This global biopharmaceutical innovator deploys the entire Riverbed Unified Network Performance Management(NPM) solution—full-fidelity flow monitoring, packet capture, and infrastructure monitoring—because they understand the adage: You cannot manage what you can’t measure. They also support its corollary: You can’t secure what you cannot see. And that’s what we are exploring today.
Riverbed AppResponse packet capture and analysis provides valuable telemetry for both network and security operations teams. The network operations team might leverage its TCP metrics and Response Time Composition Chart to investigate reports of a slow application performance problem, while the security operations team can leverage packet data that AppResponse has stored to support a security investigation.
In most cases these warnings are stored and remain available for later investigation if further sleuthing is warranted. Unfortunately, many security incidents take weeks or even months to unfold, with attacker “dwell time” growing over the last few decades. Riverbed® AppResponse APIs allow for automatic creation of relevant PCAP (short for packet capture) files that match any event of interest. This means that a security operator will have all the relevant packets available for any event when the time comes to dig deeper. Even when the event was months in the past.