pointer

Monthly Archives: September 2009

Tracking Down Sony's Roadmap Leaks

Posted on by .

    Yikes… This week Sega exposed some of Sony’s highly sensitive future plans. Information regarding Sony Playstation 3 and motion controllers discussed in a meeting with Sega were leaked in a document that made its way onto Sega’s press site.
    So, who is responsible? How did this happen? If this happened in your company how can you find out? Enter network forensics.

    Network forensics refers to the capture, storage and analysis of digital evidence that flows through your enterprise network. The most complete solutions record every single packet that is transmitted over your corporate networks. So, any emails, instant messages, FTP traffic or any other form of communication that takes place on the network can be reconstructed from the original transmissions. It doesn’t get any more accurate than that. Network Forensics essentially allows you to reconstruct the history of your entire network.
    IT personnel utilize network forensics to analyze historical network traffic to conduct or assist in many types of investigations. A few common applications for Network Forensics include HR compliance, intermittent issues, security cyber attacks and transaction analysis. This often starts with terabytes upon terabytes of data. Some tools, like OmniPeek, allow you to analyze data at the point of capture, thus eliminating the need for large data transfers (which are typically done) that consume time and bandwidth. OmniPeek also provides simple and intuitive means to drill down into the relevant data, making easy work out of finding the needle in the multi-terabyte haystack.
    Using network forensics, you can track down the culprit. Of course, network forensics has many uses other than hunting down perpetrators, but it can be helpful in uncovering sensitive leaks. If they’re not already, Sega should be using network forensics to get to the bottom of this snafu.

      Tracking Down Sony’s Roadmap Leaks

      Posted on by .

        Yikes… This week Sega exposed some of Sony’s highly sensitive future plans. Information regarding Sony Playstation 3 and motion controllers discussed in a meeting with Sega were leaked in a document that made its way onto Sega’s press site.
        So, who is responsible? How did this happen? If this happened in your company how can you find out? Enter network forensics.

        Network forensics refers to the capture, storage and analysis of digital evidence that flows through your enterprise network. The most complete solutions record every single packet that is transmitted over your corporate networks. So, any emails, instant messages, FTP traffic or any other form of communication that takes place on the network can be reconstructed from the original transmissions. It doesn’t get any more accurate than that. Network Forensics essentially allows you to reconstruct the history of your entire network.
        IT personnel utilize network forensics to analyze historical network traffic to conduct or assist in many types of investigations. A few common applications for Network Forensics include HR compliance, intermittent issues, security cyber attacks and transaction analysis. This often starts with terabytes upon terabytes of data. Some tools, like OmniPeek, allow you to analyze data at the point of capture, thus eliminating the need for large data transfers (which are typically done) that consume time and bandwidth. OmniPeek also provides simple and intuitive means to drill down into the relevant data, making easy work out of finding the needle in the multi-terabyte haystack.
        Using network forensics, you can track down the culprit. Of course, network forensics has many uses other than hunting down perpetrators, but it can be helpful in uncovering sensitive leaks. If they’re not already, Sega should be using network forensics to get to the bottom of this snafu.

          $200 Million Says Plenty about the Network Monitoring and Performance Market

          Posted on by .

            If anyone had doubts about the strength of the network monitoring/reporting/troubleshooting market, this week’s news should put those doubts to rest. Of course we’re referring to the announced purchase of NetQoS by CA for $200M in cash. This is a multiplier of approximately 4 over the reported 2008 annual revenue of $56M from NetQoS. Not a bad deal indeed for the current economic climate.
             
            Though not sexy, and often considered commoditized, the network monitoring/reporting/troubleshooting market may be just the opposite. At the core of this market is packets. Yes, I said packets. Geeky, techie, call it what you want but we’re back to basics on this one. Accumulating statistics on the basis of packets, whether through direct, deep packet inspection or through the use of flow-based technology available in most contemporary routers and switches, is proving to be a highly valuable capability, especially as networks grow and IT staffs shrink.
             
            For years it seems the industry tried to steer clear of packets, looking to higher-level solutions like SNMP, but in the end it’s becoming clear that packets never lie, and to obtain reliable network data one must start with network packets.
             
            Now, I think we’re going to come full circle on this one. Even the solution from NetQoS – which relies on flow-based information from routers and switches – can’t provide the level of detail compared to complete packet inspection.  And this technique provides no capability of unequivocally determining a root-cause for reported problems. It merely shows network trends and alerts when thresholds are exceeded – it does not allow for detailed analysis as the offending data has already passed through the network. That’s why NetQoS partnered with Network Instruments and OEM’d their Gigastor solution. With that partnership, NetQoS could provide the full monty – network reporting, monitoring, and troubleshooting. Or, as I see it, coming full circle back to packet capture and deep packet inspection — the only way to truly identify network issues.
             
            The purchase of NetQoS by CA provides validation that the network monitoring/reporting/troubleshooting market is not only alive and well, it is thriving. The traditional, “full-featured” network management solutions (like CA) are realizing that quality network monitoring, reporting, and troubleshooting are key features, and that they need capabilities like flow-based monitoring and deep packet inspection to continue to claim that their solutions are complete. The value of these types of solutions continues to rise, and the “big boys” have only two options, start developing fast or acquire. And with the head start many of us have with our network monitoring/reporting/troubleshooting solutions acquisition is by far the better alternative.