27/1/2019 TestOut LabSim

2.5.1 Network Monitoring

Network Monitoring
Let's take a look at the importance of monitoring your network.

Importance of Network Monitoring

There are many reasons why you should keep a close eye on the traffic that transpires on your network and internal systems. Data risks increase
year by year. If you keep a close watch on your network, you have a better chance of catching an attacker before they can do damage.

Not too long ago, companies still relied heavily on paper systems and hard copies. Because these systems were offline, they were only susceptible
to physical breaches of security. However, most companies have transitioned to digital storage, or soft copies, of sensitive documents, which has
made it much easier for criminals to steal information. Even government agencies have been the target of large data breaches.

Because digital storage is the new standard, proper network monitoring is a necessity. It can help find an organization's vulnerabilities, which can
lead to a more secure environment. And consistent monitoring can also help you identify malfunctioning hardware systems that may need to be
replaced or repaired.

Useful Information
You can track all sorts of useful information by monitoring your network and network traffic.

You can track logins and access to your systems. You can track information going from system to system. You can track information coming into
and out of your environment. You can expose vulnerabilities that could pose a threat to your environment. You can use packet sniffing tools to see
what kind of protocols are used to transfer data and what ports that data is being transferred on. We can also use Windows Event Viewer to see
logs of what has happened on the systems.

Types of Traffic to Monitor

There are several different types of network traffic that we need to be aware of.

When browsing the internet, users will utilize the Hypertext Transfer Protocol, or HTTP, to communicate with websites. File Transfer protocol, or
FTP, can also be used to transfer files from a website to your workstation or between host computers. Most organizations also use email in their
day-to-day operations, which normally use Simple Mail Transfer Protocol, SMTP, Post Office Protocol version 3, POP3, or Internet Message Storage
Protocol, IMAP, to transfer the emails back and forth.

These are examples of application layer protocols used in the TCP/IP suite of protocols. Any time a system or resource communicates with another
system internally or externally, that transfer requires network trafficking.

Summary
As you can see, network monitoring is an important aspect of network security. In this lesson, we discussed the importance of monitoring your
network and network traffic, what information you can obtain with network monitoring, and some of the different types of network traffic you will
see in your organization.

TestOut Corporation All rights reserved.

https://cdn.testout.com/client-v5-1-10-551/startlabsim.html 1/1