How Universities Can Achieve Total Network Visibility in a Fast, Flexible Log Solution

To make sense of university network traffic, security teams usually turn to logs like Netflow and/or full packet capture (PCAP). Common logs like Netflow, however, leave gaping visibility gaps and PCAP, while comprehensive, isn’t SIEM-compatible and is too much data to analyze quickly or store at scale. Moreover, security teams often find themselves forced to make painful data cuts when their fixed budgets meet inflexible pricing models.

A university-friendly alternative from Corelight and Humio, however, can deliver full network data fidelity and instant operational insights through unlimited-ingest pricing. Corelight’s Zeek-based sensors transform university traffic into comprehensive logs, extracted files, and custom insights and Humio’s flexible log management platform can cost-effectively ingest and query *all* the data, so university security teams don’t have to compromise on network visibility and can make fast sense of network traffic.

Watch this webcast to learn about successful university deployments and use cases built around these joint solutions and to hear from Michigan State University about how they overcame these security and data management challenges. Corelight and Humio enable security teams to cover what they’re missing on their network, at any scale, big or small.

Watch this webcast to learn:
-How universities use Corelight and Humio to secure remote campuses, tackle border security projects, and gain visibility into massive traffic footprints
-How Corelight Sensors can help universities monitor cryptocurrency mining activity and network anomalies such as large numbers of SSH connections
-How Michigan State University created role-based views for data within repositories and provided multiple IT teams with filtered sets of data without having to completely duplicate the data.
-What Humio's unlimited ingest means for university log strategies and the use of network data from Corelight
-And more...

Corelight makes powerful network security monitoring (NSM) solutions that transform network traffic into rich logs, extracted files, and security insights, helping security teams achieve more effective incident response, threat hunting, and forensics. Corelight Sensors run on Zeek (formerly called “Bro”), the open-source NSM tool used by thousands of organizations worldwide. Corelight’s family of network sensors dramatically simplify the deployment and management of Zeek and expand its performance and capabilities. Corelight is based in San Francisco, California and its global customers include Fortune 500 companies, large government agencies, and major research universities.