Of late with Corporate Owned Devices and BYOD - Bring Your Own Devices, users tend to access a variety of unauthorized apps and web services for company work and this leads to insider security threat. Users tend to access the services and applications from the network. This will bypass the laid down security and compliance restrictions and the company information freely flowing to the public domain. You need to check the user behavior with respect to access to all the web services and contain the profuse use of web services by network users.
Firewall Analyzer introduces insider threat detection to strengthen the network security. It collects the usage data of network users from firewall logs and presents the user activity information. It uses the Active directory user data and services/categories data. It groups the information based on users - websites accessed and bandwidth used, top users by cloud applications/categories, top cloud applications by service categories.
