically reduces the cost and ongoing exposure of network security incidents by dramatically shortening the time to remediate from days to hours, while eliminating the chance of related follow-up attacks."