KEEPING TRACK AND THE MONITORING OF DATA – THE NETWORK OF THINGS

As network infrastructure and network monitoring spreads across multiple sites, data centres, servers and client devices, keeping track of the data which traverses it can become more complex and time consuming. Yet having detailed insight into exactly what information is being transmitted, and how it affects application, system and service performance, is a crucial business metric that cannot be overlooked.

With smartphones, Wi-Fi access points, cloud applications and software defined architecture, the volume of potential entry points into corporate networks has increased exponentially, with future deployments of billions of Internet of Things connected devices only set to make the situation even more challenging.

Data transmitted, stored and processed in off-premise cloud hosted infrastructure is another barrier to visibility.

Research company Gartner estimates that by 2020 a third of successful cyber attacks experienced by enterprises will be on shadow IT resources, which include public cloud services leased by company employees without the knowledge or approval of the organisation’s IT department.

Large volumes of information remains segmented by domain and organisational boundaries, often due to different tools being used by network and security operations teams with no consistent or standard way of accessing relevant information.

NETWORK MONITORING AND MANAGEMENT

Setting up policies on security controls, segmenting internal networks based organisational roles and adding policies to restrict traffic on those networks can all help, but IT departments need effective network monitoring to know that they are still working as they should. All that activity also creates a lot of extra work for hard pressed IT staff, who may benefit from automated tools that can be pre-configured to send alerts when pre-defined thresholds indicating potential anomalies are reached.

So little time? The Axians Managed Network Support brochure explains how we help companies free up time to achieve digital transformation and overcome network support challenges. Read More on Axians.co.uk

SECURITY, COMPLIANCE AND REGULATION

A better understanding of what is happening on the network is a good way to build a better defence against those cyber threats, especially in the case of advanced persistent threats (APTs) which sit quietly undetected over a long period of time having bypassed initial perimeter based obstacles such as firewalls and intruder prevention systems (IPS). The Deep Panda attack on the US Government’s Office of Personnel Management (OPM) in 2015 is one such example, which when eventually discovered was found to have been inside the OPM’s network stealing sensitive data for a number of years.

There is no one way to measure network traffic, but by identifying normal usage patterns it is possible to identify unusual, possibly suspicious, activity that could indicate a cyber threat at work. Monitoring tools can also identify vulnerable assets – the servers or routers that receive the most number of attacks for example.

Many organisations say blind spots are also a barrier to meeting the terms of current and soon to be implemented privacy legislation. One of the most commonly reported barriers to compliance with the EU’s forthcoming general data protection regulation (GDPR) is an inability to find data which is subject to the new rules due to lack of visibility into network linked applications and data repositories, for example.

DATA CENTRE MANAGEMENT

That visibility also extends into data centre network for troubleshooting and maintenance purposes, providing not only a snapshot of unscheduled downtime but identifying which individual switches, routers and other network ports are causing problems either through faults or misconfiguration that pushes large volumes of traffic their way.

The same is true when it comes to hardware consolidation, with engineers able to see which ports, servers or storage resources are under-utilised because they applications or processes they support are no longer or little accessed.

IMPACT OF CHANGES

A survey conducted by research company Vanson Bourne on behalf of Gigamon concluded that around 50 percent of organisations without complete visibility over all of the data traversing their networks felt that they were missing vital information that would help them identify cyber security threats.

A similar number (48%) also though their ability to understand what was being encrypted and what wasn’t is impacted as well as their ability to spot insecure applications and traffic. The survey polled 500 senior IT decision makers working for public and private sector organisations in the UK, France, Germany and the US, two thirds of which employed between 1,000 and 5,000 employees and a third over 5,000 staff.