Let’s say you have a company intranet. All your workers’ computers are hooked to it, and it’s not connected to the Internet. You have lots of servers with websites of proprietary company information, and everything is cool.

But, all those workers wish they could watch cat videos on YouTube. You don’t just want to connect your company to the Internet, because there are lots of evildoers on the Internet. But the employees complain and complain about their lack of cat videos, and eventually the company gets a new CIO who decides to connect to the Internet.

The company could just reprogram all those internal websites to check credentials, but that would cost a lot and was a big reason the former CIO didn’t want to connect, no matter how great cat videos are. Along comes a company that says “Just buy our box and put it on your network. We’ll implement ‘single sign on’ two-factor identity services for all your workers, and you just add the same tiny bit of code to all your servers to check for our identity token. It will be seamless, and you’ll be super secure”. Maybe you take heart that the US Government has required everybody to implement TFA, and this company has 400+ Fortune 500 customers.

The New CIO buys the box, hooks it up, and everything is cool except the company that makes the box gets hacked and now the evildoers have unfettered access to all your company systems with no records of a break-in or even a logon. Too bad, cat videos are cool but the New CIO gets executed in the parking lot at dawn.

A cautionary tale.

Network monitoring is a very broad topic that covers any hardware or software solution used to monitor traffic on a computer network. What type of traffic is being monitored, how, why, and what is done with the information gained all vary wildly, and there are many different products on the market that do the same thing different ways or do different things and are complementary.

Network monitoring could be anything from checking your home network router logs to see which websites were visited, to a company running a dedicated proxy server that inspects all network packets and records everything that employees are doing on the network.