What is Context-Aware data Processing?
Security and monitoring tools ingest network traffic. But sending all packets to each tool is inefficient. Filtering traffic by IP address, port, and protocol helps, but it does not provide discrete control. To filter by geography, device, or application requires context-aware data processing.
Improving Network Security Threat Detection
When security analysts get alerts, they prioritize the ones they will investigate. With additional context, it is easier to see what traffic needs a closer look. And easier to skip the traffic that does not.
Deliver a stream of highly relevant, de-deduplicated network
traffic to all your security and monitoring tools
Putting each packet into context provides a clearer picture of traffic on the network. The Context-Aware Data Processing Engine looks at each network packet and determines characteristics that go beyond ports and IP addresses. It derives the type of device used, its operating system, even the country, region, and city. Its actionable information you can use to filter traffic to a specific tool. And NetFlow tools can use the contextual data too.
Network packets contain metadata, which can be used to identify the application source and correctly target your tools. Some security delivery platforms can do this, but only after you pre-analyze packet flows and create your own application signatures. Only Keysight Security Fabric comes with hundreds of signatures and an automated feed for updates. And you can create your own too.
Keysight Security Fabric includes a set of features to optimize mirrored traffic before it reaches your tools. Insert a high-accuracy timestamp into each packet for event correlation across device logs. Protect a tool’s capacity with deep buffering. Remove duplicate packets gathered from multiple network segments. A dedicated hardware accelerator chip ensures line-rate performance and that no packets are lost.
Anatomy of Keysight's Application Intelligence
Go inside the process used to transform raw packets into rich data. This infographic shows you how we find out which application sent each packet. Part art. Part science.