• Home

  • Technology

  • Five steps to build visibility and security in network
5
©2013 Ixia Five Steps to Building Visibility and Security Into Your Network You can’t secure what you don’t know about Contents Introduction 1 Step 1: Don’t Let Capacity Limit Access to Monitoring Information 2 Step 2: Reduce Unnecessary Data and Costs 2 Step 3: Get the ROI You Want From Your Existing Monitoring Tools 3 Step 4: Optimize Incident Response to Reduce Mean Time to Repair 4 Step 5: Optimize Your Network With Trend Analysis 4 Conclusion 5 Introduction As organizations seek to walk the networking tightrope between the demands of performance management and network investment, they clearly need something to hang on to, to help them keep their balance. Mature enterprises are increasingly turning to network visibility as that proverbial balancing pole. Without visibility, it’s difficult to manage operational variables to maintain high levels of network performance — and it is near impossible to understand the threats assailing the network to maintain security and control over network assets. But simply throwing money at network and security monitoring tools doesn’t provide the kind of visibility necessary to balance performance and control. Organizations also need to employ best practices to ensure that they are getting the most out of their network and security monitoring investments. Brought to you compliments of:

Five steps to build visibility and security in network

Embed Size (px)

DESCRIPTION

 

Citation preview

Page 1: Five steps to build visibility and security in network

©2013 Ixia

Five Steps to Building Visibility and Security Into Your Network You can’t secure what you don’t know about

Contents Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Step 1: Don’t Let Capacity Limit Access to Monitoring Information . . . . . . . . . . . . . . . . . . . . . . . . . 2

Step 2: Reduce Unnecessary Data and Costs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Step 3: Get the ROI You Want From Your Existing Monitoring Tools . . . . . . . . . . . . . . . . . . . . . . . . 3

Step 4: Optimize Incident Response to Reduce Mean Time to Repair . . . . . . . . . . . . . . . . . . . . . . . 4

Step 5: Optimize Your Network With Trend Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5

IntroductionAs organizations seek to walk the networking tightrope between the demands of performance management and network investment, they clearly need something to hang on to, to help them keep their balance. Mature enterprises are increasingly turning to network visibility as that proverbial balancing pole.

Without visibility, it’s difficult to manage operational variables to maintain high levels of network performance — and it is near impossible to understand the threats assailing the network to maintain security and control over network assets. But simply throwing money at network and security monitoring tools doesn’t provide the kind of visibility necessary to balance performance and control. Organizations also need to employ best practices to ensure that they are getting the most out of their network and security monitoring investments.

Brought to you compliments of:

Page 2: Five steps to build visibility and security in network

2 ©2013 Ixia

Return to top

The following five-step approach can help IT keep its balance while gaining that crucial visibility into the network:

Step 1:

Don’t Let Capacity Limit Access to Monitoring InformationIn an ideal world, network monitoring offers a window into the infrastructure, allowing IT to make more informed decisions about how to configure the network for improved performance and respond rapidly to security incidents. But this paradigm depends on one assumption: You must have the capacity to support it. Without enough network connections available to plug in monitoring and security information and event management (SIEM) tools simultaneously, the organization effectively neutralizes the underlying assumption of visibility afforded by monitoring.

On a nontechnical level, you could compare it to plugging all of the lights in your house into a single power strip: If the strip can handle only seven lamps but the house needs 10 to keep all the rooms lit, then you’re left with the prospect of unplugging three lamps to plug in three others. At any given time, some part of the house goes dark.

From a networking perspective, capacity restrictions that hamper full monitoring coverage make it difficult to gain a full understanding of how well the network is performing across all components of the infrastructure. These capacity limits can also prove a considerable security liability, as an organization that must ration monitoring will sometimes be unable to pinpoint risk indicators that crop up in those areas of the network that have gone “dark” due to disabled tools. This is why it is so critical to implement a monitoring solution like the Ixia Anue Net Tool Optimizer (NTO) to help address your TAP and SPAN port shortages in a cost-efficient manner. Doing so makes it possible to engage all of the monitoring and SIEM tools required for maximum visibility, without having to outlay the budget to buy more hardware to support those tools.

Step 2:

Reduce Unnecessary Data and CostsAchieving comprehensive network and application monitoring on all network traffic can be a double-edged sword. On the plus side, a full slate of monitoring tools allows organizations to analyze all aspects of the network for clues to help fine-tune performance and protection. But on the flip side, those monitoring tools are looking at everything, including all of the redundant and extraneous packets streaming through the infrastructure.

Plain and simple, the more unnecessary packets cluttering network traffic, the harder it is to sift through the mound of data to find the relevant information necessary for maintaining solid perfor-mance and spotting security issues. Unfortunately, the typical monitoring tool today is clogged with an unending stream of redundant information and duplicate packets. It costs more to not only process all this data, but to also store duplicate data on the SAN.

Page 3: Five steps to build visibility and security in network

3 ©2013 Ixia

Return to top

In order to get the most from your monitoring investment, it’s critical to find ways to strategically cut down on packet clutter. This kind of decluttering is something the Ixia Anue NTO excels at — it cleans up the stream so that the data being monitored is the data that matters.

Step 3:

Get the ROI You Want From Your Existing Monitoring ToolsEven after cleaning up a packet stream, though, it’s still possible for organizations to be over-whelmed by the information pumped through their monitoring tools. Depending on the legacy architecture, organizations could be faced with the prospect of drinking from the proverbial data fire hose.

For instance, analysts at Enterprise Management Associates (EMA) found that at the University of Texas at Austin, IT teams responsible for protecting network integrity and analyzing packet streams for network monitoring, analysis and troubleshooting were using traditional network switches to provide packet streams by replicating traffic back to the monitoring tools.1

“But we had a problem,” the university’s chief information security officer told EMA. “As [traffic] volumes grew, these mirrored flows were exhausting resources on the switches, causing packet drops. We had been doing this for years using old Cisco switches, so it wasn’t costing us much, but volume was really becoming an issue and dropping packets was simply not acceptable.”

This is where the strategy of segmenting packet information, filtering it and directing it to specialized monitoring tools can help IT teams manage and parse out that flow of information, giving organizations a better ROI from their existing monitoring investments.

Ideally, organizations should consider instituting port balancing to enable optimized distribution of information without overloading the monitoring tools. Meanwhile, three-stage filtering — ingress, egress and dynamic filtering — of the information being distributed will ensure that just the right amount and right type of information is distributed to the appropriate tool.

Ixia believes that not only are these capabilities critical, but that they also need to be easy to control. Time is money, and the faster administrators can configure their tools, the higher the ROI. That’s why Ixia puts the power to distribute the correct information in administrators’ hands, using a GUI equipped with drag-and-drop filters. Users can create contingent, or floating, filters for segmentation in a fast and easy way.

It’s the solution that the University of Texas used, and as a result, the school expects to achieve a 120% payback on its investment during the next five years, with a projected $846,000 in cost savings.

1 “ROI Experiences with Network Monitoring Switches — University of Texas at Austin,” Enterprise Management Associates, 2012

http://www.enterprisemanagement.com/research/asset-free.php/2330/pre/ROI-Experiences-with-Network-Monitoring-Switches---UT-Austin-pre
Page 4: Five steps to build visibility and security in network

4 ©2013 Ixia

Return to top

Step 4:

Optimize Incident Response to Reduce Mean Time to RepairThe longer it takes IT to actually respond to security or operational incidents, the more risk it incurs for the business and the more expensive such incidents become. This is where automating responses to incident triggers picked up in monitoring traffic is so crucial to gaining the most return on monitoring investments. Organizations that are able to optimize real-time reactions to performance issues or security problems tend to reap the most ROI — because the faster they respond, the more likely they are to reduce their mean time to repair.

Another benefit of adding a monitoring switch to the network infrastructure is that organizations can eliminate the need for crash carts and change board approval. Crash cart and change board procedures are put in place to deal with SPAN/TAP shortages and the risk of network disruptions or outages when any physical change is made to the IP network. History has repeatedly shown that when IT has to make network changes on the fly, it far too often results in additional — potentially worse — disruptions. With a monitoring switch installed, network disruptions are minimized. IT can change/copy the data streams through software filtering, which has far fewer risks. Risks can be further minimized by testing configurations through a simulator first, before uploading any new configurations into the monitoring switch. Only a few monitoring switches, such as the Anue NTO, offer this simulator functionality, but it can be a powerful tool for optimizing the data network.

While visibility solutions like the Ixia Anue NTO monitoring product don’t fix the problems themselves, they make it easier for an organization’s expert problem solvers to take care of issues more quickly. Operations staff can be automatically apprised of issues that are hindering performance, greatly reducing troubleshooting time. And security personnel are tapped into information about where, when and how attacks are occurring so they can more strategically plan for a proactive defense.

The idea is simple: By developing a set of trigger scripts, the monitoring switch can respond when problematic conditions are met. So, in the case of security, if network traffic is deemed suspicious by the security tool, it will be sent to the appropriate security tool or network recorder for analysis. At the same time, an alert can be sent to the incident response team, whose members will immediately have all the necessary information at their fingertips when they access the network to troubleshoot the incident. The Anue NTO offers an additional layer of security through integration with SIEM tools. This integration makes it possible to automatically send relevant information to these tools for better correlation of seemingly disparate events.

Step 5:

Optimize Your Network With Trend AnalysisNetwork planning requires long-term strategies that depend on business intelligence. Without a long history of network intelligence, it is difficult to devise a strategy based on anything other than guesswork.

Page 5: Five steps to build visibility and security in network

5 ©2013 Ixia

Return to top

Not only can a network monitoring switch like the Anue NTO help with immediate issues like distribution of information to monitoring tools and automated incident response, but it can also provide the capabilities needed to make decisions that feed into the organization’s strategic vision. By using the historical trend data offered by the monitoring switch, organizations are better able to institute proactive network optimization on the operations side, rather than running the network reactively. Customers can watch trends and anticipate when network capacity will need to be added, rather than being surprised by network segments reaching capacity. Additionally, that same statistical information can be used to validate service-level agreements.

ConclusionAll too often, organizations throw money and bandwidth at network performance and security problems without ever achieving the network intelligence to fix the root causes. In order to strike that perfect balance between secure performance and reasonable investment, it takes a monitoring switch like the Anue NTO to achieve the kind of visibility necessary for that intelligence. The Anue NTO helps organizations filter unnecessary packets and distribute data optimally to existing monitoring tools so that they are never overloaded by data that eventually could be lost. Automatic trigger scripts help organizations get the most out of their monitoring investment by reducing mean time to repair. And all of that valuable trend data is made available so that organizations can be more proactive about their infrastructure decisions. Most important, it’s all done in a way that reduces complexity, through a consistent management interface across all deployment scenarios. This power of simplicity drives the power to create more network monitoring ROI.

To learn more, visit http://simpleis.ixiacom.com

http://simpleis.ixiacom.com

Build startup 10 steps

Build startup 10 steps

Business
Linkedin - build your visibility in 6 simple steps

Linkedin - build your visibility in 6 simple steps

Technology
Reval Infographic: 5 Steps to Global Cash Visibility

Reval Infographic: 5 Steps to Global Cash Visibility

Economy & Finance
Design / Build Basic Steps:

Design / Build Basic Steps:

Documents
Important Steps To Build Windows Phone Apps

Important Steps To Build Windows Phone Apps

Technology
Friendship circle 5 steps to increasing visibility & interaction

Friendship circle 5 steps to increasing visibility & interaction

Technology
SUBAGEN Build Steps 1-12 Complete

SUBAGEN Build Steps 1-12 Complete

Documents
Steps towards a communicative build methodology Towards A... · build methodology Brissenden, PG Title Steps towards a communicative build methodology Authors Brissenden, PG Type

Steps towards a communicative build methodology Towards A... · build methodology Brissenden, PG Title Steps towards a communicative build methodology Authors Brissenden, PG Type

Documents
10 Steps to Gaining Visibility Online

10 Steps to Gaining Visibility Online

Self Improvement
How to build 1Wamp in 5 Steps

How to build 1Wamp in 5 Steps

Documents
7 Steps to Build a Better Resume

7 Steps to Build a Better Resume

Documents
Gain Greater Visibility and Build a Pipeline that Never Leaks

Gain Greater Visibility and Build a Pipeline that Never Leaks

Technology
Six Steps To Build A Successful API

Six Steps To Build A Successful API

Documents
3 POWERFUL STEPS TO BUILD A

3 POWERFUL STEPS TO BUILD A

Documents
10 steps to build a Standard Operating Environment · 10 Steps to build a Standard Operating Environment ... Define your Core Build ... 10 Steps To Build A Standard Operating Environment

10 steps to build a Standard Operating Environment · 10 Steps to build a Standard Operating Environment ... Define your Core Build ... 10 Steps To Build A Standard Operating Environment

Documents
20 steps to build an awesome personal brand

20 steps to build an awesome personal brand

Business
8 steps to build trust with content

8 steps to build trust with content

Health & Medicine
“Five Steps to Build a Winning Strategy.”

“Five Steps to Build a Winning Strategy.”

Business
How to Build Better Apps in 4 Steps

How to Build Better Apps in 4 Steps

Mobile
How To Use Social Media To Build Your Online Visibility

How To Use Social Media To Build Your Online Visibility

Social Media
Ten Steps to Increasing Data Center Efficiency and Visibility through Infrastructure Monitoring

Ten Steps to Increasing Data Center Efficiency and Visibility through Infrastructure Monitoring

Business
2017 Sponsorship & Visibility Opportunities96bda424cfcc34d9dd1a-0a7f10f87519dba22d2dbc6233a731e5.r41.… · 2017 Sponsorship & Visibility Opportunities ... Companies build teams for

2017 Sponsorship & Visibility Opportunities96bda424cfcc34d9dd1a-0a7f10f87519dba22d2dbc6233a731e5.r41.… · 2017 Sponsorship & Visibility Opportunities ... Companies build teams for

Documents
THE GLOBAL IDENTITY OF CITIES - brookings.edu · 29/7/2020  · THE GLOBAL IDENTITY OF CITIES Seven steps to build reputation and visibility for competitiveness and resilience GREG

THE GLOBAL IDENTITY OF CITIES - brookings.edu · 29/7/2020  · THE GLOBAL IDENTITY OF CITIES Seven steps to build reputation and visibility for competitiveness and resilience GREG

Documents
4 Steps To Build Teamwork

4 Steps To Build Teamwork

Sports
AS350/H125 · AS350 COWLING MAINTENANCE STEPS AS350/355 REAR CROSS TUBE MAINTENANCE STEPS Cowling Maintenance Steps High Visibility Doors Document Holders

AS350/H125 · AS350 COWLING MAINTENANCE STEPS AS350/355 REAR CROSS TUBE MAINTENANCE STEPS Cowling Maintenance Steps High Visibility Doors Document Holders

Documents
Build a private cloud in 1000 easy steps

Build a private cloud in 1000 easy steps

Documents
Twitter Steps to Enhance Social Media Visibility - Susanne Petersson

Twitter Steps to Enhance Social Media Visibility - Susanne Petersson

Social Media
Build a time machine: 10 simple steps

Build a time machine: 10 simple steps

Technology
Six Steps to Build Successful APIs

Six Steps to Build Successful APIs

Technology
10 steps to build a business case

10 steps to build a business case

Business