Cisco CloudCenter: Get the Hybrid IT Advantage

Network Forensics

Definition - What does Network Forensics mean?

Network forensics refers to investigations that obtain and analyze information about a network or network events. It is a specialized category within the more general field of digital forensics, which applies to all kinds of IT data investigations. Typically, network forensics refers to the specific network analysis that follows security attacks or other types of cybercrimes.

Techopedia explains Network Forensics

Network forensics methods vary widely. Some investigations monitor all traffic on a network, while others use more specific and targeted observations. An easy way to to understand some types of network forensics is by comparing them to law enforcement vehicle checkpoints, where network forensics investigators may analyze all of the traffic going through a certain point of a network. Other kinds of network forensics may involve the broader capture and storage of network information. Some experts separate network forensics into two categories based on either of the following methodologies: a catch-it-as-you-can or stop-look-listen method that treats a large amount of data with a cursory type of routine inspection.

Those pursuing network forensics may seek to establish digital time lines for network events and collect other kinds of network usage facts, including IP addresses and encrypted/unencrypted messaging. In some cases, privacy laws and other types of legal restrictions apply to these investigations.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.