Network Critical - The Window to your Network

It's a Mod Mod World


With apologies to William Shakespeare, “To be (modular) or not to be (modular). That is the question.” Many network products from TAPs and Packet Brokers to security appliances and switches offer varying levels of modularity in their design. The associated advantages and risks with each design approach make for an interesting discussion.

Modularity The primary advantage to a modular design is flexibility. A product that is designed with groupings of ports in modules is a chameleon. A single chassis can support a variety of applications, speeds, media and connections. After the initial design, when needs and/or speeds change down the road, a complete system change is not usually required. One can simply replace one module with an different version to accommodate the new requirement.

A modular TAP is a good example. TAPs are used to efficiently connect security and analysis appliances to network links. TAPs offer secure and fail safe tool connections so network managers can protect, analyze and enhance network performance. However, many networks have a variety of physical connections, speeds and media throughout the network. Modular TAPs embrace a variety of connection requirements by making standard modules that fit in a single chassis. This way multi-mode fiber connections, single mode fiber copper connections, 1Gbps connections, 10Gbps, can all be accommodated by a single chassis.

This design also simplifies power requirements. Rather than racking up a number of different chassis each with its own power requirement, a single modular chassis can be racked and powered using different modules as required.

Another benefit is growth accommodation. Since the chassis is usually the least expensive component in this design, managers can deploy a larger chassis than what is currently required and add ports as needed down the line for growth.

Reliability is another consideration. While the design of a modular system may be very reliable, modular systems have more opportunity for human error by improper insertion of modules damaging connectors. Once everything is installed and connected, modular and fixed systems have similar reliability results. So, with proper training and care, modular systems can closely match reliability of fixed systems but human error must be more closely managed.

Modular systems add a little to manufacturing costs because there are more components and a more complicated design than a single use fixed platform. This extra cost may be mitigated by the benefits noted above. Over the long run, total cost of ownership may actually be lower than a fixed system.

Fixed Systems Even though modularity has many benefits, fixed systems have a place in the network equipment market as well.

Fixed systems are cheaper to design and manufacture. There are fewer connection points and fewer components needed to perform the required function. So, if the application is fixed and not expected to grow or change, some budget money may be saved using a fixed configuration system.

Reliability is generally good with fixed systems. There are fewer components and connectors that can cause problems. The installation and deployment functions are usually simpler with fewer opportunities for human error. Not that I say fewer opportunities for human error. We all know that no product is completely “human proof.”

Overall reliability relies on many factors including the engineering and manufacturing quality of the vendor. One of the critical issues with fixed systems is that if the product fails, there is no way to partially fix it. The solution to a failure is usually to return the entire system for repair or replacement. Depending on the criticality of the function, a failure may bring the network down or require severe work arounds until the product can be replaced or repaired. Modular systems, by comparison, may have replacement modules in local stock for simple and fast replacement of failed components.

Hybrids Many systems offer a hybrid solution providing basic port connections augmented by slots for a variety of application and connection requirements. The systems provide the best of both worlds in flexibility and growth and also similar, although less critical, problems associated with fixed systems.

There are some cost savings by integrating base connection functionality with the chassis. If the base configuration fits your needs this solution can be attractive. The extra slots, if flexible in speed, connectivity and media can provide for easy management of growth and network changes. Problems with the connections in the integrated base chassis may still require a system change but problems in the modules may be easily mitigated.

Conclusion The conclusion here is that “it depends.” There is actually no right or wrong solution when it comes to the fixed vs modular discussion. Like many other design issues, your specific requirements will guide the decision. It is important to look at all options in relation to what you are trying to accomplish and available budget.

The message here is that there is no substitute for thorough, thoughtful and meticulous planning. Chart our your needs for speed, media, connectivity, reliability, future flexibility, growth and cost. Search out a vendor that provides the solutions that meet your requirements grid.

Fortunately, companies like Network Critical offer solutions that are completely modular, completely fixed and hybrids. You will find a wide variety of network monitoring solutions in the Network Critical portfolio supported by a team of experts to help you develop and support your specific network needs. For more information or to talk with a network monitoring expert go to www.networkcritical.com.

Posted: 17/03/2017 13:44:07 by Network Critical with 0 comments

Is America Dreaming?


We may be one of the most (if not the leading) technologically advanced nations in the world. But I can promise you this:

It’s highly likely we’re not as prepared as we think we are.

Just this morning, I read an article that suggested our country is the most appealing target for cyber criminals. This targeting of our systems and infrastructure is not just because of our wealth and wide access to technology. We are also targeted for our ideological views as well, a factor which I believe is the most vital factor in the war on virtual crime.

While we’re left picking up the pieces after the latest cyber attack attack, the criminals are already planning their next 3. It’s almost impossible to prepare ourselves for the latest threat, because exactly what that threat is stretches beyond definition. The constant process of evolution and refinement based upon how successful it is, is never ending, making what we’re fighting against hard to pinpoint.

I know this. You know this. Our community knows this, and yet, the majority of our industry is still far too reactive.

And with the stock markets consequently suffering a sobering loss of $136.5 billion in value back in 2013 because of a fake tweet from the Associated Press (accessed via a successful spear-phishing email opened by an Associated Press journalist), it has become clear that there is a lot more at stake than our pride.

Despite our collective experience, most of us are already on the back foot; I appreciate not everyone in the community will agree with me given our marked progress in recent years, but can we really afford to risk complacency? The phishing attack intended to influence Iran’s most recent presidential election proves that national infrastructures are being lined up and told to face the wall; you don’t need me to tell you our country’s safety is at risk..

Sharing is caring

Just because they’re getting increasingly smarter however, doesn’t mean we’re forced to simply wait and scramble to repair the damage whenever they choose to attack next. On the contrary, we should be fighting fire with fire.

Let’s face it, cyber criminals aren’t the type to retreat when they fail, and they certainly aren’t the type to rest on their laurels once they succeed.

They’ll be collaborating, sharing which approaches have worked (as well as which haven’t) and they’ll have started planning their next attack before long. In fact, it’s probably what they’re doing right now, and we’d be foolish not to explore the possibilities of using a similar approach.

They’re working together and discovering new methods of best practice, so we need to start working together.
They’re sharing previous experiences, so we need to start sharing experiences.
It’s not a matter of being extra secure. We no longer have a choice.

We’re dealing with an ever-evolving enemy which presents consequences which no longer just affect us. With our national security on the line, we can’t afford to simply win today’s battle and ignore tomorrow’s war.

The private LinkedIn forum I recently created isn’t the sole answer to all our problems, but I believe it’s a step in the right direction. By bringing together like-minded individuals to discuss how we’ve overcome cyber-attacks and what methods of defense have paid off, as well as the future of our industry, we can turn the tables and put the cyber criminals on the back foot.

It’s time we stopped talking about the latest high profile cyber security breach, and started making moves to prevent them from happening. If you’re on the same page, then click through below and get involved in combatting the criminals threatening our virtual security.

Posted: 16/03/2017 19:37:12 by Network Critical with 0 comments

Moaning and Droning in the Asia Pacific Region


The Asia Pacific region has had a particularly difficult year when it comes to cyber crime. According to Security Asia, some of the high profile attacks in the region include cyber attacks on the database of 55 million voters at the Philippines Commission on Elections, the National Payment Corporation of India, the Bangladesh Central Bank, and massive data leaks as shown by the Yahoo data incidents. This small sample includes attacks on the financial industry, government and technology.

A Frost and Sullivan’s 'Asia Pacific Cyber Security practice' reports that Singapore lost about US$19 million through Business Email Compromise (BEC) attacks during the first nine months of 2016. Growing at 20% YoY, this type of cyber crime is predicted to overtake Ransomware in 2017. The report goes on to speculate that BEC attacks can potentially become the main type of cyber threat in Asia Pacific.

We know that DDoS attacks have become a menace and are being enabled by the growing global popularity of IoT and its corresponding lack of device security. Internet attacks accomplished by creating huge volumes of traffic from thousands of unsecured, connected devices such as traffic cameras have the potential to shut down urban intelligent transport systems, airport traffic control systems and other critical infrastructures.

Cyber attacks including BEC, Ransomware and DDoS attacks are growing and becoming a big business in APAC as well as other regions around the world. Many areas in the APAC region that are technologically advanced are actually more vulnerable due to the volume of connected devices and systems. Intelligent transit, WiFi and WiMax, digital street surveillance, web enabled government services are all great conveniences to local populations. However as the population adjusts and learns to depend on these new technologies, they become more vulnerable to attacks.

One of the newer cyber attack modes is using drones to scan for unsecured WiFi networks. Singapore University of Technology and Design has demonstrated that it is possible to launch cyber attacks using only a drone and a smart phone. As drone technology develops and improves, the criminals will certainly use it as another tool in their criminal arsenal.

So, there is no shortage of scary stories about cyber crime and its potential for mass carnage against large populations. The question is what are we going to do about it? Whose responsibility is it to protect us from this devious and largely anonymous threat? The answer is ours.

Governments must increase information sharing and cooperation. Laws and enforcement agencies must work hard to catch up and keep up with this fast evolving threat. Device makers must design security measures into connected equipment. Sure, yes, and absolutely for all those ideas. However, right here, right now in the Asia Pacific Region, businesses and individuals must be educated and vigilant against these crimes.

Business networks need to establish and enhance their cyber security departments. Security budgets must expand to include the introduction of new appliances that help anticipate attacks by learning normal network patterns and isolating anomalies.

Appliances such as Data Loss Protection, Intrusion Protection and Next Generation Firewalls must be deployed through independent TAPs on network links. Other specialized appliances should also be considered for specific vulnerabilities. There are appliances that will isolate all emails with an attachment to a “sandbox” and test the attachment for malware prior to sending it on to the recipient. This is a potential defense for BEC attacks. It is always prudent to regularly backup and store critical data off-line.

TAPs and Packet Brokers can help manage the maze of specialized appliances by allowing fail-safe connection to links, mapping what data goes where, and filtering out packets and ports that are not relevant to each appliance. These security devices simplify deployment and make it easy to make additions and changes to your security stack as new technologies advance.

So, don’t moan about the drone. Enhance your security profile, educate your employees, and deploy strong defenses to block breaches rather than repairing the damage after a devastating attack.

Posted: 10/03/2017 15:15:10 by Network Critical with 0 comments

Network Critical Moves USA Headquarters


Network Critical, a global innovator of network access and visibility products, announced today that they are moving their USA headquarters in Alpharetta, GA. The move will enable an increase in support and services to their growing customer base in The Americas: North, Central and Latin America and the Caribbean.

Alpharetta is known as the Technology City of the South, and for good reason. Over 77% of the workforce is employed in professional/technical positions. Major global tech companies such as HP, Microsoft, Lancope and Verizon have a significant presence in the area. Further, companies can draw talent from outstanding universities such as Georgia Tech, University of Georgia and Georgia State University among others. Alastair Hartrup, CEO of Network Critical said, “We are now very familiar with the rich talent and activity which surrounds Alpharetta. The new move will ensure that our relationship with the local tech industry remains strong, whilst allowing us to extend the global reach of the produts and services we provide.”

The new office address is:

Network Critical NA LLC.
3755 Marconi Drive
Suite 107
Alpharetta
GA 30005
USA

About Network Critical:

Network Critical is an industry leader in network access technology. Our technology ensures 100% continuous network visibility. Network Critical products eliminate any concerns of downtime and scale easily as the network grows. The health of your network is always secure with Network Critical products. Our range of TAPs and Packet Brokers are used with IDS, IPS, network traffic monitoring tools, sniffers and more, to provide 100% network visibility with zero packet loss. For more information, visit http://www.networkcritical.com.

Posted: 02/03/2017 17:05:06 by Network Critical with 0 comments

Something Needs to Change


Before I weigh in with my two cents worth, I’d like to share a personal experience. Way back in spring 2006, I was awarded a contract to assist the Department of Transportation as they worked to submit the required systems Certification and Accreditation to OMB.

It was a tall order, but nonetheless I looked forward to the assignment; I assumed the only downside would be the pages of Government paperwork that I was required to submit before I could even step inside DoT headquarters. In order to obtain my ID badge, I had to provide personal details not just about myself, but my family and friends as well.

Fast forward to summer 2015, when OPM notified me that their database had been compromised; as many as 21.5 million individual records had been stolen and there was a “strong possibility” that the personal data included in my DoT paperwork was amongst them. Now it’s fair to say that this ‘strong possibility’ wasn’t an absolute certainty. But given that my family and close friends information was stolen as well as my own, let’s just say that I wasn’t very open to considering the ‘possibility’ that my data had been untouched. Would you have been?

Sure, I’ve since been offered a prepaid subscription to an identity theft monitoring program, but let’s be candid. That’s the virtual equivalent of deciding to install smoke detectors in your home, after it’s been burned to the ground. Taking steps to protect the people you’re responsible for, only after they’ve been compromised, means you’ve failed. It’s that simple.

I’ve since heard that OPM has introduced two-factor authentication as a common working practice since the incident. But given that’s a feature found on most iPhones, why did it take so long for a Government department to implement it as a basic security measure?

No matter where you stand politically, no one can deny that we share a mutual concern; virtual criminals are becoming increasingly sophisticated by the day, so a level paranoia comes with the territory in the Public Sector. What continues to alarm me is that we’re all seem to be victims waiting for the next headline to hit. We are so preoccupied with fixing the destruction caused by the last attack we didn’t see coming, that we don’t have time to be proactive about preventing the next one.

There tends to be a reliance on assumptions and ‘what we know’. But given the increasingly unpredictable and unparalleled nature of these attacks, is what we know good enough anymore?

With far more exciting targets such as the NSA and the Pentagon, I for one would’ve completely dismissed anyone who predicted the possibility that a Government agency such as the OPM would be targeted, and I’m willing to bet I’m not the only one.

Back in 2011, Iran admitted to overriding and taking control of a US drone and amazingly, the story once reported seems to have disappeared from our minds. Clearly, the political and military consequences were discussed but surely there should be more time committed to asking “if a drone can be hacked, what else can?”

We need to consider the far-fetched, worst-case scenario given our current climate. If a drone can be overridden, who can absolutely guarantee the same wouldn’t happen to a plane with a pilot onboard? Is a commercial air traffic control tower just as at risk of being compromised as the OPM? Are similar, low visibility departments at risk, like the Department of Veteran Affairs?

More recently the Chinese military unveiled their latest fighter aircraft the Chengdu-J20. The aircraft bears a striking resemblance to our F-22 advanced fighter. Anyone who has seen the J-20 can’t dismiss the fact that somehow the Chinese were able to hack into either a DoD or subcontractor network and steal proprietary specifications and designs for the F-22. Fortunately stealing the designs appears to be a simpler task than duplicating the sophisticated technology that provides the F-22 pilot the ability to see and fire upon enemy aircraft even if the enemy is behind them.

Fighting fires once the damage has been done is an all too common practice. But as for best practice? That comes with discussion, sharing our experiences and bouncing ideas off each other - and I’m not referring just to our world and industry leaders.

It’s time we took a more proactive role in actually preventing the constant threat of cyber criminals that we face daily, instead of simply waiting for the latest breach to make the news, and reacting to it.

For an industry that operates in the background to ensure our information is protected, we’re being caught in the headlines way too often, and for the wrong reasons.

Sometimes it’s on a global scale, sometimes it’s personal. But one things for certain, something needs to change.

Last week I created a LinkedIn closed group to bring together informed, like-minded people who want to take a different, more proactive approach to combatting cyber security.

The group isn’t designed to be a passive, voyeuristic forum. Its purpose is for those that want to come to the table with strong ideas, share best practice in a trusted environment and are ready to hit the issues head-on together.

That way, we have a fighting chance of preventing more disastrous headlines.

You can join ‘The Cyber Security Forum’ here.

Posted: 01/03/2017 03:38:45 by Network Critical with 0 comments

The New Battlefield: Cyber Space

Cyber warfare is real. It is happening now. In fact, while you are reading this blog, government and corporate cyber resources are under attack around the globe. Here are a few recent examples:

Department of the Navy - Hacked through contractors emails. 134,000 sailors have had their personal information and social security numbers stolen. This information will likely be sold for the purpose of identity theft. This is not just stealing information to make credit cards and buy stuff on a fictitious account. This hack is more. This is cyber warfare. This hack is compromising the families and distracting the focus of service men and women in the Navy.
National Security Agency - Hacked by the Shadow Brokers. This group actually hacked a hacking group within the NSA called the Equation Group. According to Kaspersky Labs, the code that was leaked by Shadow Brokers is used by Equation Group for its own hacking and decryption operations. This is real spy vs spy stuff but it is all done behind the cyber curtain. Today it is code vs code.

People’s Liberation Army Unit 61398 is a division of the Chinese military that is dedicated to hacking corporations and governments around the world. A report by computer security firm Mandiant provided detail on this organization and, after many diplomatic denials, the Chinese government actually confirmed the existence of the group.
The CIA and FBI have confirmed that Russian hacking groups have been very active in trying to influence the outcome of the 2016 United States election. Congressional investigations are being organized to gather more detail on the scope and influence of these efforts.

Following is a quote from former US President Obama on the subject: “America’s economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace and maintaining an open, interoperable, secure, and reliable Internet. Our critical infrastructure continues to be at risk from threats in cyberspace, and our economy is harmed by the theft of our intellectual property.”

Cyber warfare is our biggest threat today. It is more effective than blowing up buildings and roads. It is more effective than killing and capturing opposing forces. It is the warfare of the 21st century. It is warfare that captures minds and hearts, not just bodies. The new bombs are fake news, leaked emails and violent propaganda. The United States spends hundreds of billions of dollars on new fighter jets, bombs and automatic weapons. Yet, the Marine Corps database, managed on contract with HP, was not secured. This is what allowed SQL injection breach to the Marine Corps Intranet by the Navy hackers noted above.

The latest budget proposal from Obama significantly increases the federal spend on cyber security to $14 Billion. While this is good news, the United States cyber security spend is still a tiny fraction of the overall military budget of almost $600 Billion. Imagine the future potential if the military budget included $2 Billion dollars of scholarships to West Point and Annapolis for promising students to study cyber security and cyber warfare. Imagine the potential of funding $1 Billion in research into cyber warfare initiatives. These should be the budget priorities of the future.

For the time being, however, it is also important to recognize and act on the urgent need for vigilant management of network security profiles, continuous training, and permanent monitoring and management with tools that are available now.

Tapping links and utilizing Firewalls, Intrusion Prevention Systems (IPS), Data Loss Prevention (DLP) and other threat landscape reduction tools are a promising start to deterrence of debilitating breaches from foreign governments as well as domestic hackers. Packet Brokers are capable of providing simplified connection of multiple security tools. These devices allow mapping of data flows to specific tools and provide fail-safe protection to the network in case one of the security tools goes off line. Further, tools may be connected redundantly for maximum security without compromising network availability.

Cyber warfare is the new battlefield. It is quiet but effective. It is hidden from public view but very much a public threat. We have some good tools to fight it now but must up our game for the future. Military investment must maintain our traditional fighting forces but must also support a rapid transition to fighting a new type of war.


Posted: 21/02/2017 16:54:58 by Network Critical with 0 comments

Why Network Critical Loves RSA


The first full day of exhibits at the RSA Conference opens on February 14, 2017. There will be many very smart men and women roaming the aisles, talking to experts and learning about the latest advancements in cyber security. Network Critical will once again have a presence at the show talking about TAPs and Packet Brokers, the window to network traffic inspection, analysis and protection.

Before we get into the technical stuff, however, I will remind you to be sure to call home this evening! I know that it is easy to get wrapped up in the planning and excitement of the event but February 14 is also Valentine's Day. Your spouse, significant other, better half, partner…someone who loves you…is likely at home helping kids with homework, cooking and taking care of home-oriented business. It can sometimes be tough being on the road at certain times but it is also tough taking care of things at home when your loved ones are gone. So, send flowers and call to say thanks for taking care of things while I am away and I LOVE YOU.

This brings us around to thinking about why we love RSA. There are a lot of trade shows around the globe all year long. RSA, however, is uniquely focused on cyber security and it is located in the global heart of cyber technology. The Silicon Valley is birthplace of solid state technology, The Intel 8080, ARPANET, Internet, the Mouse, GUIs, Ethernet and many other technological firsts.

So, now here we are at the RSA Conference, where the world talks security. A few of the seminars available include Securing the Converged Cloud, Advanced Information Risk Practices, Ransomware, Security Foundations and many more. One of the speakers on the Monday agenda will talk about Analytics, Intelligence and Response which brings us to the actual point of this blog. Why does Network Critical love RSA?

When we talk to security engineers, network managers, IT directors we hear that they are interested in learning more about advances in TAP and Packet Broker technology. It is not that they have never heard about TAPs. It is not that they are not up to date on the industry. It is often that they do not associate TAPs with cyber security. Many believe TAPs are physical. TAPS are for testing. TAPs are for diagnostics. TAPs are for trouble. This is all correct but TAPs are more.

Many security experts still do not recognize the importance of permanently connected, fail safe visibility for all security appliances. So, here at RSA, we get to share this important message…TAPs are for security. TAPs are non-invasive. TAPs are safe. TAPs help security tools operate more efficiently. TAPs are simple to deploy. TAPs are not very expensive. TAPs are the foundation of your security appliance platform.

We are surprised when we hear that many think that Packet Brokers are the same as TAPs. While some Packet Brokers can have integrated TAP functionality, their primary function is different. Packet Brokers add efficiency and simplicity to more complicated networks of security appliances. They also contribute to the efficiency of connected appliances as well as the reliability of the networks they serve. Packet Brokers are security appliances. Packet Brokers provide the foundation for building a robust security, analysis and performance appliance stack in more complicated networks.

Being at RSA and being in the heart of the Silicon Valley, gives us the opportunity to meet, educate and advise industry experts who will be driving internet security practices for our industry. From the early conferences at Stanford University to the much larger current events at Moscone Center, RSA has always been a conference focused on idea exchange and education over promotion.

We look forward every year to the RSA Conference for the opportunity to share best practices about utilizing multiple specialized appliances for robust, high availability network protection. We look forward to learning from others at the RSA conference so we can continue to improve our contribution to cyber security. For more information or to schedule appointments with our technical experts at the show visit www.networkcritical.com/contact-us.

Posted: 14/02/2017 17:14:30 by Network Critical with 0 comments

Yin and Yang of Buying and Selling


Heat and Cold. Male and Female. Dark and Light. Buying and Selling. Masculine and Feminine. These are all opposing forces of nature. In Chinese philosophy, however, Yin and Yang, which represents these opposing forces, are not exclusively oppositional. There is interaction, interplay and interchange between the two. Although they are in opposition of each other, they are also complementary of each other.

The masculine and feminine, for example, are opposites but they also need each other. The differing qualities of each, compliment each other and are necessary for each to become whole. Buying and selling is prime example of the Yin and Yang of business. The buyer has a need and the seller has a product or service to fulfill that need. There is interplay between the parties. If the proper balance is achieved during negotiation, the buyer receives value from the purchase and the seller receives currency in return.

Many think of the buying and selling relationship as adversarial. When approached correctly, however, it is actually complimentary. Just as the Yin and Yang interact and interplay, the key to a proper buyer and seller relationship is education, interaction and communication.

Buyer, Know Thyself - Being prepared for the process is critical to the buyer. The thought that the buyer should just call a sales person and learn everything he needs to know from that single interaction could be a costly shortcut. The sales person may enjoy that interaction because it potentially gives him the upper hand in creating a scenario that best fits the product he has to sell. The sales person can direct the conversation and influence the buyers position on the key requirements of the buyer. In fact, it is the responsibility of the buyer to know and prioritize his specific requirements prior to the sales conversation. This allows the buyer to better understand how the product that the sales person is presenting fits the buyers actual requirement priorities.

It is also desirable for the buyer to do some preliminary research on potential solutions prior to engaging the sales person. By investigating options from competitive companies, the buyer will have a better understanding of which solutions may be the most beneficial for his particular need. Then, when meeting with representatives from the prospective providers, the buyer will be in a better position to probe about strengths and weaknesses of the various proposals.

Seller, Listen Before You Talk - Taking a quote from Covey Leadership Center’s book about the habits of highly effective people, “Seek first to understand, then to be understood.” Many sellers start right off with a detailed presentation of their product and all the wonderful features that it contains without first asking the buyer about his primary needs. The buyer should actually be doing most of the talking during the first part of the presentation. The seller should be questioning and listening and understanding the needs of the buyer.

More experienced and expert sales representatives may even probe to understand non-product related potential buying motivations. Beyond product features, there may be undertones of politics, job preservation, brand loyalty or other emotional forces at play.

Finally, understand why this purchase is important to the prospective buyer. This question is key to focusing the presentation. The list of features is your menu. No one goes into a restaurant and orders everything on the menu. The sales rep needs to understand what menu items will satisfy the hunger of the buyer and match the meal to the hunger.

Yin and Yang are interactive. Buying and selling are interactive. The most productive business relationships develop around the cooperative interaction between the educated buyer and the interested seller. Obviously, there are many more details and complications in every business interaction. Both buyers and sellers learn with experience and training how to best navigate these relationships. Understanding the basic Yin/Yang philosophy, however, is a great foundation for developing beneficial relationships between vendors and customers.

Posted: 03/02/2017 13:52:39 by Network Critical with 0 comments

IoT Momentum and Internet Security


Have you ever been running so fast that your momentum propels your torso faster than your legs can keep up? As a kid we used to go to a hill at the park and run down as fast as we could. After a few quick strides, our bodies would soon overtake our legs. It was soft grass so our tumbles caused no real damage. It was kid fun. Playing this game on gravel or cement, however, causes a very different result. I have some elbow and knee scars from my childhood to prove it.

The IoT movement is running downhill. Its body is the unchecked market acceptance of everything being connected to the internet. Its legs are device security built in by manufacturers. Connected devices and networks include TVs, refrigerators, ovens, medical devices, automobiles, security cameras and nearly everything else you can imagine. However, the security built into these devices is nearly non-existent.

In late October, a DDoS attack on domain name provider Dyn took down many popular websites. Rather than build an expensive device to blast enough data at the site, the attackers used many small devices to blast garbage data at a single site. It is believed that the devices that were hacked to create the attack were connected video cameras. The Dyn attack set a record blasting data from various innocent sites at a combined rate of 1.2Tbps.

Considering that only a few years ago connected devices other than computers and cell phones numbered in the hundreds of thousands. Today there are millions of devices and rapidly heading to the billions. According to Thomson Reuters Zawya, worldwide installed base of connected devices will exceed 28 billion devices by 2020 with a market revenue of over US$7 trillion (yes, with a T). Yet, there is no coordinated effort to establish security standards for these devices. Security can be expensive and companies generally want to take cost out of consumer devices rather than add cost. This is particularly true where the consumer likely will not see a particular advantage. From the consumer's perspective, there is no motivation to pay extra for perceived esoteric features such as access security.

I suggest, however, that the consumer will soon become more aware of the security (or lack of security) built into their connected devices. The more we all become connected to the internet, the more dependent we will all be on the internet. Amazon Echo and Google Home are two excellent examples of our growing dependence on the internet.

Home and Echo are extensions of your iPhone or Android. However, they can coordinate with other connected devices such as streaming TV, lights, thermostats, calendar, oven timers and more. Are people going to feel comfortable connecting everything they own to a single device that is open to off-the-shelf hacking software? Can you imagine the consequences? As connected devices proliferate and consumers consolidate control of the devices for convenience, the controller becomes a critical single point of failure. A hack into a Home or Echo device can turn off the heat in the dead of winter, turn on a stove when the owners are away or turn off lights in preparation for a home invasion. These are real issues with life or death consequences. I am not sure that consumers have thought this through, but certainly the consumer products industry should.

The automotive industry did not impose airbags on themselves and the bankers did not create reserve ratios. These are critical social imperatives that were forced upon these industries for the safety and stability of society. The internet is quickly becoming such a social imperative that the government should be well on its way to developing security standards for all connected devices.

Companies continue to invest heavily to protect their networks with Intrusion Protection Systems, TAP’s and Packet Brokers, Data Loss Prevention, malware scanning software and other technologies. Even with all that, there are still vulnerabilities.

As consumers move deeper and deeper into internet dependence, security becomes more of a critical imperative and less of an add-on feature enhancement. Hopefully, the industry will see that its continued growth and success are dependent on device security and internet protection. If the internet fails, all connected devices become worthless.

The current and anticipated future momentum is great for the industry. However, if the security legs do not develop at the same pace, the whole system will come tumbling down in a heap.

Posted: 30/01/2017 12:59:14 by Network Critical with 0 comments

Cyber Skills Gap


Are the bad guys better than the good guys? The Financial Times Cyber Security Summit Europe was held in September. The presentations focused on cyber crime against financial institutions and their vulnerabilities to such attacks. Obviously, this is a lucrative target for criminals because billions of dollars pass through inter-bank transactions and clearing systems. At risk is catastrophic failure of our digital financial system.

First, lets look at our modern global financial system.

Money is an imaginary system of mutual trust. In fact, money is the most universal and most efficient system of mutual trust ever devised. Throughout human progress in history, we went from bartering a sheep for seed, to trading gold coins for various products and services. Eventually paper currency was developed and backed by empires and governments. Now most of our currency is electronic bits backed by governments and financial institutions. Just as cash money has no intrinsic value, neither does an electronic debit. They are just bits of information stored on a server. However, our trust in the institutions that manage these bits is the foundation of the entire global economic system.

The sum total of money in the world today is about $60 Trillion. The sum total of actual currency in circulation in the world is about $6 Trillion. More than 90% of the money in the world today exists only as bits on computer servers. So, now, how important is managing and securing the servers that maintain this currency? The very survival of our economic system depends on our trust that the underlying currency information is safe and available.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) provides a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardized and reliable environment. A significant breach of inter-bank transactions sent alarms through the industry.

SWIFT transactions were manipulated in February and August of 2016 by a group called Ordinaff. In the February breach, the Bank of Bangladesh lost $81 Million. The SWIFT system is constantly under attack and the skills of the attackers seem to be very sophisticated. Alain Desausoi, CISO at SWIFT commented at the summit, “We were surprised by the gap between the skills of the attackers and the cyber security practices in the banking industry.” One of the problems discussed is that while the threat is the same worldwide, the necessary skills to manage them are not the same in all countries. The February attack was caught by an alert manager who noticed a typo in a transaction message. If not for that catch, this breach could have been in the billions of dollars.

Back to the skills gap. The financial industry is under attack and will continue to be under persistent attack by cyber criminals who want to steal money, data, identities and more. In order to maintain trust in the system, the industry must close the skills gap between it’s employees and those of the enormous and well financed hacking industry. The Financial Times summit is a cooperative effort to work through these issues and develop practices to protect our financial systems.

Some of the resolutions that came out of the summit include improved information sharing, more resilient software, improved security practices, traffic pattern detection to identify anomalies, and ensuring banks have the right security partners. The banks understand the enormity of this problem and are working towards solutions to thwart cyber aggression against our most trusted global institution.

Intelligent network monitoring devices coupled with Data Loss Protection, Intrusion Prevention and abnormal activity search and block appliances are being deployed by financial networks around the world. Multiple security appliances are being connected by TAPs and Packet Brokers to provide robust protection without impacting network reliability or availability.

These network protection technologies coupled with consistent employee training, cooperation with local law enforcement and strict access policies will help manage the cyber aggressors for now. Ultimately, upgrading international law enforcement cyber skills, inter-agency cooperation, stiff penalties and ruthless tracking of cyber criminals will be required to maintain our global digital monetary system. We must close the skills gap between the good guys and the bad guys before faith and trust in the system erodes.

Posted: 19/01/2017 16:56:23 by Network Critical with 0 comments

Right Tool for the Job


Have you ever tried to tighten a screw with a butter knife? How about tapping a nail into a wall using the butt end of a screw driver? How often do you use a chair to reach the top shelf instead of getting a ladder or step stool? How often do you put your body (life?) at risk by opting for the expedience of substituting the appliance at hand for the proper appliance for the job?

Time is scarce. Money is scarce. We all take certain risks to save money and or time. Sometimes the risk pays off by getting the job done with the tool at hand. Sometimes, we end up in the hospital.

The question of the day is, “Do I try to knock this job out with whatever is at hand or do I spend time researching and acquiring the proper tools for the job?” This question is relevant in the office as well as in the home. For the Network Engineer or IT Manager, the question comes up often. Networks grow, traffic patterns change, and new security challenges are presented every day. Budgets are limited and often not as flexible as required to effectively manage the ebb and flow of network administration. Network Engineers are famous for making do with what is available and often demonstrating great creativity resolving emergency situations.

There are many multi-function appliances that are helpful with network management tasks ranging from analysis to security. Often the multi-function appliances offer up front cost savings and adequate performance. Some of the trade-offs are speed of processing and depth of utility to the job at hand. There products are not necessarily bad. It is simply that their utility is limited to a particular environment where breadth of performance is adequate and depth is not required. However, for other networks where maximum security is critical and deep analysis is necessary, multiple specialized appliances need to be deployed.

Deploying best in class appliances for each of many specialized network tasks is the preferred method for high performance, high availability network administration. The challenge is how to efficiently deploy and manage the many tools that are available to maximum efficiency.

There are a three problems inherent with the multiple appliance deployment method. First is cost. To purchase four, five or more appliances for each link on a large network can be very expensive. The performance and security provided may well be worth the cost but, nevertheless, it is still a budget stretcher. Second is network impact. Many appliances, particularly those providing malware protection and threat detection, need to be deployed in-line. Deploying multiple appliances in-line may impact network reliability and availability. As any single appliance goes off-line, the entire link is impacted. Third is management. Each of these appliances needs to be managed individually. They will have unique performance objectives as well as individual input requirements. Managing inputs and outputs can become a complex and time consuming task. Further, as the network environment changes, so must the multitude of connected appliances.

There is a single solution to all three of the issues mentioned above. Connecting appliances to links via Packet Brokers like the SmartNA-X HD can reduce tool costs, mitigate reliability issues and simplify deployment and management.

Cost - Aggregation and filtering features can save CapEx by reducing the number of appliances needed on the network by allowing a single appliance to support data flows from multiple links.

Network Impact - By-Pass and Fail-Over Relay features can protect network traffic in the event that an appliance fails or otherwise goes off-line. Link-lock and multi-level administrative password protection provide security and control of network data.

Simplified Management - Connecting multiple appliances through a single Packet Broker provides deployment and management benefits that save OpEx and improve appliance efficiency.

Best in class security, best in class malware protection, best in class application acceleration, best in class application performance management, best in class network analysis, best in class visibility, and more can all be efficiently deployed and managed through intelligent Packet Brokers. For more detail on these tools see www.networkcritical.com.

While making do with whatever tool is at hand may get the job done, it is fraught with potential disaster. Emergency room doctors stay very busy patching up patients who fall off chairs because they did not take the time to bring a proper ladder in from storage. Choosing short term convenience often leads to long term disaster. Making the time and effort to develop a proper plan and procure the right tools for the job will protect you from future disaster at home and at work.

Posted: 16/01/2017 15:10:24 by Network Critical with 0 comments

Five Top Tech Trends for 2017


Welcome to 2017! This is the time of the year when we gaze into our crystal ball and prognosticate about what is in store for our industry and our e-life in the coming year. Here are some thoughts for what will be trending in the next 12 months and beyond:

IoT Device Security - Here are some numbers from CloudTweaks…328 million things connect to the Internet every month. By 2022 a typical home will contain 500 smart devices. By 2025 every vehicle on the road will be connected to the Internet. According to a McKinsey Global Report, only 0.06% of things that could be connected to the Internet currently are, which means 10 billion things out of the 1.5 trillion that exist globally are currently connected. The report estimates that this could add $11 trillion per year to the global economy by 2025. These IoT trends are worth following. They will impact our business and personal lives in a big way. However, in addition to the huge market potential and potential for societal shifts, this trend will also dramatically increase the cyber threat landscape. Along with the increase in IoT devices, consumers and governments must push for parallel growth in connected device security. The recent attack on internet providers Yahoo, Twitter and others is a prime example. The attackers hacked connected video surveillance devices to flood the internet with traffic forcing the shutdown of some the largest service providers. As connected consumer devices flood the market, their weak security opens the door for hackers to damage individuals, enterprises and service providers. The resulting chaos could be catastrophic. Hopefully, device manufacturers will recognize their weakness and build better security into their products. 

State Sponsored Cyber Meddling - The Russian hacking and misinformation campaign to influence the U.S. election is well documented. German elections are coming up in 2017 and Hans-Georg Maassan, the head of the Federal Office of Protection of the Constitution released a statement saying, "Propaganda and disinformation, cyber-attacks, cyber-spying and Cyber-sabotage (are) part of the hybrid threat to Western democracies.” The Russians are not the only ones to watch. The Chinese have an entire Army division devoted to Cyber espionage activities. It is called Unit 61398 of the Peoples Liberation Army (PLA) and its existence has actually been confirmed by the Chinese government in a report called “The Science of Military Strategy” published by the PLA. The United States has cyber security and espionage units reporting to the National Security Agency (NSA) with a proposed $14 Billion dollar budget for the coming fiscal year. This is notice to government and corporate networks that anything connected to the internet is vulnerable. Cyber security budgets in government and the private sector will increase in the coming year. Military focus on cyber offense as well as on cyber defense will permeate world affairs. 

OT Monitoring and Security - Operational Technology (OT) is hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes, and events in the enterprise. OT is largely used in manufacturing and services such as pipeline and utility control process. This technology has been available and widely used on site for decades. However, its integration with Information Technology and internet connectivity creates new security vulnerabilities. OT has largely been used in closed operational systems. Older operating systems are being patched to allow functional benefits from Internet access. The security capabilities of the older systems are not keeping up with current IT practices. This OT/IT gap may open the door for massive utility and transit system outages and other functional disruptions as new connected OT services become available without IT security advances being integrated. As the line between OT and IT blurs, so must the focus and investment in training and security. 

Artificial Intelligence - So, what’s the big deal here? Artificial Intelligence (AI) has been discussed and researched for decades. The big deal is that AI is now becoming a real market with real applications. Some of the largest tech companies like Google, Apple, Amazon and Facebook are making large investments in this technology and are also releasing their core AI programs as open-source software for others to use. Here are some of the markets that will benefit from advancements in AI technology. Network Security products will be able to learn network usage patterns and more quickly detect anomalies that indicate attacks. Gaming will be greatly enhanced with virtual reality and more realistic landscape and character behavior. Automotive navigation, medical diagnostics, banks, retail and pharmaceutical companies will all benefit from this technology where machines actually learn to solve problems rather than just compute numbers. IBM and BMW have signed a deal to integrate Watson conversational and learning technology into their vehicles. MIT has developed an AI system that surfs the web to improve its performance. The MIT information extraction system helps turn plain text into data for statistical analysis. If IoT is the nervous system of the Internet, AI is the soul. You will be hearing a lot about AI in the coming months and years. 

Hybrid Cloud - John Maddison from computer security company Fortinet says that more businesses need to focus on inside-out security. Reports and industry surveys show that the internal threat to cyber security is in fact greater than external threats. Employees generally have direct access to corporate networks. While many employees are diligent hard working, intelligent beings, others can be negligent, careless, fraudulent or sometimes, just stupid. Now that we have determined that a company’s own employees can be a big security risk, let's talk about the employees of your local cloud provider. What do you know about the employees of the cloud services provider where you store sensitive corporate information? I am sure that many are smart, honest hard working employees. However, what do you know about the cloud providers HR policies and procedures for vetting and hiring employees and contractors who have direct access to your corporate information? One potential solution is deploying a Hybrid Cloud architecture. For example, cloud services can be used for high demand peaks, less sensitive file storage, day to day operational computing and big data analysis. For confidential corporate information and proprietary processes, a local network under direct control can be deployed. A hybrid design lets the company secure highly confidential data on local servers with its own security technology, policies and direct consequences for employees who breach policy. This is a best of both worlds security and a computing option that will grow fast in 2017 and beyond.

Final thoughts - These are a few of the big tech trends that will be advancing and changing our world in 2017 and beyond. As you may have noticed, internet security is a common thread among all the tech trends. Sadly, 2017 will not be the year that computer hacking is solved. However, with increased security budgets, more training and improved architectures, I am hoping that the first bullet of my 2018 trends blog will be - “Monitoring Technology Beating Hackers.” Happy New Year!

Posted: 04/01/2017 16:55:57 by Network Critical with 0 comments

Crime and Punishment…and Protection


Crime

The European Cybercrime Center announced in its 2016 Internet Organized Crime Threat Assessment report. Here is a quote from the organization. “The volume, scope and material cost of cybercrime all remain on an upward trend and have reached very high levels.” Another report from BT and KPMG stated that, “Criminal groups who mount a constant assault on legitimate businesses are not simply members of an amorphous underworld. They are, in fact operated as rational hard-nosed businesses with their own clearly defined business models and money making scams.”

Given the above information here is an interesting report. According to a Zurich Insurance Group survey of small and medium sized businesses, about 11 percent of respondents said they worried about cyber-crime. This is not a typo and your eyes are not playing tricks. Also note, this is not a small sample. The survey polled 2600 C-level executives from 13 countries for this study. However, even though the number is small, it is the fastest growing perceived business risk category. So, it appears that cyber-crime awareness is relatively weak in small and medium businesses, it is growing.

Law enforcement, however, is paying attention. About 200 delegates from 56 countries met in Singapore the last week of September to discuss best practices for overcoming the many steep challenges of fighting cyber-crime and bringing perpetrators to justice.

Punishment
As reported in SC Magazine UK, Nazariy Markuta, a hacker for D33D Company, has been convicted and will spend two years in prison by the UK’s National Crime Agency. Two years! That is not a typo either, two years! Now, this is a guy who is believed to be involved in the leak of 450,000 email addresses and passwords from Yahoo!’s contributor network. Further, when he was arrested, agents found thousands or payment card records in his possession. But wait there is more…between 2012 and 1014 Markuta had attacked a video game reseller and SMS messaging service. He actually was sentenced to 11 years pleading guilty to 8 counts of hacking and fraud but the sentences will run concurrently, leaving him locked up for only two years!

Time for a little editorial comment…So, look. Cyber crime is no joke. It hurts real people and causes severe financial distress for victims. Global losses are estimated to be in the Billions of dollars annually. It is also difficult to track, arrest and prosecute perpetrators. Cyber theft of payment cards and personal information should be treated just like bank robbery or any other high crime. Ransomware hackers who disable systems and hold the encryption key for ransom, should be tracked down and treated like any extortionist. Phishers, whalers and other criminals with cute cyber names should be gives stiff sentences with little leniency. What about an international treaty that requires a minimum sentence of 20 years prison time and no cell phone or tech access? It seems that international cooperation and internet crime legislation have not yet caught up to the cyber world. Hopefully, that will change soon.

Protection
Until our lawmakers, judges and leaders catch up with the connected world, all we can do is to be careful, aware and protected. I had just read a report from a company called mimecast that offers some sage tips to help protect against whaling, a cyber crime where the perpetrator sends an email pretending to be a high level company official asking a subordinate to send money. For example, a US networking company called Ubiquiti was victimized to the tune of $46 million dollars in 2015 by a whaling attack. Here are some anti-whaling ideas:

  • Educate senior management and finance teams about this type of attack so they can be aware of the whaling tactics.
  • Carry out tests within your organization to gauge staff vulnerability.
  • Consider technology that alerts users when an email is coming from outside the corporate network.
  • Subscribe to domain name registration so that you will be alerted to domains that look like or are similar to yours.
  • Review financial practices. Insist that multiple signatures and requisition review be done prior to any large fund distribution.

Cyber crime is one of the fastest growing businesses on the global landscape. Law enforcement and the legislators are struggling to catch up with the new and evolving types and styles of cyber theft and extortion. Until that happens, it is up to individuals and companies to read, learn and be aware of potential threats coming at you in cyber space.


Posted: 29/12/2016 22:53:37 by Network Critical with 0 comments

It's beginning to look a lot like Crisis


It's beginning to look a lot like a crisis
Everywhere you go
Take a look in the server stack
I think we’ve got a hack
With alarms and red lights aglow

It's beginning to look a lot like a crisis
At our on-line store
But the scariest sight to see
Is the trouble that will be
Because Black Hat found a back door

A pair of Rootkit boots and some malware too
Is the fear of my boss and then
Botnets that will talk and go for a walk
Is what puts us all in pain
And he and I can hardly wait
For the IPS to start again

It's beginning to look a lot like a crisis
Everywhere you go
There's spyware in the laptops
More on the desks as well
The sturdy kind that angers my mind and so

It's beginning to look a lot like a crisis
But I know my tools will start
Protecting our links from this thing that stinks
Right from the start
Our Smart TAPS are doing their part

A pair of intelligent TAPS and some anti-virus apps
Is the bane of the Black Hat guys
My firewall will block it all
And bring the network back
And my boss and I can hardly wait to trash another hack

It's beginning to get back to normal
Soon the servers will re-start
And the security our tools will bring
Keeps our network protected from this hacking thing
Visibility and security is our thing!

Happy Holidays from Network Critical

Posted: 22/12/2016 17:52:10 by Network Critical with 0 comments

#Read!


“A reader lives a thousand lives before he dies. The man who never reads lives only one.”

George R.R. Martin

Here are some startling statistics about adults and books in the United States. According to a study by The Jenkins Group, one third of high school graduates never read another book the rest of their lives. Forty-two percent of college graduates never read another book after college. Eighty percent of families in the study did not buy or read a book last year.

Most members of the fast moving high technology community are readers. We read trade magazines, white papers, technical journals and industry blogs. We search the web for the latest network research to help make our networks faster, more reliable and more secure. In short, we are always learning because things are always changing. We must keep up, we must get ahead. Consistent industry education, while necessary and beneficial, is narrow.

There is a wide world of books available that have nothing to do with technology. They can be historical in nature, helping us understand how we got here. They can be inspirational stories about sports heroes, political leaders and inventors whose work changed our lives in one way or another. They can be simple escape stories of mystery and intrigue that just help us relax and escape from our daily responsibilities for an hour or two.

Reading can also give us a perspective on past and current events that we have not previously considered. A good book can make us feel. In school, we learned the names and dates of battles. We learned who won, who lost and who paid the bill. We did not learn about the feelings of those whose lives were turned on end when an enemy nation occupied their country. We did not learn of the helpless submission some felt or about the ruthless resistance others mounted. Books can provide a personal window into those lives so we can feel what they felt. So we can understand, not just learn.

Reading can take us on a 1930’s midnight escape out of the deep south where black sharecroppers sneak out from under the oppressive control of their white employers, seeking a better life in the industrialized North. Reading can take us on a voyage deep beneath the sea or far into outer space where we let our imaginations loose, discovering new worlds. Reading can have us hiding in a dark corner as a mass murderer creeps into our bedroom, knife in hand.

Too often, though, we miss out on these varied and interesting experiences; these feelings, these windows into the hearts of our fellow humans. We miss out because we are busy keeping up with daily life. We prioritize our time. We still need to eat and sleep. We miss out because with all the other priorities in life, we just do not think about reading as a relaxing leisure experience.

Someone needs to tell us, “Don’t forget to read books that are not associated with your profession.” So I am reminding you to find a book and start it. You do not need to read it all at once. Set aside some time to sit down and start one now. Turn off that 55 inch wide-screen TV. You will be amazed at the doors that open in your mind. You might even get some new ideas that will help you at work.

Posted: 16/12/2016 15:43:44 by Network Critical with 0 comments