Category Archives: network forensics

Adoption of High-Speed Networks Keeps Growing, as Does Need for Network Monitoring

One of the most impactful ongoing trends in the IT space is growing adoption of 10G, 40G and 100G networks. As businesses continue to utilize more video, emphasize mobile communications and deploy complex cloud-based applications, they are confronted by the reality that 1G networks simply don’t have the capacity to meet these new demands.

Upgrading network capacity was traditionally an expensive investment, particularly for SMBs with limited resources. But just as happens in all markets, with technology maturity comes falling prices, and such is the case for high-bandwidth networking. In fact, Crehan Research Inc. recently released a report that predicts that competition and other factors will result in lower price points in the coming years for 10G, 40G and 100G Ethernet switches, leading to increased adoption of these technologies, and resulting in relatively stable overall Ethernet data center switch average selling prices.

“Aside from continual cost reductions and port-density improvements, price drops are being driven by factors such as increased competition in the data center switch market (including numerous recent entrants), low-priced white box and merchant operating system offerings, and the price negotiating power of some of the very large, hyper-scale public cloud vendors,” said Seamus Crehan, president of Crehan Research, in a statement regarding the report.

More affordable high-speed networking is certainly good news for businesses with increasing traffic demands, but adoption does come with obstacles. Higher rates of data transfer can obscure a complete system view for network engineers, making troubleshooting problems more difficult. As a result, the increased traffic flying across the network—and the applications that rely on that traffic—may suffer.

To combat network visibility problems, organizations can adopt network monitoring solutions designed specifically to handle 10G, 40G and 100G speeds. Top-shelf network analysis and recording tools capture network traffic that makes data available simultaneously for real-time examination. If a performance problem arises, the network administrator is immediately alerted and can tackle the issue. Additionally, network recording tools allow for forensic searches that pinpoint specific network faults or breach attempts and produce benefits like:

  • Network and security data that is captured 24/7
  • Reduced mean time to resolution (MTTR), achieved by eliminating the time-consuming step of having to reproduce problems before they can be analyzed, and responding to issues in real time
  • Greater understanding of service-level compliance within an organization
  • Compliance with government regulations and human resources policies achieved by auditing and tracking all network activity
  • Elimination of brute-force analysis across disparate data sources that is replaced by nuanced graphical reports and application performance scoring

Network monitoring solutions should be factored into the design of these high speed infrastructures otherwise there is a high likelihood of reduced or complete loss of visibility. So the question is: Does your business have what it needs to make the most of a faster network?

Click here to download our white paper, “Real-Time Performance Visibility in 10/40 GbE Networks”

Market for Network Forensics Tools Expected to Keep Growing

Network forensics is often thought of reactively, as a tool to be employed only after something has happened. Today, however, in which the pace and frequency of ecommerce is consistently increasing, forensics can no longer be treated as an afterthought. Rather, businesses must focus on network monitoring and analysis in real time if they hope to avoid the huge costs— both in revenue and in consumer trust—that cybercrime can take on their operations.

This importance is highlighted in a recent study that valued the market for network forensics tools between $120 and $180 million. That valuation is only expected to grow as companies compete for a share of a widening pie and focus on tighter integration of security tools.

The wide scale adoption of network monitoring tools is a result of their immense utility. Some of the benefits of the tools include:

  • 24/7 capturing of network and security data exchanges
  • Reduced mean-time-to-resolution through the elimination of crime reproduction problems
  • Better understanding of compliance issues
  • Enhanced implementation of governmental and Human Resources regulations

If those benefits aren’t enough to convince you of network forensics’ utility, you might also consider some of their wide-ranging capabilities:

  • Comprehensive data collection: Allows quick access to any and all network data in a single, easily-searchable system
  • Flexible data collection: Easily tailored to specific ecommerce needs and setups
  • High-level analysis: Eliminates the need for forced or reactionary tactics, focusing instead on preventative measures

Whatever the scope of your business, powerful network monitoring tools can head problems off and, if and when problems should occur, allow for comprehensive understanding and troubleshooting. In such a rapidly growing and competitive global marketplace, network forensics can mean the difference between crippling security issues or enhanced customer loyalty and peace of mind.

View a recent WildPackets survey on Trends in Network Forensics to gain insight on adoption, uses and importance.

Security Series Part 3: Improved Network Forensic Performance Bolsters Security Posture

Data breaches are constantly occurring in organizations of all sizes and industries. As such, you should assume that you’re under attack, or that one is forthcoming, and plan accordingly with network forensics tools. These tools must be able to capture, store, and analyze all network incidents going across the wire and replay them as needed. When a data breach occurs, these devices are invaluable.

An effective network forensics solution gives IT organizations and security teams a complete record and analysis of network activity over hours or days. When security tools raise alerts, IT organizations can use the network forensics tools to analyze traffic and find proof that an attack has actually taken place.

Common use cases for forensics include: 1) Confirming whether an incident was a false positive or real 2) Finding proof of a security attack 3) Identifying the source of data leaks 4) Monitoring user activity for IT/HR compliance and 5) Verifying business transactions.

Earlier this week, WildPackets announced the release of Omni 8.0 which accepts  time stamping from network packet brokers such as APCON, Gigamon, and Ixia. In addition, Omni 8.0 offers greatly improved forensics performance by up to 64%! Along with our record breaking capture- Continue reading