Why Arenât More Companies Capitalizing on Packet Capture>
Cyber Defense Magazine – Cary Wright
As renowned SANS Institute course instructor Jake Williams likes to say, âtodayâs packet capture is not your Grandmaâs packet capture.â Indeed, packet capture has truly moved to the next level, and security-savvy companies are deploying distributed, centrally managed recording appliances that are designed to be modular and highly scalable to deliver the storage capacity, performance and rapid search that is needed while accelerating investigation and response time.

The experience that many teams had in the past with packet capture is that it can be challenging to accurately record and manage large volumes of data at high-speed â and time-consuming to locate the specific data that is needed for an investigation. Packet analysis has traditionally required deep expertise too.

Modern packet capture solutions are designed to be modular and scalable. They can cost-effectively record weeks to months of history at todayâs fastest network speeds (10 Gbps up to 100 Gbps or more), giving security teams plenty of time to go back and investigate historical events.

Analysts can review days, weeks or months of recorded packet history easily and quickly for incident response, threat-hunting or troubleshooting network or application performance issues. Networks can also be set up as a fabric of multiple capture points, capable of being searched from a single pane of glass.
Link: https://www.cyberdefensemagazine.com/why-arent-more/