Numerous tools have been developed to aid in network management involving capacity planning, fault management, network monitoring, and performance measurement. One example of such tools is the network analyzer.
In general, a “network analyzer” is a program that monitors and analyzes network traffic, detecting bottlenecks and problems. Using this information, a network manager can keep traffic flowing efficiently. A network analyzer may also be used to capture data being transmitted on a network. The term “network analyzer” may further be used to describe a program that analyzes data other than network traffic, or may also be used to classify packets into flows. For example, a database can be analyzed for certain kinds of duplication. One example of a network analyzer is the SNIFFER® device manufactured by NETWORK ASSOCIATES, INC®.
Traditional network analyzers have been functionally limited to assessing a network, rather than security-related functions. Recent network analyzers, however, have been designed to detect security-related aspects of a network (i.e. intrusion detection, etc.). Unfortunately, such security-related aspects require that network monitoring rules be constantly updated to reflect up-to-date intelligence regarding security issues (i.e. a known hacker IP address, virus, etc.).
There is thus a need for allowing a user to efficiently and effectively update a network analyzer.