How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
We use this product for network monitoring, to assist with our network security and performance.
Our primary use case is trying to monitor irregular network traffic - identifying the type of traffic within our network, its origin, and destination IP. It could be HTTP, HTTPS, FTP, or OBDC. Once we recognize the traffic, we then correlate it, determining whether it's normal or abnormal. The data is also send via Syslog to LogRhythm SIEM to further correlate with logs from other devices to look at threats from a holistic view
What do you like most about LogRhythm NetMon?
Thanks for sharing your thoughts with the community!