Wireshark Capture Interface Issue (by Tony Fortunato)
How TCP Works - MTU vs MSS (by Chris Greer)

How To Improve Network Security and Performance (by Keith Bromley)

How To Improve Network Security and Performance 

As you may have seen, I like to talk a lot about network visibility – what it is and what the benefits are. Therefore, I often get the question, “So, how can I specifically use network visibility to solve my problems?” – sort of a Jerry Maguire “show me the money” type of question. The short answer is that there are lots of use cases available, it simply depends upon what your individual needs are. Let me show you.

Hopefully you have heard of the term “network visibility” by now. It has become commonplace over the last year or so. If not, network visibility is simply the ability to see what your network is doing and how it is performing. You can get a longer narrative of the definition here and free resources on network visibility are available here. While some might think that network visibility is a non-issue these days. It’s actually not. Many networks have had, and continue to have, network problems such as:  downtime, slow running applications, missing data, expensive troubleshooting activities, and security breaches.

The first half of the solution to this problem is straight forward. You should consider implementing a visibility architecture. This approach allows you to integrate your network architecture with your security architecture so that you can capture all of the data that you need. The right data is crucial to minimizing (and even preventing) downtime, repairing the network as fast as possible, meeting and exceeding your internal and external customer SLAs, and maximizing your network security.

The second half of the solution is to implement the right technology and processes to solve your problems. Basically, what can you, and what should you, implement? Let’s look at this subject in further detail.

First, you need to figure out what your specific trouble areas and blind spots are. You may already know about several of your problem areas. At the same time, you probably do not know what you do not know. So, there may be some hidden problems as well. These areas, called blind spots, are where you can’t tell (or don’t know about) that there is an issue. There are numerous sources for blind spots including:  the use of cloud networks, silo IT, rogue IT, mergers and acquisition with different networks and applications, etc. You can get more details on blind spots in this article .

Once you figure out what your problems areas are, take a look at this free resource. This resource examines 6 different categories of solutions that resolve different types of known problem areas and/or blind spots. These areas include:

  • Network security improvements
  • Cost containment capabilities
  • Enhanced troubleshooting efforts and network reliability
  • Removal of network blind spots
  • Optimization of Network Performance
  • Strengthening of regulatory compliance initiatives

In fact, the book contains 68 different examples of what you can do (i.e. use cases), broken down by those six categories. Some examples are:

  • How to expose indicators of compromise
  • How to make inline security tool deployments more reliable by using High Availability
  • How to reduce/eliminate the need for Change Board Approvals and crash carts
  • How to use application intelligence to conduct proactive troubleshooting
  • How to simplify inline SSL decryption by using an NPB with integrated decryption
  • And many others

Once you read the book, you will have a very good of what you should do and how to go about improving network operations. It shows you how to combine taps, bypass switches, network packet brokers, application intelligence, and security and monitoring tools to achieve your security and monitoring goals.

If you want more information on this topic, click here to see a list of resources that also might help you, especially if you want more details of the various use cases described in the book.

KeithAuthor: Keith Bromley is a product marketing manager for Ixia, Inc., with more than 20 years of industry experience in marketing and engineering. Keith is responsible for marketing activities for Ixia’s network monitoring switch solutions. As a spokesperson for the industry, Keith is a subject matter expert on network monitoring, management systems, unified communications, IP telephony, SIP, wireless and wireline infrastructure. Keith joined Ixia in 2013 and has written many industry whitepapers covering topics on network monitoring, network visibility, IP telephony drivers, SIP, unified communications, as well as discussions around ROI and TCO for IP solutions. Prior to Ixia, Keith worked for several national and international Hi-Tech companies including NEC, ShoreTel, DSC, Metro-Optix, Cisco Systems and Ericsson, for whom he was industry liaison to several technical standards bodies. He holds a Bachelor of Science in Electrical Engineering.

Oldcommguy dubs Keith "One Of The Good Guys" in today's technology!

Please note - Keith has many other popular articles on WWW.Lovemytool.com - and on Ixia.com