53 posts categorized "Data Visualization" Feed

Is your Network Security Slowing you Down? (by Jason Nutt)

Is Network Security Slowing you Down?

Measuring the Latency impact Created by Next Gen Security Solutions

As an IT professional, you are well aware of the challenges posed by network latency. Applications like audio and video delivery, bandwidth sensitive mobile applications, cloud computing and storage services are extremely sensitive to network latency.

What you may not realize, however, is the amount of latency created by your Next Generation Intrusion Prevention Systems (NG-IPS) and Next Generation Firewalls (NG-FW). While they are critical to protecting your network, these security tools and others that perform deep packet inspection can increase latency, significantly impacting your overall application performance.

Recently we worked with a large health care services provider trying to figure out why it was taking so long to send MRI data between locations. This was causing significant frustration for patients, doctors and medical staff. Having been aware of Aukua’s nanosecond precision capture and analysis tools, they asked for our help. The company suspected one of more of their NG-IPS devices was causing the delays, but they did not have a way to confirm this. Since these security tools do not treat all packets the same, they were unable to detect or measure the application latency issue with artificial traffic such as ICMP. And since some applications were being adversely delayed and others were not, they could not rely on the NG-IPS vendor’s generic latency specs for various packet sizes. In addition, compliance rules prohibited them from introducing new traffic into their live network.

 

Continue reading "Is your Network Security Slowing you Down? (by Jason Nutt)" »


No visibility in the GDPR era, be ready for BIG fines! (by Derek Burke)

No visibility in the GDPR era, be ready for BIG fines!

Legal problem!!! -

As of May 25, 2018 the EU General Data Protection Regulation (GDPR) went into effect.  GDPR requires compliance for any company interacting with persons in the EU and enforces strict standards on data handling and extremely fast responses to breaches of Personally Identifiable Information (PII).  Failing to fulfill these requirements can have dire consequences with fines ranging from a minimum €20.000.000,00 to 4% of a company’s gross annual earnings.  The demands that the GDPR places upon an organization are not only daunting but can seem insurmountable. 

Get Visibility #1

First steps - The first step -  a data flow and dependencies map to identify:

  • Data items (e.g. names, email addresses, records);
  • Formats (e.g. online data entry, database);
  • Transfer and sharing methods of data;
  • Locations where data is stored and needs protection inside and outside;
  • Who is connected to who and who has what information – via the network!

Technical problems – bullets best on how to gain visibility to solve above main issues!

i.e. – access – Full visibility, filtering on databases to see who has access, servers where data is stored, who has access, apps that share data, ..etc

NO BLIND SPOTS! On-site or Remote  Remote visibilityKey performance indicators from mobile probe panel

 

Continue reading "No visibility in the GDPR era, be ready for BIG fines! (by Derek Burke)" »


Network Visibility - The Rise of the Aggregation Layer (by Greg Zemlin)

Network Visibility - The Rise of the Aggregation Layer

Sole reliance on SPAN ports for network visibility and monitoring has been on the decline for years. IT teams realize the inherent limitations of SPAN ports and have shifted in favor of the traditional 3-tiered approach to network visibility.

Tier 1: Physical Layer TAPs Network Test Access Points (TAPs) are hardware tools that allow you to access and duplicate network traffic. TAPs supply full line rate traffic and are never oversubscribed or rate limited. The egress traffic from the TAPs is then sent to NPBs.

Tier 2: Network Packet Brokers Network Packet Brokers (NPBs) are responsible for efficiently funneling data from network TAPs and SPAN ports to each tool. NPB’s were originally designed to replicate traffic for multiple tools while reducing the volume of traffic to each tool, ensuring each tool operates as efficiently as possible. This is typically done through a combination of aggregation, replication and L2-L4 filtering. The groomed, tool specific traffic is sent out for processing.

Aggregating Traffic

Tier 3: Tools Tools are responsible for processing and characterizing traffic of interest. Common tools are built for application performance monitoring, security, and data forensics.

Continue reading "Network Visibility - The Rise of the Aggregation Layer (by Greg Zemlin)" »


Top Five Ways to Optimize Performance Monitoring (by Keith Bromley)

Top Five Ways to Optimize Performance Monitoring

Network performance monitoring, and especially network optimization, is more of an art than a science because there are so many factors that figure into network and application responsiveness. In addition, while there is a plethora of data on the network, determining the right kind of data that you need and where you should you be capturing it from can become very difficult. This data collection process is then further complicated by the fact that tactical data loses up to 70% of its value after 30 minutes. This makes the speed and accuracy of data analysis critical.

The solution to these problems is to create a network visibility architecture. Network visibility is what enables you to quickly isolate and resolve performance issues; ultimately ensuring the best possible end-user experience. From there, you can use anomaly driven data flows to quickly isolate potential problems.

Here is what you need to set up a visibility architecture:

Optimized Performance 2

  • Taps, virtual taps, and bypass switches – These devices give you timely access to the data you need
  • Network packet broker (NPB) – This device gives you filtering capability to maximize the flow of relevant information to your monitoring tools. NPBs enable: data aggregation, filtering, deduplication, and load balancing of Layer 2 through 4 (of the OSI model) packet data.
  • Application intelligence functionality (within an NPB) – This functionality provides additional filtering and analysis at the application layer, i.e. Layer 7 of the OSI stack
  • The final layer is made up of your security and monitoring tools. These devices are typically special purpose tools (e.g., sniffer, NPM, APM, etc.) that are designed to analyze specific data.

 

Continue reading "Top Five Ways to Optimize Performance Monitoring (by Keith Bromley)" »


LMTV LIVE | Resilience Within A Security Architecture (with Keith Bromley and Steve McGregory)

LIVE EVENT START TIME : Wednesday, May 30, 2018 - 9:30 AM PST

NetworkVis_Ad_TroubleshootIT_170x200Keith Bromley and Steve McGregory from Keysight Technologies (formerly Ixia) will be talking about a security architecture concept called Network Security Resilience. While this concept is not new, it has received as much attention as typical defensive strategies have. This may change with the new NIST Framework for Improving Critical Infrastructure Cybersecurity that places more effort on breach recovery and mitigation.

Basically, it’s not a question of IF your network will be breached, but WHEN. News broadcasts for the last several years have shown that most enterprise networks will be hacked at some point. In addition, the time it takes for most IT departments to notice the intrusion usually takes months—over six months according to the Ponemon Institute. This gives hackers plenty of time to find what they want and exfiltrate whatever information they want. What if you could reduce that time to 1 month, i.e. cut it to 1/6 of the time? Or maybe reduce it further to one week, or maybe to just one day? What if you could go further? Would that be of interest to you? 

Continue reading "LMTV LIVE | Resilience Within A Security Architecture (with Keith Bromley and Steve McGregory)" »