When given the task of securing a network, security analysts and network administrators typically face large volumes of security data that demand analysis. Selectively mapping elements of these flows to carefully crafted graphical displays can provide rapid insights while actively countering information overload. To this end, this article presents a generic framework for designing such visualization systems as well as results from the end-to-end design and implementation of two highly interactive systems. The first system focuses on increasing the utility of intrusion detection systems by providing information rich displays of network alerts. The second system provides new methods of visualizing network packets that enable the analyst to efficiently and effectively explore network traffic for malicious activity. To support their findings, the authors present the results of a user requirements study.