[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 107
  • Last Modified:

SIEM traffic

Dear All,

What is the meaning of Anonymizing Traffic in a SIEM. Does it mean some users are using Tor related applications?

Thanks,
T
0
TiazfaD
Asked:
TiazfaD
  • 2
  • 2
2 Solutions
 
bbaoIT ConsultantCommented:
do you mean you have attached a log file showing the annoying traffic for further analysis by us? if so, the log was not attached.
0
 
btanExec ConsultantCommented:
Depends on SIEM category. But yes it should be referring to TOR which is one example of anonymised traffic. You have to trace down to machine with that idenified source ip from within your network to further confirm if user is really TOR browser or other software. You can also check content filter log with this event using anonymous website as proxy for internet surfing

https://www.logpoint.com/en/partnerships/technology-partners/2-uncategorised/221-emerging-threats
0
 
TiazfaDAuthor Commented:
Hi btan,

Can vpn traffic be categorized as Anonymizing Traffic by the SIEM.

Regards,
T
0
 
btanExec ConsultantCommented:
Yes it can but normally it will be tunnelled traffic.
0
 
TiazfaDAuthor Commented:
Dear All,

Thanks much for the valuable comments. Helped a lot.!

Regards,
T
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now