pointer

Tag Archives: network security

Network Packets Matter to Security Professionals

Imagine that you investigate car accidents. When you arrive at a scene, you see the smashed cars, skid marks, bent post, and whatever else, and quickly determine that one car came into the path of the other one. This paint on the fender matches that dent in the other car, for example, and even the angles where the car ended up tell a story.

Now imagine that the insurance company asks you to investigate an accident that happened last month. You can still go to the scene, but this time, all you see are some skid marks, a still bent post, and a few other things. But no cars. Perhaps you can still figure out what happened, but it isn’t easy.

Being an accident investigator without being able to see the cars is the situation that security incident investigators find themselves in when they are investigating a breach and can’t see the packets that were the vehicle for the attack.

The problem is that most attacks aren’t discovered for months, and by that time, the packets are gone. It just isn’t practical to store weeks and months of network traffic; a network averaging only 3 Gbps requires 7.5 petabytes of storage in 229 (the median time between breach and discovery according to a recent study.) And since it is the median time, even with 7.5 petabytes, you’re missing half the security events. So let’s double it to be safe. And assume we’re buying relatively inexpensive storage. That is still over $5 million!

The answer is intelligently determining what to store, but that’s the subject of another blog post. Stay tuned!

The Top Challenges for Network Engineers in 2015

In 2014, IT professionals faced myriad challenges on a number of fronts; unfortunately, these employees are unlikely to get a rest in 2015. The job of network engineer seems to grow more difficult each day, as these employees continue to see an increasing number of complex tasks land on their desks. Still, solutions do exist that can help lighten the load for these IT professionals. With that in mind, here’s a list of some of the high-priority obstacles engineers will face in the new year and the products that can help them meet those challenges:

Handling More Traffic on a Similar Budget

Worldwide IT spending is on the upswing as businesses across all sectors try to meet customer expectations. Still, global IT spending rose just 2.1 percent overall in 2014 according to Gartner, less than earlier predictions of 3.2 percent. At the same time, some analysts predict network traffic will double in 2015. So, although some IT engineers will see modest budget increases, they may not get enough money allocated to hire new personnel, meaning they will have to adopt or make better use of high-speed network monitoring solutions to handle increased traffic.

Ensuring QoS With Increased High-Bandwidth Traffic

Organizations are being forced to ramp up bandwidth to support more complex customer-facing applications and increased use of enterprise video, VoIP and other high-bandwidth internal traffic. This shift to network speeds of 10G or higher, however, can present a problem for engineers because it becomes more difficult to monitor traffic at those greater speeds. If engineers can’t see the network traffic, they can’t troubleshoot in real time, and network performance suffers both for employees and customers using the organization’s applications. As a result, network and application performance monitoring solutions will become critical to keeping systems running smoothly.

Dealing With Increasingly Frequent and Complex Security Threats                  

Unfortunately, 2014 was a banner year for hackers and a trying year for IT security and C-level executives. Businesses in a wide variety of sectors experienced malicious hacks and data breaches that had a profoundly negative impact on the infiltrated companies’ public image and fiscal health. Considering that hackers have successfully breached government agencies and large banks, the frequency of attack is likely to grow in 2015. Spending on cybersecurity is already rising, with the research firm MarketsandMarkets predicting the global market will reach $155.75 billion by 2017, up from $95.60 billion in 2014. As more businesses look to adopt high-quality cyberattack analysis and network forensics solutions, those numbers may grow even larger.

Will Your Engineer Be Ready?                                                                                               

Your network engineer is going to face some serious issues in 2015—that is not in doubt. What remains to be seen is whether that engineer will be able to handle these challenges, which will depend largely on the tools at your organization’s disposal. WildPackets offers a wide range of products and services that enable network engineers to do their jobs more efficiently with pin point accuracy.

Are you interested in learning more about network monitoring and analysis? Click here to visit our resource page and download one of our white papers.

WildPackets Host Free Webinar Series on Network Forensics and Security

As attackers and attack vectors evolve more and more every day, further evidence pertaining to breaches and data exfiltration attacks come to surface only in Web traffic. When you suspect an attack, you need to answer the questions who, what, when and how – fast. Network forensics offers the best answer. Security analysts and network engineers can use network forensics to analyze what tactics a hacker used to infiltrate the network. With a clear view of all traffic, engineers can drill down quickly into any anomalies and uncover the source of a data or security breach. Knowing the importance of this tool, we thought it valuable to offer a series of free webinars on leveraging modern network forensics to protect your data.

On December 17th, Jay Botelho, Director of Product Management for Wildpackets will cohost with Keatron Evans, Principal of Blink Digital Security. They will be highlighting how network forensics—network traffic recording along with powerful search and analysis tools—can enable your in–house security team to track down, verify and characterize attacks. Keatron will look into a few real-world security breach scenarios as well as demonstrate best practices for attack analysis using network forensics.  We’ll look at common “browse by” hacks, rootkit based exfiltration and covert channel communications as the attack vectors and how to investigate them.

On December 19th, WildPackets resident experts will host a live, hands-on workshop with interactive demos and use cases.

Register at the below sites to participate:

Dec 17thLearn How to Use Network Forensics to Investigate Security Breaches

Dec 19thNetwork Forensics for Security Investigations

If you are interested in learning about network monitoring, analysis trends and best practices for troubleshooting wireless networks and virtual environments, don’t miss these webinars.