SANS Reviews NetMon Freemium

Packets Don't Lie—A SANS Product Review

Network monitoring is likely already on your list of top priorities—and with good reason. Attackers are getting better at blending in and disguising their malware command and control traffic on your network with well-known applications and protocols like HTTPS, DNS, and more.

You need a better way to monitor across your network so you can recognise malicious packets and traffic hiding within seemingly normal behaviour.

In this in-depth product review, SANS explored NetMon Freemium—a free product offering from LogRhythm—to learn just what it can do. Their product review focused on several key areas:

  • Usability
  • Accurate traffic identification and profiling
  • Detection of patterns and drilldown into sources
  • Sensitive data identification and data loss prevention
  • Network forensics
  • Full packet capture and file reconstruction