LoveMyTool - Open Community for Network Management and Monitoring: Network Access Control

14 posts categorized "Network Access Control"

May 18, 2012

Insurance For Your Network? (by Jay Botelho)

Insurance is a way of life, right? We insure our lives, our cars, our homes, and even mundane things like our cell phones. In short, we insure those things that are dear to us and that we cannot do without. So how about your network? If you’re a network engineer the network is pretty dear to you, and your company certainly cannot do without it, so it seems like a good candidate for insurance too. But what kind of insurance do you need? What is it that you need to protect most about your network?

Last year was labelled the “Year of the Hack,” by IT security professionals, with an onslaught of breaches that were financially and politically motivated. This year seems to be following in those same footsteps, with the latest mega-breach of Global Payments in April 2012 with 1.5 million accounts compromised. And on the political front, just do a Google search on cyber crime and see how worried everyone is about cyber criminals targeting the Summer Olympics in London.

Current protections are not enough. Although current security systems certainly protect against a significant number of attacks, they obviously don’t protect against all attacks. So let’s buy some insurance!

Continue reading "Insurance For Your Network? (by Jay Botelho)" »

Posted in Deep Packet Inspection, Forensics & Deep Packet Capture, Network Access Control, WildPackets | Permalink | Comments (0) | TrackBack (0)

February 16, 2011

What Is Hiding In Your Closet? (by Josh Stephens)

Calling All IT Pros: Show Us What’s Hiding in Your Closet

How do you determine which device is connected to which switch?

Do you have to crawl through multiple cabling closets to figure out where the defective device is hiding?
Neat network

Or, are you a bit neurotic and have a ridiculously clean closet with color-coded cables?

We at SolarWinds want to see how you manage your network devices!

Submit photos or videos of your network closet for a chance to win some geeky, yet cool swag (not to mention bragging rights with your boss)! Winners will be picked for the cleanest, messiest and most creative closets.

Hurry Up! The deadline to submit is March 9 for your photos! Do not miss out on this FUN adventure.

More details are described in our Video and on our Facebook page.

Now that we had some fun, it’s time to get down to real business…

Continue reading "What Is Hiding In Your Closet? (by Josh Stephens)" »

Posted in Network Access Control, Switching & Routing, Test & Measurement | Permalink | Comments (0) | TrackBack (0)

February 15, 2011

A Backup a Day Keeps the Technical Support Away (by Josh Stephens)

A Backup a Day Keeps the Technical Support Away

Can an NCCM solution make your Mondays better?

Do you often get “a case of the Mondays?”

Picture this: The traffic is bad, and you are already late (ironic?). Your coffee maker breaks, and the line at the coffee shop is wrapped around the corner. On top of that, you finally get to the office and the network is running slower than a turtle!

You say to yourself, “Oh crap, what changed since Friday to slow things down like this!?!?”

With this Geek’s help, you won’t need to have those stressful days. Here are my tips for managing your configuration changes effectively.

The Geek’s Top Five Tips for Network Configuration and Change Management (NCCM)

Continue reading "A Backup a Day Keeps the Technical Support Away (by Josh Stephens)" »

Posted in Application Performance, Network Access Control | Permalink | Comments (0) | TrackBack (0)

November 15, 2010

New Free Tool - Permissions Analyzer (by Josh Stephens)

System Administrators: Come on down! You’re the next contestant…

In today’s IT environment, technology is continually changing. With virtualization, the cloud and data center consolidation, it’s no wonder that managing your IT environment and resources can be a headache. And for SysAdmins, it’s more important than ever to keep tabs on who has the rights to what.

Here’s a common scenario: Johnny needs access to a specific file folder on a shared drive. But, since his workforce is distributed, he has no idea which user has access to the folder. Without the proper tools in place, Johnny spends the next few hours hunting and sorting through extensive sets of user and group permissions.

OR, what happens when your company decides to let Bob go after things got a little out of hand at the company offsite, and he decided to take the company car for a joy ride? Bob has access to the “super secret” files and shared folders, and that could cause major problems if his permission rights are not immediately identified and turned off.

Talk about driving you “bonkers.”

Until today, tools with permissions analysis come bundled as one feature in high-priced products, making it difficult and cumbersome to zero-in on permissions when you only need the one function. Or, you’re left with a cheap/free tool that doesn’t provide you with the depth of reporting needed.

Today all of that changes.

Continue reading "New Free Tool - Permissions Analyzer (by Josh Stephens)" »

Posted in Application Performance, Network Access Control | Permalink | Comments (0) | TrackBack (0)

October 29, 2010

Trick! or Treat? (by George Bouchard)

Sometimes we think we are getting a Treat when in reality, upon closer examination it may very well be a Trick. Take for example, the matter of IEEE standards on the 1G copper, where, whenever a port pair is interrupted for any reason, the port pairs must renegotiate their connection. Well when the problem occurs on a critical network, we cringe at the thought that we will have to lose some traffic while the ports are occupying themselves with the task or renegotiating the ports before traffic can resume. The reality is that no matter how fast the ports renegotiate there will be traffic loss!

Wouldn’t it be nice if we could fudge our way around this IEEE requirement “NOT” so that our important traffic links will not be interrupted in the event of a passing glitch that caused the port pair to lose their connection? Well there is no way this can happen so some loss will happen and that is a reality of a power loss and we have to expect that!

Well yes, it would be nice not to have to bite the bullet of losing some critical network traffic but is fiddling with the IEEE standard worth the benefit. Could we be setting ourselves up for a possible greater problem than just dropping a few packets? Why do we have standards if we are going to subvert them when it suits us?

Continue reading "Trick! or Treat? (by George Bouchard)" »

Posted in Network Access Control, Out-of-Band Data Access, Test & Measurement | Permalink | Comments (0) | TrackBack (0)

October 19, 2010

What the cloud can offer YOU! (by Josh Stephens)

The other day, one of my CIO friends was complaining about the lack of physical space in her data center –full racks, no place for power and no air/heating capacity.

She’s not the only one I hear this from. It’s a pretty common problem for IT practitioners today. The answer: The Cloud. Yes, I said it – The Cloud.

There’s certainly enough hype around the term “cloud” to make skeptics of all of us. But there is substance and value to what cloud computing is intended to do.

What does it really mean?

Simply put, it’s a style of computing that is highly elastic and scalable that you can purchase based on consumption and demand.

There are different twists to managing this type of IT environment, depending on whether your company is doing a public or a private cloud deployment.

Continue reading "What the cloud can offer YOU! (by Josh Stephens)" »

Posted in Cloud Computing, Network Access Control, Protocol Analysis | Permalink | Comments (2) | TrackBack (0)

October 14, 2010

Why Invest in a Product that is Built Around a Modular Design? (by George Bouchard)

Why is Modularity important when considering purchasing a network access product? Well, for example, it may not be practical to design a house in a modular fashion, but if it were practical, then you could build your house exactly the way you wanted it for your needs today. And if you only had the need for two bedrooms today, you could design it that way. As your family grew, you could then add more bedroom modules to accommodate the growth of your family or your mother-in-law coming to live with you.

Modularity gives you flexibility…you only have to purchase what you need today, and you can add or change functionality as your needs expand.

So, when considering equipment to provide Network Access for the tools you need to keep your network safe, secure, and in compliance; it would be wise to consider Network Critical’s SmartNA (Network Access)System.

The SmartNA System will give you the flexibility you need to solve your network access problems today and is so flexible it can be changed to meet your needs of tomorrow.

When it comes to networks, you can guarantee one thing -- the network will GROW.

It always does. Even in the smallest of networks, like the one you have in your home, will grow and change. You will need to add tools and access more links.

Continue reading "Why Invest in a Product that is Built Around a Modular Design? (by George Bouchard)" »

Posted in Application Performance, CALEA & Lawful Intercept, Network Access Control | Permalink | Comments (2) | TrackBack (0)

September 02, 2010

Improving Network Recording and Storage Efficiency with Taps, Aggregation and Filtering

Introduction

Most large computer networks are improving their storage infrastructure to meet compliance and security standards. The deployment and resources required to improve security are under constant assessment. Business and technology are both driving the requirements for improved storage solutions.

Framework

Providing adequate storage solutions throughout a network is not always technically or financially feasible. While storage costs per terabyte continue to decline, methods to efficiently manage storage facilities must evolve.

Figure 1 - Typical Network Diagram With Probe Deployment using Port Mirror

Network recording has become commonplace for security, compliance and network analysis purposes. Frequent backups of databases and other high volume traffic can drastically decrease the amount of available storage. Backing up databases across a network for offsite storage requires adequate bandwidth and is often done so that all data is stored at another location.

Recording traffic as it moves from one location to another is conveniently done at egress points of a local network. Recording of database transfers is often not necessary for compliance or security purposes on a local recording device. The database is fully transferred to another location, and this becomes the backup copy. Network data, VOIP conversations, web and application traffic is what is necessary to be recorded. Eliminating only database backups at the egress recording location has been problematic until the development of filtering TAPs.

Continue reading "Improving Network Recording and Storage Efficiency with Taps, Aggregation and Filtering" »

Posted in Network Access Control, Test & Measurement | Permalink | Comments (4) | TrackBack (0)

January 14, 2008

Round Rock ISD on Mirage Networks

“With our small network IT staff, it is essential that we have an automated solution to stop worms that get past perimeter defenses. With the Mirage Networks solution, instead of 200 or 300 systems to clean up, we’ll only have the initial infection point, which will remain contained until we have the time to remediate that system.”
-- Dan Scott, Senior Systems Engineer, Round Rock ISD

Rockroundisd Customer Profile - Round Rock Independent School District (ISD) is a school district headquartered in the city of Round Rock, Texas, United States. As of 2007, the school district served 39,079 students and includes all of Round Rock, northwestern portions of the City of Austin, and unincorporated portions of Williamson and Travis counties (including Anderson Mill).

Vendor Profile - Mirage Networks, Inc. is the leading provider of Network Access Control (NAC) solutions, including both pre- and post-admission security. The company’s patented technology gives organizations control over unknown, out-of-policy, and infected devices resulting in increased network uptime, policy compliance, and reduced operational costs. Mirage’s NAC appliances work in all network environments, deploy out-of-band, and require neither signatures nor agents to enforce policies and terminate zero-day threats. Based in Austin, Texas, Mirage Networks Endpoint Control is a consistent winner of industry awards and recognition.

Challenge:

Despite firewalls and intrusion detection systems, Round Rock ISD was unable to stop rapidly propagating threats across a state-of-the-art network serving nearly 40,000 users.

Solution:

Mirage NAC immediately stopped the threats without signatures or agents. Additionally, the solution uncovered network abuses arising from incomplete firewall rules and misconfigured PCs.

Benefits:

» Reduced network outages resulting from widespread worm infections
» Saved hundreds of hours of cleanup on infected endpoint devices
» Within 30 minutes of installation, identified unknown holes in firewalls

Continue reading other LoveMyTool posts on Mirage Networks »

Posted in Network Access Control | Permalink | Comments (0) | TrackBack (0)

December 11, 2007

Merced Superior Court on Mirage Networks

“I cannot begin to thank … all of the people who assisted me, (including) the great people at Mirage, who installed their Mirage NAC appliance and just ROCKED those hackers & viruses. Their device, to say the least, is just amazing, and scary in how good it worked.”
-- Tony Ortiz, Court IT Manager, Merced Superior Court

Superior_court Customer Profile - Each of California's 58 counties has its own superior court, which adds up to a total of 58 Superior Courts of California. The Superior Courts have general jurisdiction over all civil and criminal matters, with the exception of certain limited areas like workers' compensation where original jurisdiction is reserved by statute to government agencies. Merced County is a county located in the Central Valley of the U.S. state of California, north of Fresno and southeast of San Jose. As of 2000 the population was 210,554. The county is named after the Merced River.

Challenge:

The Superior Court of Merced County’s network was down for one week due to a worm attack. Solutions from McAfee, Cisco, and Symantec did not solve the problem.

Solution:

Within one hour of installation, Mirage NAC resolved the network outage and stopped the spread of Sasser variants, enabling LAN segments to return to normal.

Benefits:

» Significantly reduced network downtime by preventing worm propagation
» Reduced IT workload due to ease of deployment and maintenance
» Delivered immediate time-to-value with out-of-the-box effectiveness

Continue reading other LoveMyTool posts on Mirage Networks »

Posted in Network Access Control | Permalink | Comments (0) | TrackBack (0)

LoveMyTool - Open Community for Network Management and Monitoring

Protocol Analysis, Data Recorder, CALEA, Lawful Intercept, Application Performance, User Experience, Industrial Ethernet, Data Loss Prevention, Deep Packet Inspection, NetFlow, SOX, HIPAA and PCI Compliance, Switching and Routing, Forensics, VoIP, IPTV ... etc.

Local Search

Top 10 Posts

Recent Comments

LMT Authors

Recent Posts

By Technology