In order to help out our security team I created a report that identifies odd traffic; SMTP from a desktop, 100K DNS requests in 5 minutes, use of streaming media, etc. The issue is that I cannot generate an alert based on this information, so we've had to put a guy in front of a computer doing nothing all day but watching for stuff to pop up on the report they are running every five minutes. The issue with this two fold; one we are wasting a person each shift watching a monitor and two this is not real time data which delays prevention in the event of an event.
I'd like to see the addition of more NTA type alerts to allow for better response to security or other business impacting events.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community.
More than 150,000 members are here to solve problems, share technology and best practices, and directly
contribute to our product development process.
Learn more today by joining now.