Michael Patterson : Advanced NetFlow Traffic Analysis
Michael Patterson
Founder and Product manager for Plixer's Scrutinizer NetFlow and sFlow Analyzer as well as Flow Analytics.

DNS Firewall

I don’t think I’ve ever spoken with a company – at least that I can remember that didn’t have a firewall in...

Full Story »

Conversations with Clients

There are other areas of the business that you can help a prospect. Having a conversation about network is easy. Too...

Full Story »

Twitter and Yahoo to Merge?

Twitter and Yahoo are facing increased pressure from Google and Facebook so reports of their recent discussions to potentially combine forces makes...

Full Story »

Cisco VNI Report on Mobile Video

The past few weeks, I have mentioned the February 2016 Cisco VNI report to make some points about WiFi.  However, the Cisco VNI report...

Full Story »

Windows 10 Includes Flipboard and Candy Crush Bloatware

Its Memorial Day weekend and while most of you are out in the park, having hot dogs, etc., I'm captivated with my...

Full Story »

Programmable SIMs for IoT, How DIDs Fit in and Alexa Fun

"Twilio ramps up mobile play with programmable SIMs for IoT and handsets with T-Mobile," says Ingrid lunden at TechCrunch. The idea behind...

Full Story »

EEOC Finds Silicon Valley filled with Racist, Sexist Criminals

Expect the summer of deflection to continue. I have discovered the reason that there is a lack of diversity in Silicon Valley....

Full Story »

DNS Firewall

June 4, 2016

I don’t think I’ve ever spoken with a company – at least that I can remember that didn’t have a firewall in place.  Cisco ASA (Fire Power), Palo Alto, Checkpoint and Fortinet seem to be the more popular ones.  Barracuda, SonicWALL and StormShield we hear about as well.  These systems do a relatively good job at protecting our internal jewels.  However, what I find missing in most solutions, is their ability to stop DNS tunneling and other tactics that abuse the DNS protocol.

Security Analytics - Network as a Sensor

April 4, 2016

Security is going through an evolution in IT. The new assumption is that some malware will make it onto the network. This forces the security team to consider the actions they will need to take when following up on an event.  What details will they want access to? What devices on the network gather this information? How will they want to display it?

Cisco Cyber Threat Defense : 4 Tell-Tale Signs of Data Exfiltration

March 19, 2016

A potential threat could come from anywhere at any-time and it doesn’t have to start from the Internet.  Many threats are initiated internally by infected handhelds and laptop devices which walk right past the firewall.  Anti-virus has become nearly ineffective against targeted threats.  Even next generation firewalls aren't stopping the outbound connections created by unwanted data exfiltration. 

Phishing Attack Training

January 13, 2016

If you are being repeatedly targeted by a phishing attack, chances are you will eventually click. And if you end up infected, often times your computer will show no obvious signs of the virus or bot. What can you do?

Cisco nvzFlow Reporting

December 22, 2015

There has been lots of excitement this week at our company since the release of Cisco’s nvzFlow.  Companies which utilize the Cisco ASA for VPN access have the option to upgrade to AnyConnect 4.2.  With this latest release admins can configure remote users to export IPFIX right from their laptops to the flow collector for real time and future analysis.

 

Splunk NetFlow Support : Vendor Comparison

November 10, 2015

You are in luck because you have several options to get Splunk NetFlow support.  I know of three however, there are probably more. This post will list them all and discuss the benefits of each.

Software Defined Network: 8 BIG Benefits

October 23, 2015

Are you looking to get up to speed on the benefits of a Software Defined Network? This post will save you some time by providing 8 areas where SDNs promise to deliver.  It will also provide you with a few links where you can learn even more about the technology.

IPFIX Flow Direction and Packet Counters

July 8, 2015

In the world of NetFlow and IPFIX, flow direction is a topic that can confuse some of the best technical minds. It is an important concept in relation to routers because where information (e.g. byte counters) is gathered can have a significant impact on perceived accuracy.  This is sort of 3 part blog.  Although it isn't totally necessary, it might help the reader to understand a different type of flow directionality first as posted in my other blog. 

Monitoring DNS Traffic for Security Threats

May 13, 2015

As you are probably aware, the Domain Name Server (DNS) plays an important role in how end users connect to the internet. In order to gain some background before reading this blog, you may want to read my post on An Overview of DNS. Once you have a bit more technical information on the DNS behaviors, I think you will find this post more informative.



Building an Incident Response Team: 4 Specialties

February 23, 2015

Are you tasked with building an Incident response team for your company or organization? Have you thought about what their responsibilities will be, how they will be engaged and who the key members will be?

1 2 3 4 5 6 Next
Featured Events