23 posts categorized "Ixia" Feed

Four Things to Consider Before You Move Everything to the Cloud (by Keith Bromley)

Four Things to Consider Before You Move Everything to the Cloud

Organizations everywhere are moving pieces, if not all, of their workloads to public clouds. This is understandable as there are some clear benefits to this strategy. At the same, a public cloud instance does not work the same way as a physical on-premises network does. This means that when you make your move to the cloud, you need to understand that it is not simply a “lift and shift” endeavor. Making this assumption could make you very sorry. A new whitepaper (Top Four Considerations When Migrating to Public Cloud) provides an in-depth illustration why.

Instead of hoping your cloud migration works, a solid approach would be to ask yourself the following four questions before you create this new architecture:

  • What is the extent and timeframe of your migration strategy?
  • How will you handle the decrease in network visibility as you move to the cloud?
  • Will you need to deploy inline security and monitoring tools?
  • How do you plan to accurately gauge network performance?

These items present serious challenges for businesses considering cloud deployments. However, there are viable solutions and processes that mitigate these considerations to help make cloud migration as beneficial as possible. Let’s explore the four questions further.

Continue reading "Four Things to Consider Before You Move Everything to the Cloud (by Keith Bromley)" »


Mapping Network Security Resilience To The NIST Cybersecurity Framework (by Keith Bromley)

Mapping Network Security Resilience To The NIST Cybersecurity Framework!

On May 11, 2017 President Trump issued his Presidential Executive Order 13800. As part of this executive order, all government agency heads will be held accountable for implementing solutions and managing the risks associated with threats to our nation’s cybersecurity and thus must take immediate action to review cybersecurity protocols in order to upgrade each department’s IT infrastructure. Furthermore, the executive order mandates the use of the NIST Framework for Improving Critical Infrastructure Cybersecurity within government agencies.

The NIST Framework for Improving Critical Infrastructure Cybersecurity provides a common language for understanding, managing, and expressing cybersecurity risk. This framework is built upon concepts to organize information, enable risk management decisions, address threats, and improve through lessons learned.

The foundation to these concepts are aligned within five core functions:

  • Identify
  • Protect
  • Detect
  • Respond
  • Recover

A new whitepaper from Ixia (a Keysight Business) called Deploying a Layered Visibility and Cybersecurity Architecture provides an overview of how to combine a visibility architecture with a security architecture to address the NIST architecture. The following excerpt provides a short of overview of how to accomplish this. A full discussion on the subject is contained within the whitepaper.

Review the foundation concepts - Framework-01

Continue reading "Mapping Network Security Resilience To The NIST Cybersecurity Framework (by Keith Bromley)" »


Diffusing The IT Blame Game With Network Visibility (by Keith Bromley)

Diffusing The IT Blame Game With Network Visibility

How well does your company communicate internally? Specifically, how well do your IT departments communicate with each other?  Enterprises typically contain four or more IT sub departments (Security, Network Operations, Virtual DC, Capacity Planning, Service Desk, Compliance, etc.) and it’s quite common for them to be at odds with each other, even in good times. For instance, there’s often contention over capital budgets, sharing resources, and headcount.

But let’s be generous. Let’s say that in normal operations things are usually good between departments. What happens if there’s a breach though, even a minor one? Then things can change quickly. Especially if there are problems with acquiring accurate monitoring data for security and troubleshooting areas. Finger pointing can quickly result.

So, what can you do? We recently discussed this on an LMTV podcast How To Diffuse The IT Blame Game. One of the answers is to create complete network visibility for network security and network monitoring and troubleshooting activities.

For instance, here are three common sources of issues for most IT organizations:

  • There is a lack of proper access to network data
  • Analytic and security tools can be modified, moved, or just plain disappear without permission
  • Capture and analysis of monitoring data can create business risk and problems for other departments

Continue reading "Diffusing The IT Blame Game With Network Visibility (by Keith Bromley)" »


Top Five Ways to Optimize Performance Monitoring (by Keith Bromley)

Top Five Ways to Optimize Performance Monitoring

Network performance monitoring, and especially network optimization, is more of an art than a science because there are so many factors that figure into network and application responsiveness. In addition, while there is a plethora of data on the network, determining the right kind of data that you need and where you should you be capturing it from can become very difficult. This data collection process is then further complicated by the fact that tactical data loses up to 70% of its value after 30 minutes. This makes the speed and accuracy of data analysis critical.

The solution to these problems is to create a network visibility architecture. Network visibility is what enables you to quickly isolate and resolve performance issues; ultimately ensuring the best possible end-user experience. From there, you can use anomaly driven data flows to quickly isolate potential problems.

Here is what you need to set up a visibility architecture:

Optimized Performance 2

  • Taps, virtual taps, and bypass switches – These devices give you timely access to the data you need
  • Network packet broker (NPB) – This device gives you filtering capability to maximize the flow of relevant information to your monitoring tools. NPBs enable: data aggregation, filtering, deduplication, and load balancing of Layer 2 through 4 (of the OSI model) packet data.
  • Application intelligence functionality (within an NPB) – This functionality provides additional filtering and analysis at the application layer, i.e. Layer 7 of the OSI stack
  • The final layer is made up of your security and monitoring tools. These devices are typically special purpose tools (e.g., sniffer, NPM, APM, etc.) that are designed to analyze specific data.

 

Continue reading "Top Five Ways to Optimize Performance Monitoring (by Keith Bromley)" »


Top Five Ways to Strengthen a Security Architecture (by Keith Bromley)

Top Five Ways to Strengthen a Security Architecture

 

Network security is one of, if not THE, most important topic for IT professionals. This is true for the security engineer, the CISO, CIO, CLO and even the CEO.

The question though is, “What can you really do to improve it?” The answer is to strengthen your deployment of inline security tools. In terms of regulatory compliance for PCI-DSS and HIPAA, inline security tool deployment may not be critical, but it is imperative for a security architecture where you are trying to maximize your defenses.

Network security 2

Here are five of the top activities IT professionals can implement to improve their company’s inline security architecture:

  1. Insert external bypass switches between the network and security tools to improve network availability and reliability
  2. Deploy threat intelligence gateways at the entrance/exit of your network to reduce false positive security alerts
  3. Offload SSL decryption from existing security devices (like firewalls, WAFs, etc.) to network packet brokers or purpose-built devices to reduce latency and increase the efficiency of your security tools
  4. Perform serial tool chaining for suspect data to improve the data inspection process
  5. Insert network packet brokers to improve security device availability by using either n+1 or high availability technology

Read On - More details of implementing a better Security Architecture - 

Continue reading "Top Five Ways to Strengthen a Security Architecture (by Keith Bromley)" »