SlideShare ist ein Scribd-Unternehmen logo

Five steps to build visibility and security in network

Anand Raj
Anand Raj
Technologie
1 von 5
Downloaden Sie, um offline zu lesen
©2013 Ixia Five Steps to Building Visibility and Security Into Your Network You can’t secure what you don’t know about Contents Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Step 1: Don’t Let Capacity Limit Access to Monitoring Information. . . . . . . . . . . . . . . . . . . . . . . . . 2 Step 2: Reduce Unnecessary Data and Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Step 3: Get the ROI You Want From Your Existing Monitoring Tools. . . . . . . . . . . . . . . . . . . . . . . . 3 Step 4: Optimize Incident Response to Reduce Mean Time to Repair. . . . . . . . . . . . . . . . . . . . . . . 4 Step 5: Optimize Your Network With Trend Analysis. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Introduction As organizations seek to walk the networking tightrope between the demands of performance management and network investment, they clearly need something to hang on to, to help them keep their balance. Mature enterprises are increasingly turning to network visibility as that proverbial balancing pole. Without visibility, it’s difficult to manage operational variables to maintain high levels of network performance — and it is near impossible to understand the threats assailing the network to maintain security and control over network assets. But simply throwing money at network and security monitoring tools doesn’t provide the kind of visibility necessary to balance performance and control. Organizations also need to employ best practices to ensure that they are getting the most out of their network and security monitoring investments. Brought to you compliments of:
2 ©2013 Ixia Return to top The following five-step approach can help IT keep its balance while gaining that crucial visibility into the network: Step 1: Don’t Let Capacity Limit Access to Monitoring Information In an ideal world, network monitoring offers a window into the infrastructure, allowing IT to make more informed decisions about how to configure the network for improved performance and respond rapidly to security incidents. But this paradigm depends on one assumption: You must have the capacity to support it. Without enough network connections available to plug in monitoring and security information and event management (SIEM) tools simultaneously, the organization effectively neutralizes the underlying assumption of visibility afforded by monitoring. On a nontechnical level, you could compare it to plugging all of the lights in your house into a single power strip: If the strip can handle only seven lamps but the house needs 10 to keep all the rooms lit, then you’re left with the prospect of unplugging three lamps to plug in three others. At any given time, some part of the house goes dark. From a networking perspective, capacity restrictions that hamper full monitoring coverage make it difficult to gain a full understanding of how well the network is performing across all components of the infrastructure. These capacity limits can also prove a considerable security liability, as an organization that must ration monitoring will sometimes be unable to pinpoint risk indicators that crop up in those areas of the network that have gone “dark” due to disabled tools. This is why it is so critical to implement a monitoring solution like the Ixia Anue Net Tool Optimizer (NTO) to help address your TAP and SPAN port shortages in a cost-efficient manner. Doing so makes it possible to engage all of the monitoring and SIEM tools required for maximum visibility, without having to outlay the budget to buy more hardware to support those tools. Step 2: Reduce Unnecessary Data and Costs Achieving comprehensive network and application monitoring on all network traffic can be a double-edged sword. On the plus side, a full slate of monitoring tools allows organizations to analyze all aspects of the network for clues to help fine-tune performance and protection. But on the flip side, those monitoring tools are looking at everything, including all of the redundant and extraneous packets streaming through the infrastructure. Plain and simple, the more unnecessary packets cluttering network traffic, the harder it is to sift through the mound of data to find the relevant information necessary for maintaining solid perfor- mance and spotting security issues. Unfortunately, the typical monitoring tool today is clogged with an unending stream of redundant information and duplicate packets. It costs more to not only process all this data, but to also store duplicate data on the SAN.
3 ©2013 Ixia Return to top In order to get the most from your monitoring investment, it’s critical to find ways to strategically cut down on packet clutter. This kind of decluttering is something the Ixia Anue NTO excels at — it cleans up the stream so that the data being monitored is the data that matters. Step 3: Get the ROI You Want From Your Existing Monitoring Tools Even after cleaning up a packet stream, though, it’s still possible for organizations to be over- whelmed by the information pumped through their monitoring tools. Depending on the legacy architecture, organizations could be faced with the prospect of drinking from the proverbial data fire hose. For instance, analysts at Enterprise Management Associates (EMA) found that at the University of Texas at Austin, IT teams responsible for protecting network integrity and analyzing packet streams for network monitoring, analysis and troubleshooting were using traditional network switches to provide packet streams by replicating traffic back to the monitoring tools.1 “But we had a problem,” the university’s chief information security officer told EMA. “As [traffic] volumes grew, these mirrored flows were exhausting resources on the switches, causing packet drops. We had been doing this for years using old Cisco switches, so it wasn’t costing us much, but volume was really becoming an issue and dropping packets was simply not acceptable.” This is where the strategy of segmenting packet information, filtering it and directing it to specialized monitoring tools can help IT teams manage and parse out that flow of information, giving organizations a better ROI from their existing monitoring investments. Ideally, organizations should consider instituting port balancing to enable optimized distribution of information without overloading the monitoring tools. Meanwhile, three-stage filtering — ingress, egress and dynamic filtering — of the information being distributed will ensure that just the right amount and right type of information is distributed to the appropriate tool. Ixia believes that not only are these capabilities critical, but that they also need to be easy to control. Time is money, and the faster administrators can configure their tools, the higher the ROI. That’s why Ixia puts the power to distribute the correct information in administrators’ hands, using a GUI equipped with drag-and-drop filters. Users can create contingent, or floating, filters for segmentation in a fast and easy way. It’s the solution that the University of Texas used, and as a result, the school expects to achieve a 120% payback on its investment during the next five years, with a projected $846,000 in cost savings. 1 “ROI Experiences with Network Monitoring Switches — University of Texas at Austin,” Enterprise Management Associates, 2012
4 ©2013 Ixia Return to top Step 4: Optimize Incident Response to Reduce Mean Time to Repair The longer it takes IT to actually respond to security or operational incidents, the more risk it incurs for the business and the more expensive such incidents become. This is where automating responses to incident triggers picked up in monitoring traffic is so crucial to gaining the most return on monitoring investments. Organizations that are able to optimize real-time reactions to performance issues or security problems tend to reap the most ROI — because the faster they respond, the more likely they are to reduce their mean time to repair. Another benefit of adding a monitoring switch to the network infrastructure is that organizations can eliminate the need for crash carts and change board approval. Crash cart and change board procedures are put in place to deal with SPAN/TAP shortages and the risk of network disruptions or outages when any physical change is made to the IP network. History has repeatedly shown that when IT has to make network changes on the fly, it far too often results in additional — potentially worse — disruptions. With a monitoring switch installed, network disruptions are minimized. IT can change/copy the data streams through software filtering, which has far fewer risks. Risks can be further minimized by testing configurations through a simulator first, before uploading any new configurations into the monitoring switch. Only a few monitoring switches, such as the Anue NTO, offer this simulator functionality, but it can be a powerful tool for optimizing the data network. While visibility solutions like the Ixia Anue NTO monitoring product don’t fix the problems themselves, they make it easier for an organization’s expert problem solvers to take care of issues more quickly. Operations staff can be automatically apprised of issues that are hindering performance, greatly reducing troubleshooting time. And security personnel are tapped into information about where, when and how attacks are occurring so they can more strategically plan for a proactive defense. The idea is simple: By developing a set of trigger scripts, the monitoring switch can respond when problematic conditions are met. So, in the case of security, if network traffic is deemed suspicious by the security tool, it will be sent to the appropriate security tool or network recorder for analysis. At the same time, an alert can be sent to the incident response team, whose members will immediately have all the necessary information at their fingertips when they access the network to troubleshoot the incident. The Anue NTO offers an additional layer of security through integration with SIEM tools. This integration makes it possible to automatically send relevant information to these tools for better correlation of seemingly disparate events. Step 5: Optimize Your Network With Trend Analysis Network planning requires long-term strategies that depend on business intelligence. Without a long history of network intelligence, it is difficult to devise a strategy based on anything other than guesswork.
5 ©2013 Ixia Return to top Not only can a network monitoring switch like the Anue NTO help with immediate issues like distribution of information to monitoring tools and automated incident response, but it can also provide the capabilities needed to make decisions that feed into the organization’s strategic vision. By using the historical trend data offered by the monitoring switch, organizations are better able to institute proactive network optimization on the operations side, rather than running the network reactively. Customers can watch trends and anticipate when network capacity will need to be added, rather than being surprised by network segments reaching capacity. Additionally, that same statistical information can be used to validate service-level agreements. Conclusion All too often, organizations throw money and bandwidth at network performance and security problems without ever achieving the network intelligence to fix the root causes. In order to strike that perfect balance between secure performance and reasonable investment, it takes a monitoring switch like the Anue NTO to achieve the kind of visibility necessary for that intelligence. The Anue NTO helps organizations filter unnecessary packets and distribute data optimally to existing monitoring tools so that they are never overloaded by data that eventually could be lost. Automatic trigger scripts help organizations get the most out of their monitoring investment by reducing mean time to repair. And all of that valuable trend data is made available so that organizations can be more proactive about their infrastructure decisions. Most important, it’s all done in a way that reduces complexity, through a consistent management interface across all deployment scenarios. This power of simplicity drives the power to create more network monitoring ROI. To learn more, visit http://simpleis.ixiacom.com

Empfohlen

OTRS by eStomi - ITSM & BSM Consulting
OTRS by eStomi - ITSM & BSM ConsultingOTRS by eStomi - ITSM & BSM Consulting
OTRS by eStomi - ITSM & BSM ConsultingeStomi Technologies
 
Remedy rapid deployment 1
Remedy rapid deployment 1Remedy rapid deployment 1
Remedy rapid deployment 1Anand Raj
 
eStomi Technologies - ITSM & BSM Consulting
eStomi Technologies - ITSM & BSM ConsultingeStomi Technologies - ITSM & BSM Consulting
eStomi Technologies - ITSM & BSM ConsultingeStomi Technologies
 
OTRS Company Presentation
OTRS Company PresentationOTRS Company Presentation
OTRS Company PresentationWielbert Chouphen Collinson
 
ServiceNow by eStomi - ITSM & BSM Consulting
ServiceNow by eStomi - ITSM & BSM ConsultingServiceNow by eStomi - ITSM & BSM Consulting
ServiceNow by eStomi - ITSM & BSM ConsultingeStomi Technologies
 
BMC Remedy AR System 9.1 Concepts (WBT)
BMC Remedy AR System 9.1 Concepts (WBT)BMC Remedy AR System 9.1 Concepts (WBT)
BMC Remedy AR System 9.1 Concepts (WBT)Bernu Van Zyl
 
OTRS Consulting, Implementation, Customization and AMC
OTRS Consulting, Implementation, Customization and AMCOTRS Consulting, Implementation, Customization and AMC
OTRS Consulting, Implementation, Customization and AMCRazak Mohammed Ali
 
ManageEngine by eStomi - ITSM & BSM Consulting
ManageEngine by eStomi - ITSM & BSM ConsultingManageEngine by eStomi - ITSM & BSM Consulting
ManageEngine by eStomi - ITSM & BSM ConsultingeStomi Technologies
 

Empfohlen

OTRS by eStomi - ITSM & BSM Consulting
OTRS by eStomi - ITSM & BSM ConsultingOTRS by eStomi - ITSM & BSM Consulting
OTRS by eStomi - ITSM & BSM ConsultingeStomi Technologies
 
Remedy rapid deployment 1
Remedy rapid deployment 1Remedy rapid deployment 1
Remedy rapid deployment 1Anand Raj
 
eStomi Technologies - ITSM & BSM Consulting
eStomi Technologies - ITSM & BSM ConsultingeStomi Technologies - ITSM & BSM Consulting
eStomi Technologies - ITSM & BSM ConsultingeStomi Technologies
 
OTRS Company Presentation
OTRS Company PresentationOTRS Company Presentation
OTRS Company PresentationWielbert Chouphen Collinson
 
ServiceNow by eStomi - ITSM & BSM Consulting
ServiceNow by eStomi - ITSM & BSM ConsultingServiceNow by eStomi - ITSM & BSM Consulting
ServiceNow by eStomi - ITSM & BSM ConsultingeStomi Technologies
 
BMC Remedy AR System 9.1 Concepts (WBT)
BMC Remedy AR System 9.1 Concepts (WBT)BMC Remedy AR System 9.1 Concepts (WBT)
BMC Remedy AR System 9.1 Concepts (WBT)Bernu Van Zyl
 
OTRS Consulting, Implementation, Customization and AMC
OTRS Consulting, Implementation, Customization and AMCOTRS Consulting, Implementation, Customization and AMC
OTRS Consulting, Implementation, Customization and AMCRazak Mohammed Ali
 
ManageEngine by eStomi - ITSM & BSM Consulting
ManageEngine by eStomi - ITSM & BSM ConsultingManageEngine by eStomi - ITSM & BSM Consulting
ManageEngine by eStomi - ITSM & BSM ConsultingeStomi Technologies
 
Cbt storage@scale use case deck (cl) (6.8.18)
Cbt storage@scale use case deck (cl) (6.8.18)Cbt storage@scale use case deck (cl) (6.8.18)
Cbt storage@scale use case deck (cl) (6.8.18)Anand Raj
 
Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...
Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...
Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...Anand Raj
 
Bmc atrium
Bmc atriumBmc atrium
Bmc atriumAnand Raj
 
Data centerconsolidations
Data centerconsolidationsData centerconsolidations
Data centerconsolidationsAnand Raj
 
Virtualization management
Virtualization management Virtualization management
Virtualization management Anand Raj
 
Remedy rapid deployment 1
Remedy rapid deployment 1Remedy rapid deployment 1
Remedy rapid deployment 1Anand Raj
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 

Weitere ähnliche Inhalte

Mehr von Anand Raj

Cbt storage@scale use case deck (cl) (6.8.18)
Cbt storage@scale use case deck (cl) (6.8.18)Cbt storage@scale use case deck (cl) (6.8.18)
Cbt storage@scale use case deck (cl) (6.8.18)Anand Raj
 
Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...
Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...
Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...Anand Raj
 
Data centerconsolidations
Data centerconsolidationsData centerconsolidations
Data centerconsolidationsAnand Raj
 
Virtualization management
Virtualization management Virtualization management
Virtualization management Anand Raj
 
Remedy rapid deployment 1
Remedy rapid deployment 1Remedy rapid deployment 1
Remedy rapid deployment 1Anand Raj
 

Mehr von Anand Raj (6)

Cbt storage@scale use case deck (cl) (6.8.18)
Cbt storage@scale use case deck (cl) (6.8.18)Cbt storage@scale use case deck (cl) (6.8.18)
Cbt storage@scale use case deck (cl) (6.8.18)
 
Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...
Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...
Ema best practices_for_utilizing_network_monitoring_switches_in_cisco_environ...
 
Bmc atrium
Bmc atriumBmc atrium
Bmc atrium
 
Data centerconsolidations
Data centerconsolidationsData centerconsolidations
Data centerconsolidations
 
Virtualization management
Virtualization management Virtualization management
Virtualization management
 
Remedy rapid deployment 1
Remedy rapid deployment 1Remedy rapid deployment 1
Remedy rapid deployment 1
 

Kürzlich hochgeladen

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 

Kürzlich hochgeladen (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

Five steps to build visibility and security in network

  • 1. ©2013 Ixia Five Steps to Building Visibility and Security Into Your Network You can’t secure what you don’t know about Contents Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Step 1: Don’t Let Capacity Limit Access to Monitoring Information. . . . . . . . . . . . . . . . . . . . . . . . . 2 Step 2: Reduce Unnecessary Data and Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Step 3: Get the ROI You Want From Your Existing Monitoring Tools. . . . . . . . . . . . . . . . . . . . . . . . 3 Step 4: Optimize Incident Response to Reduce Mean Time to Repair. . . . . . . . . . . . . . . . . . . . . . . 4 Step 5: Optimize Your Network With Trend Analysis. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Conclusion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Introduction As organizations seek to walk the networking tightrope between the demands of performance management and network investment, they clearly need something to hang on to, to help them keep their balance. Mature enterprises are increasingly turning to network visibility as that proverbial balancing pole. Without visibility, it’s difficult to manage operational variables to maintain high levels of network performance — and it is near impossible to understand the threats assailing the network to maintain security and control over network assets. But simply throwing money at network and security monitoring tools doesn’t provide the kind of visibility necessary to balance performance and control. Organizations also need to employ best practices to ensure that they are getting the most out of their network and security monitoring investments. Brought to you compliments of:
  • 2. 2 ©2013 Ixia Return to top The following five-step approach can help IT keep its balance while gaining that crucial visibility into the network: Step 1: Don’t Let Capacity Limit Access to Monitoring Information In an ideal world, network monitoring offers a window into the infrastructure, allowing IT to make more informed decisions about how to configure the network for improved performance and respond rapidly to security incidents. But this paradigm depends on one assumption: You must have the capacity to support it. Without enough network connections available to plug in monitoring and security information and event management (SIEM) tools simultaneously, the organization effectively neutralizes the underlying assumption of visibility afforded by monitoring. On a nontechnical level, you could compare it to plugging all of the lights in your house into a single power strip: If the strip can handle only seven lamps but the house needs 10 to keep all the rooms lit, then you’re left with the prospect of unplugging three lamps to plug in three others. At any given time, some part of the house goes dark. From a networking perspective, capacity restrictions that hamper full monitoring coverage make it difficult to gain a full understanding of how well the network is performing across all components of the infrastructure. These capacity limits can also prove a considerable security liability, as an organization that must ration monitoring will sometimes be unable to pinpoint risk indicators that crop up in those areas of the network that have gone “dark” due to disabled tools. This is why it is so critical to implement a monitoring solution like the Ixia Anue Net Tool Optimizer (NTO) to help address your TAP and SPAN port shortages in a cost-efficient manner. Doing so makes it possible to engage all of the monitoring and SIEM tools required for maximum visibility, without having to outlay the budget to buy more hardware to support those tools. Step 2: Reduce Unnecessary Data and Costs Achieving comprehensive network and application monitoring on all network traffic can be a double-edged sword. On the plus side, a full slate of monitoring tools allows organizations to analyze all aspects of the network for clues to help fine-tune performance and protection. But on the flip side, those monitoring tools are looking at everything, including all of the redundant and extraneous packets streaming through the infrastructure. Plain and simple, the more unnecessary packets cluttering network traffic, the harder it is to sift through the mound of data to find the relevant information necessary for maintaining solid perfor- mance and spotting security issues. Unfortunately, the typical monitoring tool today is clogged with an unending stream of redundant information and duplicate packets. It costs more to not only process all this data, but to also store duplicate data on the SAN.
  • 3. 3 ©2013 Ixia Return to top In order to get the most from your monitoring investment, it’s critical to find ways to strategically cut down on packet clutter. This kind of decluttering is something the Ixia Anue NTO excels at — it cleans up the stream so that the data being monitored is the data that matters. Step 3: Get the ROI You Want From Your Existing Monitoring Tools Even after cleaning up a packet stream, though, it’s still possible for organizations to be over- whelmed by the information pumped through their monitoring tools. Depending on the legacy architecture, organizations could be faced with the prospect of drinking from the proverbial data fire hose. For instance, analysts at Enterprise Management Associates (EMA) found that at the University of Texas at Austin, IT teams responsible for protecting network integrity and analyzing packet streams for network monitoring, analysis and troubleshooting were using traditional network switches to provide packet streams by replicating traffic back to the monitoring tools.1 “But we had a problem,” the university’s chief information security officer told EMA. “As [traffic] volumes grew, these mirrored flows were exhausting resources on the switches, causing packet drops. We had been doing this for years using old Cisco switches, so it wasn’t costing us much, but volume was really becoming an issue and dropping packets was simply not acceptable.” This is where the strategy of segmenting packet information, filtering it and directing it to specialized monitoring tools can help IT teams manage and parse out that flow of information, giving organizations a better ROI from their existing monitoring investments. Ideally, organizations should consider instituting port balancing to enable optimized distribution of information without overloading the monitoring tools. Meanwhile, three-stage filtering — ingress, egress and dynamic filtering — of the information being distributed will ensure that just the right amount and right type of information is distributed to the appropriate tool. Ixia believes that not only are these capabilities critical, but that they also need to be easy to control. Time is money, and the faster administrators can configure their tools, the higher the ROI. That’s why Ixia puts the power to distribute the correct information in administrators’ hands, using a GUI equipped with drag-and-drop filters. Users can create contingent, or floating, filters for segmentation in a fast and easy way. It’s the solution that the University of Texas used, and as a result, the school expects to achieve a 120% payback on its investment during the next five years, with a projected $846,000 in cost savings. 1 “ROI Experiences with Network Monitoring Switches — University of Texas at Austin,” Enterprise Management Associates, 2012
  • 4. 4 ©2013 Ixia Return to top Step 4: Optimize Incident Response to Reduce Mean Time to Repair The longer it takes IT to actually respond to security or operational incidents, the more risk it incurs for the business and the more expensive such incidents become. This is where automating responses to incident triggers picked up in monitoring traffic is so crucial to gaining the most return on monitoring investments. Organizations that are able to optimize real-time reactions to performance issues or security problems tend to reap the most ROI — because the faster they respond, the more likely they are to reduce their mean time to repair. Another benefit of adding a monitoring switch to the network infrastructure is that organizations can eliminate the need for crash carts and change board approval. Crash cart and change board procedures are put in place to deal with SPAN/TAP shortages and the risk of network disruptions or outages when any physical change is made to the IP network. History has repeatedly shown that when IT has to make network changes on the fly, it far too often results in additional — potentially worse — disruptions. With a monitoring switch installed, network disruptions are minimized. IT can change/copy the data streams through software filtering, which has far fewer risks. Risks can be further minimized by testing configurations through a simulator first, before uploading any new configurations into the monitoring switch. Only a few monitoring switches, such as the Anue NTO, offer this simulator functionality, but it can be a powerful tool for optimizing the data network. While visibility solutions like the Ixia Anue NTO monitoring product don’t fix the problems themselves, they make it easier for an organization’s expert problem solvers to take care of issues more quickly. Operations staff can be automatically apprised of issues that are hindering performance, greatly reducing troubleshooting time. And security personnel are tapped into information about where, when and how attacks are occurring so they can more strategically plan for a proactive defense. The idea is simple: By developing a set of trigger scripts, the monitoring switch can respond when problematic conditions are met. So, in the case of security, if network traffic is deemed suspicious by the security tool, it will be sent to the appropriate security tool or network recorder for analysis. At the same time, an alert can be sent to the incident response team, whose members will immediately have all the necessary information at their fingertips when they access the network to troubleshoot the incident. The Anue NTO offers an additional layer of security through integration with SIEM tools. This integration makes it possible to automatically send relevant information to these tools for better correlation of seemingly disparate events. Step 5: Optimize Your Network With Trend Analysis Network planning requires long-term strategies that depend on business intelligence. Without a long history of network intelligence, it is difficult to devise a strategy based on anything other than guesswork.
  • 5. 5 ©2013 Ixia Return to top Not only can a network monitoring switch like the Anue NTO help with immediate issues like distribution of information to monitoring tools and automated incident response, but it can also provide the capabilities needed to make decisions that feed into the organization’s strategic vision. By using the historical trend data offered by the monitoring switch, organizations are better able to institute proactive network optimization on the operations side, rather than running the network reactively. Customers can watch trends and anticipate when network capacity will need to be added, rather than being surprised by network segments reaching capacity. Additionally, that same statistical information can be used to validate service-level agreements. Conclusion All too often, organizations throw money and bandwidth at network performance and security problems without ever achieving the network intelligence to fix the root causes. In order to strike that perfect balance between secure performance and reasonable investment, it takes a monitoring switch like the Anue NTO to achieve the kind of visibility necessary for that intelligence. The Anue NTO helps organizations filter unnecessary packets and distribute data optimally to existing monitoring tools so that they are never overloaded by data that eventually could be lost. Automatic trigger scripts help organizations get the most out of their monitoring investment by reducing mean time to repair. And all of that valuable trend data is made available so that organizations can be more proactive about their infrastructure decisions. Most important, it’s all done in a way that reduces complexity, through a consistent management interface across all deployment scenarios. This power of simplicity drives the power to create more network monitoring ROI. To learn more, visit http://simpleis.ixiacom.com