Security Visibility: Do You Know Who's Been In Your House? (Part II)
Ixia Network Visibility Solutions welcomes a guest blogger today, Tim O’Neill from LoveMyTool.
On Wednesday, we looked at three of the top ways network visibility can help keep your network secure. Below are a few more:
4. Focus on what’s important. As the network manager, you know where your corporate gold – the important and sensitive data that cannot be compromised – is in your network and servers. You must create your views, and check your security policies and procedures, with protecting this gold in mind. If you do not know where the corporate gold is, you really should go find it as it deserves your full protection!
5. Monitor with purpose. As the network engineer and manager it is your duty to monitor to protect this corporate gold, as well as to find any illegal, immoral or misusage that can compromise your company. If someone is using your network for attacks, illegal solicitations, identify theft or worse, not only will your security be compromised, but you and your company could potentially be held liable. The U.S. Secret Service and the FBI estimate that more than 20% of cybercrimes were aided by insiders. This statistic should send chills down a network manager’s spine!
6. Monitor for attacks and losses from attacks or illegal usage. Attacks should be able to be recognized by several features and the data attached to an attack should be stored so that the attack can be stopped in the future. This can also help mitigate and provide the depth of any losses. For example, knowing the number of customers that had their information compromised potentially can save your company millions of dollars.
7. Take advantage of relative time filtering. Now, with the advent of relative time filtering you can use a huge variety of tools for a new, unique level and special view into your network, sessions, server access and applications. Filtering allows you to use many tools, from open-source to commercial, without having to buy high data rate and expensive tools. Filtering allows us to use inexpensive and/or open-source tools – by deleting out the non-essential information or directing it to another tool, this allows these tools to handle the data rate.
In general, it is important to choose a filtering solution that is field-upgradable (you do not have to send it back for upgrade); one that was built from the ground up to be a real filter, not a SPAN port in a new chassis; one that has been tested and certified by real labs; one that is easy to program so everyone on your team can use it; one that is truly proactive within as well as capable of fitting into your external network management system; and one that withstand scrutiny when using records for civil or criminal evidence.
Remember even if you can capture all the data in your network, without filtering on the important information it would take you years to review the unfiltered and focused information! Get REAL, Get FOCUSED, Be SUCCESSFUL through Filtering!
Here’s a little bit about Tim:
Tim O’Neill – The “Oldcommguy™”
Technology Website – www.lovemytool.com
Committee Chairman for Cyber Law Enforcement training and Cyber Terrorism
For Georgia State Senator John Albers
Please honor and support our Troops, Law Enforcement and First Responders!
All Gave Some – Some Gave All – All deserve our Respect and Support!