pointer

Monthly Archives: January 2011

Narrowing Down Encryption: Why it Matters in Online Communication & Storage

Posted on by .

    The technology behind encryption is very specific and algorithmic. To better understand encryption, it helps to categorize its two main use cases.

    1. Communication
    Communication is probably the area where encryption is most widely used. And most of us use it every day without even thinking about it.

    Purchase something online for your birthday? It’s a safe bet that the communication between your browser and the retailer’s website transitioned to an encrypted link, in this case HTTPS, before any sensitive data was transmitted.

    Maybe you were on your wireless network at home while making the purchase? The link between your computer and the wireless access point is also probably using encryption, and if not, it should be.

    In general, encryption used in communication simply scrambles the data being transmitted in such a way that only the intended recipient can unscramble the data. Of course the details are much more involved, but the concept is that simple.  Different methods for scrambling the data and communicating the way to unscramble the data are available, with some being more secure than others. That’s why there was a transition over time in WLAN security from WEP (wired equivalent privacy) to WPA to WPA2 (Wi-Fi protected access). Communication channels are well suited to the application of encryption technology because these channels typically have some level of latency anyway (delay sending data from point A to point B) so adding a bit more because of the overhead of encrypting and decrypting the data is not a problem. Also, communication channels are typically the most vulnerable areas in computing, especially anything transmitted over wireless, and so encryption is necessary for adequate protection.

    2. Storage
    The other major use of encryption is in data storage. Stored data is typically not as vulnerable as transmitted data, as a perpetrator must somehow breach the asset where the data is stored, either physically, through built-in software protection like a firewall, or both. However, the density of stored data is much higher than that of transmitted data, so it can be a goldmine if access is gained.

    Encryption of stored data should be a common practice, just as in sensitive communication paths, but it isn’t. Communication protocols effectively govern the amount of data sent, so encryption is quite manageable.  But data stores, like file structures, databases, etc., can be extremely large, making the use of encryption more challenging, especially when that data is being accessed on a routine basis, and the users accessing the data are expecting near instantaneous responses when they access a database or open a document.

    Based on the perceived safety of stored data, and the delayed response time that encryption would add to every transaction, encryption for stored data is still not widely used today. There are exceptions, however. Data that is being archived, or are not routinely accessed, can be effectively encrypted with little penalty and a significant increase in the overall security of the data. Also, data on mobile devices, like smart phones, iPads, and even laptops and external storage devices is very vulnerable due to theft and loss, so use of at least selective encryption for sensitive data files should be considered.

    Encryption plays an important role in mitigating security related risk. However, encryption has limitations — particularly if it is not being used correctly. Learning more about encryption can help ensure that you’re using it properly and getting protection against as many kinds of attacks as possible.

      Narrowing Down Encryption: Why it Matters in Online Communication & Storage

      Posted on by .

        The technology behind encryption is very specific and algorithmic. To better understand encryption, it helps to categorize its two main use cases.

        1. Communication
        Communication is probably the area where encryption is most widely used. And most of us use it every day without even thinking about it.

        Purchase something online for your birthday? It’s a safe bet that the communication between your browser and the retailer’s website transitioned to an encrypted link, in this case HTTPS, before any sensitive data was transmitted.

        Maybe you were on your wireless network at home while making the purchase? The link between your computer and the wireless access point is also probably using encryption, and if not, it should be.

        In general, encryption used in communication simply scrambles the data being transmitted in such a way that only the intended recipient can unscramble the data. Of course the details are much more involved, but the concept is that simple.  Different methods for scrambling the data and communicating the way to unscramble the data are available, with some being more secure than others. That’s why there was a transition over time in WLAN security from WEP (wired equivalent privacy) to WPA to WPA2 (Wi-Fi protected access). Communication channels are well suited to the application of encryption technology because these channels typically have some level of latency anyway (delay sending data from point A to point B) so adding a bit more because of the overhead of encrypting and decrypting the data is not a problem. Also, communication channels are typically the most vulnerable areas in computing, especially anything transmitted over wireless, and so encryption is necessary for adequate protection.

        2. Storage
        The other major use of encryption is in data storage. Stored data is typically not as vulnerable as transmitted data, as a perpetrator must somehow breach the asset where the data is stored, either physically, through built-in software protection like a firewall, or both. However, the density of stored data is much higher than that of transmitted data, so it can be a goldmine if access is gained.

        Encryption of stored data should be a common practice, just as in sensitive communication paths, but it isn’t. Communication protocols effectively govern the amount of data sent, so encryption is quite manageable.  But data stores, like file structures, databases, etc., can be extremely large, making the use of encryption more challenging, especially when that data is being accessed on a routine basis, and the users accessing the data are expecting near instantaneous responses when they access a database or open a document.

        Based on the perceived safety of stored data, and the delayed response time that encryption would add to every transaction, encryption for stored data is still not widely used today. There are exceptions, however. Data that is being archived, or are not routinely accessed, can be effectively encrypted with little penalty and a significant increase in the overall security of the data. Also, data on mobile devices, like smart phones, iPads, and even laptops and external storage devices is very vulnerable due to theft and loss, so use of at least selective encryption for sensitive data files should be considered.

        Encryption plays an important role in mitigating security related risk. However, encryption has limitations — particularly if it is not being used correctly. Learning more about encryption can help ensure that you’re using it properly and getting protection against as many kinds of attacks as possible.

          The Keys to 10G Network Analysis

          Posted on by .

            Today’s networks are actually faster than most of the network analysis and troubleshooting solutions available. The result? Greatly diminished network visibility. This becomes a significant impediment if you’re deploying 10G, which can be difficult to troubleshoot in the first place. But don’t despair! It is possible in 10G environments to achieve both real-time visibility AND historical network traffic storage for post-incident analysis. You can add clarity to your analysis by being specific and selective.

            These three tips will have you seeing clearly:

            1. Understand the network and the data you need to collect.
            Do not blindly move forward and perform analysis without knowing what data matters most to your organization. It’s important to know exactly what you want to capture and what information is going to be beneficial for your analysis. Your requirements will likely vary between each network segment and you are probably going to have to capture data at several locations. The key is to use post-capture analysis and just save the data to a disk in real-time. Trying to capture and analyze simultaneously, in real-time, on highly utilized network segments can put too much strain on the system.

            2.  Capture only what you need.
            There is a great temptation to try to capture and analyze everything because enterprises fear that the source of the problem is not immediately known. When it comes to 10G Ethernet traffic, analyzing every bit of data is nearly impossible due to the volume of data. However, if you know your network well enough, certain conditions can be immediately ruled out. By using these clues to limit the collection and analysis to only what is necessary, you can dramatically improve network analysis performance.

            3. Revisit your limits.
            Even after analysis has been streamlined to only essential areas of the network, data capture for network analysis on 10G networks generates a great deal of data quickly, and managing the data becomes a significant challenge. The data is typically stored for subsequent retrieval and post-capture analysis. The two most common formats are standard packet files and databases. In either case, two metrics to manage closely are file size and frequency of disk writes. If the files are too large they will be unworkable on the computer being used for analysis. Smaller files lead to more frequent disk writes, and this can rob the system of resources for performing the actual packet capture. Optimum performance is achieved with a balance of these two demands, and this is different depending on the hardware resources available. After a few captures, you can determine if either of these parameters can be better optimized for your system.

            Alternately, network analysis solutions are available which write packets directly to disk, significantly increasing disk-write performance and overall throughput for capturing data for post-capture analysis. In cases where limits are difficult to define or implement, this is the best solution.

            In the end, paying careful attention to detail when analyzing 10G network management systems will reward you with the analysis and troubleshooting results you desire.