Page 13 - CDM-Cyber-Warnings-March-2014
P. 13
Another challenge for monitoring tools is the handling redundant copies of packets recorded from many monitoring points across a network. Eliminating duplicate packets increases recordable network time, providing greater visibility. To avoid overload, you need to eliminate copies of redundant packets in the network monitoring system before they arrive at the monitoring tools. BYOD, Virtualization and Cloud Headaches Getting back to technology trends, a year ago we were debating whether bring your own device (BYOD) policies would take off. That’s been decided now. I have recently read that nearly 60- percent of employees are participating in a BYOD program. But despite the flexibility and convenience for employees, there’s a lot at stake for the IT and security teams tasked to manage all of these external devices from a central location. Another change in the data center landscape is the drive to more and more networks to use virtualization to increase network capacity, application performance and the drive to cloud computing. Monitoring both physical and virtual networks adds another level to a network monitoring strategy fueled by expansion of both data volume and complexity. According to Gartner, little more than a year ago, virtualization had penetrated over 50% of all server workloads, and continues to grow. Gartner also reported that over 60% of these virtualized servers will be less secure than the physical severs they are replacing. Assuring network visibility means aggregating the virtualized traffic with the physical traffic to provide a holistic view of the entire network. This can be done using many-to-many connectivity – aggregating a series of SPAN or tap links, then filtering the traffic for specific criteria such as the IP or MAC address, and outputting that traffic to a designated analysis device. Companies need advanced multiple-stage filtering to get the right data to the right tools. Data Sovereignty The last element of the perfect storm is data sovereignty, which has led to legislation we must all obey. Some changes depend on the country you’re sitting in, or the place where you’re doing business. If you lack a continuous view into the state of end points, network devices, systems, applications, and processes, you have a serious compliance problem. The best solution is real-time risk management through continuous monitoring. This allows you to keep constant track of devices, vulnerabilities, configurations and network events in order to more quickly detect, assess and resolve threats. Continuous monitoring delivers an unbroken stream of real-time information on the state of risk to security, data, and the network, including cloud devices and applications. Without an intelligent and continuous network monitoring system, gaps and vulnerabilities in the overall network could go undiscovered between point-in- time audits, leaving the system vulnerable to attacks. Don’t Let the Perfect Storm Happen To prevent your network from getting washed away in the storm of data and threats, you need to stay on top of your game and in control of your data. From a cost perspective, it is prohibitively " # % " $ " # ! !
