Network Critical - The Window to your Network

The Cost of Cyber Crime


“I’m standin’ at the crossroads, and believe I’m sinking down.” These lyrics written by American blues legend, Robert Johnson and made famous by the British rock group Cream, came to mind as I read a recent article about Cybercrime.

The “Crossroads” is the intersection of traditional crime and Cybercrime. Guess what? Cyber crime is now leading. According to a report by Trend Micro, 53% of all crime in the United Kingdom is Cybercrime. The UK National Crime Agency agrees, reporting that Cybercrime is outpacing traditional crime. In the United States, Cybercrime is now a larger industry than narcotics trafficking according to Tom Kellerman, CEO of Strategic Cyber Ventures.

Now that we know how big Cybercrime is, let’s look at how this trend translates into currency, thanks to the 2016 Annual Fraud Indicator from the University of Portsmouth. Private sector computer fraud losses are estimated to be 144 Billion Pounds. Public sector losses are estimated to be 37.5 Billion Pounds, with the category “Other” accounting for 11.5 Billion Pounds for a total of 193 billion Pounds lost to computer fraud. Note that Cybercrime estimates are hard to acquire and track due to a number of issues such as unreported incidents and establishing the exact definition of a Cyber crime. However, the general ranges and trends are important; not so much the exact dollars.

Looking at these statistics is important because, behind the big numbers, are real victims - millions of them. Some are businesses, some are government agencies, and some are individuals. Given the enormity of the losses and quantity of victims, it might be time for our leaders to shine a light on Cybercrime and increase resources to prevent and track Cybercrime. In fact, the Portsmouth University report concluded that 1 in 10 adults in the UK are affected by Cybercrime.

With the backdrop of these figures, I read another report by Computacenter that was conducted at InfoSec Europe 2016. It showed that 88 percent of respondent IT Managers reported being “happy” with their organization’s IT security strategy. What? The report continues that 38 percent of respondents admit that their organization has no Data Loss Prevention (DLP) solution. What?

People entrust highly personal and confidential information to companies large and small every day. Some of the obvious include purchases with a credit card or debit card, medical records, government tax information, email addresses and more. One of the imperatives for any company accepting and storing this trusted information is to do all in their power to protect the privacy of that information. While anything networked is not 100% secure, there are many steps that companies can take to reduce cyber threats and theft of private information. Data Loss Prevention is an important technology to have in the arsenal.

DLP appliances set and enforce policies regarding who can access data on company servers. They also can enforce how information can be downloaded and the type of acceptable media for the destination location. These appliances, along with continuous employee training can dramatically reduce the vulnerability to theft and fraud.

DLP appliances connect to network links using TAP’s that provide the physical ports and the fail-safe technologies that allow security appliance connections without impacting network reliability. Furthermore, intelligent taps, such as the SmartNA-X from Network Critical (www.networkcritical.com) can be permanently installed in only 1 RU of rack space. They also provide sophisticated monitoring features such as port mapping, filtering and traffic regeneration.

There are signs that governments are beginning to pay more attention to Cybercrime. Law enforcement cyber crime investigation units are being established, and budgets are growing. However, in the meantime, it is up to companies to invest in breach protection, data loss protection, threat landscape reduction and other security protocols. It is also important for individuals to be educated and vigilant about computer and smartphone use.

Cybercrime is real and growing. We are at the crossroads. Investing in cyber security equal with physical security will keep us from sinking down.

Posted: 30/09/2016 17:30:24 by Network Critical with 0 comments

Network Critical to Attend the Cyber Defense Initiative Conference, Bangkok - October 12, 2016

CDIC_final.png
This is a quick one to let our readers in Thailand and the surrounding area know that Network Critical will be attending the Cyber Defense Initiative Conference (CDIC) in Thailand next month. The event will take place at the BITEC exhibition center, Bangkok, and will be held on Wednesday 12th and Thursday 13th October.

With the support of government agencies and private organizations, the CDIC is now in its 15th year of operation. The theme of this year’s conference is “Time to Trust”: Trust and Innovation for the digitized, Value-based Economy. The framework of the event is built upon the cooperation between all sectors. This is extremely important to the future of Thailand and the entire of Southeast Asia. There will be particular importance this year on the advancement of Financial Technological Innovation and the security surrounding electronic payment systems. To keep up with the pace of technology, such as Big Data Management & Analytics, and surveillance, key speakers will approach the threats, risks and privacy issues faced by businesses. Focus will be on the measures that can be taken in order to prevent threats, producing quick and cost-effective response so that all types of organizations can develop this 'Trust in Cyberspace’ by establishing a strong Cyber Resilience.

Network Critical is a global developer of intelligent Network Access Technologies; we believe that these global events are important and valuable opportunties to meet with network engineers, designers and vendors from around the world. As critical sources of knowledge, relationships and insight, events such as the CDIC, Bangkok, will continue to feature in Network Critical’s global schedule as we stay committed to providing up-to-date quality products and services in an ever-changing market.

So, if you are in Bangkok on the conference date, or would like to approach us about the event or its topics, please feel free to contact us at marketing-team@networkcritical.com to arrange an appointment or discussion.

If you are interested in finding out more information on this event, you can find more details here: www.cdicconference.com/

Posted: 29/09/2016 15:36:53 by Network Critical with 0 comments

Network Critical to Attend GovWare Singapore - October 10, 2016


This is a quick one to let our readers in the Asia-Pacific region know that Network Critical will be attending the Singapore GovWare event as part of the Singapore International Cyber week next month. The event will take place at the Suntec Singapore Convention & Exhibition Centre and will be held on Monday, 10th October.

Into its 25th anniversary, GovernmentWare (GovWare) is the region’s premier conference and showcase for Cyber Security. GovWare is the foundation event for the inaugural Singapore International Cyber Week. Featuring multiple tracks on the latest trends in technology, organisational implementation and user perspectives, GovWare regularly attracts the best practitioners to meet, network and discuss the things that truly matter in Cyber Security. With a speaker faculty of over 100 Government officials, thought leaders, visionaries, technology experts and industry professionals, the conference serves as a leading platform for practical, focused, and unbiased knowledge of the highest level.

Network Critical, is a global developer of Network Access Technologies; we believe that these global events are important and valuable venues to meet with network engineers, designers and vendors from around the world. As invaluable sources of knowledge, relationships and insight, events such as GovWare Singapore will continue to feature in Network Critical’s global schedule as we stay committed to delivering up-to-date quality products and services in an ever-changing market.

So, if you are in Singapore on the conference date, please feel free to contact us at marketing-team@networkcritical.com to arrange an appointment or discussion.

If you are interested in finding out more information on this event, and the Singapore International Cyber Week, visit: www.sicw.sg/index.html

Posted: 27/09/2016 15:25:06 by Network Critical with 0 comments

Sniffing without Snooping

Network Critical announced today the introduction of PacketPro™ Card, a new packet manipulation module for the SmartNA-X™ Packet Broker. This is an important new development for the SmartNA-X™ allowing it to analyze and modify packets prior to sending them to an appliance for further processing.

The PacketPro™ Card can perform standard packet slicing during which the payload is stripped from the header for more efficient utilization of analyzer tool resources. However, that is only the beginning. The packet modification feature goes beyond packet slicing to allow a search for tunneling protocol headers to then strip or modify them so that the underlying packet contents can be analyzed.

Packet modification is an important feature as network managers struggle with the problem of analyzing traffic that is often encapsulated in a variety of tunneling protocols. Further, concerns about confidentiality of communication can now be balanced against the need for accurate traffic analysis. Not only can the tunneling protocol be removed; the payload itself can be modified so the traffic can be analyzed without compromising the confidentiality of the information inside the packet payload. The PacketPro™ Card allows maximum analysis granularity with the capability to modify every byte or bit in a packet.

As an example, when analyzing traffic on links, it is necessary that the entire packet be seen to get an accurate picture of the traffic. Even though headers are the same size, the payload part of the packet varies. So, if the payload is not analyzed then the traffic can only be estimated. Using the packet manipulation feature of the PacketPro™ card, one can analyze all the traffic including the headers and variable payload. This allows a complete and accurate understanding of traffic patterns and potential trouble spots without actually looking at the content in the payload. This is done by replacing the payload content with all 1’s for example, so the exact packet is intact but the packet information is not.

Consistent with the SmartNA-X™ ease-of-use, the new module configures itself. The PacketPro™ Card can be inserted into a 4 x 1G slot or a 2 x 10G slot in the SmartNA-X chassis and assumes its network personality from the slot being used. If it is in a 1G slot, it will operate at 1G. Similarly, if it is installed in a 10G slot, it will operate at a blazing 10Gbps. There are no physical ports on the card. Traffic is mapped from 1G or 10G ingress ports on the SmartNA-X™ to the PacketPro™ Card and then to a SmartNA-X™ egress port onto a tool.

Here are three good things that happen when you add PacketPro™ Card in the SmartNA-X™ packet broker:

  • Increase productivity of analysis tools
  • Comply with privacy requirements
  • Improve accuracy of network traffic analysis

The new PacketPro™ Card allows for a wide variety of packet manipulation options when performing network traffic analysis. For more detail and technical information please go to www.networkcritical.com/products/smartna-x-packetpro.

Posted: 23/09/2016 13:48:53 by Network Critical with 0 comments

Global Security, Local Education: Data Connectors, Kansas City, 6 October 2016

KansasCity_skyline.png
This is a quick one to let our readers in Missouri and the surrounding area know that Network Critical will be exhibiting at the Kansas City Data Connectors Conference early next month. The event will take place at the Doubletree, Overland Park, Kansas City and will be held on Thursday, 6th October.

Data Connectors conferences are one of the premier technology security events, focused on the latest products and best practices available in an educational environment. You will find local product sources & seminars and have the opportunity to meet with representatives from many of the top security companies.

The Network Critical team will be demonstrating our TAP and Packet Broker technology and their ability to simplify the connection of security and performance tools to networks. While Network Critical is a global developer of network access technologies, we believe that these local events are important and valuable venues to meet with network engineers and designers.

So, if you are near Kansas City on the conference date, please feel free to contact us at marketing-team@networkcritical.com and arrange an appointment!

If you are interested in finding out more information on this or other Data Connectors events, their website details are as follows: www.dataconnectors.com/event/kansas-city-thursday-10-06-2016/

Posted: 22/09/2016 17:34:49 by Network Critical with 0 comments

Network Critical to Attend IPEXPO Europe - London, 5 October 2016

IPEXPOEurope_for_blog.png
As part of our ongoing global event schedule, we’d like to take this opportunity to inform our readers that the Network Critical team will be attending the IP EXPO, Europe, which takes place in London later this month. This is in keeping with our sustained efforts to carefully support business on both a local and global scale.

IP EXPO Europe is the must-attend IT event of the year for CIOs, heads of IT, security specialists, heads of insight and tech experts. The event will showcase six top IT events under ONE roof, 300+ exhibitors and 300+ free to attend seminar sessions.

The event showcases brand new exclusive content and senior level insights from across the industry, as well as unveiling the latest developments in IT. IP EXPO Europe now incorporates Cloud Europe, Cyber Security Europe, Networks & Infrastructure Europe, Data Analytics Europe, DevOps Europe and Open Source Europe.

IP EXPO Europe takes place on 5-6 October 2016 at ExCel, London. If you would like to take the opportunity to meet with the Network Critical team at this renowned event, then simply contact us at marketing-team@networkcritical.com to book an informal appointment!

If you are interested in finding out more information on this event, you will find the information here: www.ipexpoeurope.com/

Posted: 21/09/2016 14:53:03 by Network Critical with 0 comments

Data Connectors - This week, we are in Milwaukee!

Milwaukee.jpg
This is a quick one to let our readers know that Network Critical will be attending the Data Connectors Conference in Milwaukee, later this week.

The event will take place at the Hyatt Regency, Milwaukee, and will be held on Thursday, 22nd September.

Data Connectors conferences are one of the premier technology security events, focused on the latest products and best practices available in an educational environment. You will find local product sources & seminars and have the opportunity to meet with representatives from many of the top security companies.

The Network Critical team will be demonstrating our TAP and Packet Broker technology and their ability to simplify the connection of security and performance tools to networks. While Network Critical is a global developer of network access technologies, we believe that these local events are important and valuable venues to meet with network engineers and designers.

So, if you are near Milwaukee on the conference date, please feel free to contact us at marketing-team@networkcritical.com and arrange an appointment!

If you are interested in finding out more information on this, or other, Data Connectors events, their website details are as follows: www.dataconnectors.com/event/milwaukee-6/

Posted: 19/09/2016 14:06:10 by Network Critical with 0 comments

Intelligent Transit Needs Smart Security

Disneyland had a ride called ‘Utopia’ in the 1960’s. It was a glimpse into the future of suburban transportation. Fast, simple, personal transportation was the ideal of the 1960s when freeways were still a relatively new idea and suburban development was a sprawling phenomenon.

Inside the gates of Utopia, there were little cars on a track that the kids could 'drive'. There were streets without stop lights; entrance and exits were controlled, and bridges were at all intersections so traffic always flowed smoothly. Outside the gates of Disneyland, however, reality crushed Utopia. Traffic was snarled, freeways were congested and a cross-town commute was a daily curse endured by millions.

Fast forward to 2016 where the sprawl is expanding and commute congestion is as bad as it has ever been. However, the Utopia of 2016 is technology, not bridges. With ubiquitous personal connected devices and the introduction of vehicle internet connectivity many new traffic congestion and control solutions are coming to market.

We already have navigation devices that can get us from point A to point B, alert us to real time traffic problems in between and suggest alternative routes. We can ride share, bike share and plan public transportation routes and pay tolls with smartphones. Internet connectivity via personal devices is only the first step in a new wave of intelligent urban transportation technology.

Centralized urban technology hubs and associated apps are being developed to provide a wide range of services. Trials are in place for pre-paid cards that will simplify public transportation from the suburbs and offer bike rentals or ride share options once in town. Centralizing and synchronizing traffic signals will help smooth traffic flow, provide quicker response times for emergency vehicles and help keep busses on schedule. Parking sensors are even being installed that will alert smartphone users to open parking spaces.

On the back side of centralized traffic and transportation flow control is traffic and personal information collection. In order for these systems to be as effective as possible, they need to collect data from users about their movements, peak traffic times, transportation mode preferences, streetlight data, traffic camera data, payment options and more. All this information needs to be stored somewhere. It does not matter if it is a Cloud server or under the control of a municipal IT department. The centralization of information and control of an entire municipal transportation system is putting a lot of eggs in a single basket. The basket should be designed for maximum security, controlled access and limited information portability.

According to Von Welch, Director of the Center for Applied Cyber Security Research at Indiana University, “We have a lot of companies making new devices for the urban Internet of Things that have not made computers or written software before.” This is a critical warning to intelligent urban traffic planners. Get the IT security team involved early. There is great technology available to help protect and defend large centralized networks. Robust security requires many specialized appliances, so an intelligent connectivity solution should also be part of the initial plan. Deployment of data access and visibility solutions like the SmartNA-X™ from Network Critical (www.networkcritical.com) provide a sound foundation for the security appliances necessary to avoid catastrophic failure due to a cyber take-over.

Without properly planned network protection and rapid attack remediation, the commerce, movement and safety of entire cities could be vulnerable to a malicious breach. Traffic signals could be manipulated; electronic road signs could hacked to provide misinformation; emergency responders could be blocked from trouble spots; funds could be stolen or bank accounts compromised.

This is all scary stuff but not impossible to manage. If proper network visibility, threat landscape reduction, data loss protection, data backup and employee training are planned and implemented early on, then Utopia may in fact be possible without opening the door to municipal apocalypse.

Posted: 15/09/2016 17:11:14 by Network Critical with 0 comments

Data Connectors - This week, we are in Atlanta!

Atlanta-Skyline-Cropped.png
This is a quick one to let our readers know that Network Critical will be attending the Data Connectors Conference in Atlanta, later this week.

The event will take place at the Hyatt Regency, Atlanta, and will be held on Thursday, 15th September.

Data Connectors conferences are one of the premier technology security events, focused on the latest products and best practices available in an educational environment. You will find local product sources & seminars and have the opportunity to meet with representatives from many of the top security companies.

The Network Critical team will be demonstrating our TAP and Packet Broker technology and their ability to simplify the connection of security and performance tools to networks. While Network Critical is a global developer of network access technologies, we believe that these local events are important and valuable venues to meet with network engineers and designers.

So, if you are near Atlanta on the conference date, please feel free to contact us at marketing-team@networkcritical.com and arrange an appointment!

If you are interested in finding out more information on this, or other, Data Connectors events, their website details are as follows: www.dataconnectors.com/event/atlanta/

Posted: 13/09/2016 18:35:45 by Network Critical with 0 comments

Arizona Tech Summit - This week, we are in Phoenix!

phoenix-skyline-700x300.pngThis is a quick one to let our readers know that Network Critical will be attending the Arizona Tech Summit later this week.

This will be the 8th Annual Arizona Technology Summit, and will be held at the Phoenix Convention Center (South Ballroom) on September 14th 2016 from 7am-5pm.

The theme for 2016 is "Conquering Your IT and Security Objectives". Attend The Arizona Technology Summit to get the right tools and make vital connections to best prepare your company for the broad spectrum of ever-changing technology trends.

The Network Critical team will be joined by Array Networks as we demonstrate our TAP and Packet Broker technologies and their ability to simplify the connection of security and performance tools to networks. While Network Critical is a global developer of network access technologies, we believe that these local events are important and valuable venues to meet with network engineers and designers, providing the latest insights into Secure Network Access.

So, if you are near Phoenix on the summit date, please feel free to contact us at marketing-team@networkcritical.com and arrange an appointment!

If you are interested in finding out more information on this event, their website details are as follows: arizona.technologysummit.net/

Posted: 12/09/2016 17:29:41 by Network Critical with 0 comments

Global Security, Local Education: Data Connectors, Milwaukee, September 2016


This is a quick one to let our readers in Milwaukee know that Network Critical will be exhibiting at the Data Connectors Conference next month. The event will take place at the Hyatt Regency, Milwaukee, and will be held on Thursday, 22nd September. Data Connectors conferences are one of the premier technology security events, focused on the latest products and best practices available in an educational environment. You will find local product sources & seminars and have the opportunity to meet with representatives from many of the top security companies.

The Network Critical team will be demonstrating our TAP and Packet Broker technology and their ability to simplify the connection of security and performance tools to networks. While Network Critical is a global developer of network access technologies, we believe that these local events are important and valuable venues to meet with network engineers and designers.

So, if you are near Atlanta on the conference date, please feel free to contact us at marketing-team@networkcritical.com and arrange an appointment!

If you are interested in finding out more information on this or other Data Connectors events, their website details are as follows: www.dataconnectors.com/event/milwaukee-6/

Posted: 09/09/2016 14:00:40 by Network Critical with 0 comments

Top Four Budget Friendly Network Monitoring Features

During a conversation about connecting appliances to networks comes up I often hear…“I will just plug it in to my SPAN port.” Most often, these words are said with absolute conviction. The unspoken post script being, “This is how I have always done it and there is no point in spending time and money investigating alternative methods.” Sure, you can connect the appliance the way you always have and there is a good chance that it will work.

But what if there is a better way? What if there are alternative methods offering features that can reduce the overall cost of the project? What if there are features that can increase the accuracy, speed or efficiency of the appliance? What if there are features available that can increase flexibility and simplicity of adds and changes? What about future-proofing your network monitoring plan? Is there a better way than the way it has always been done? In the hyper-speed world of network technology, there is usually a better way than what has been done.

Even the relatively straight forward world of network monitoring is moving forward with newer features and technologies that can improve the overall result when adding appliances for security, compliance, analysis, performance or other specialized needs. Here are four specialized features that network TAPs and/or Packet Brokers can provide that may improve your monitoring project:

  • Use Aggregation to cut appliance costs - Many network links are not fully utilized. 1Gbps links may only have a throughput of 100-500Mbps. Further, many networks are transitioning to 10Gbps speeds with throughput in the 1-4 Gbps range. Why purchase and install expensive appliances on each link when you can aggregate the throughput from underutilized links to fully utilize a single appliance? Network managers can generally achieve anywhere from 2:1 up to 8:1 link to appliance cost savings by deploying the aggregation feature.
  • Regeneration can increase flexibility of appliance deployment - This is a world of specialization. There are many appliances that are being utilized for many unique purposes. Physically deploying multiple appliances on individual links can adversely affect network reliability and availability. Planning and scheduling maintenance windows also becomes more complicated when numerous appliances are directly connected to a link. Regeneration allows the TAP to create maps that manage data flows to numerous appliances. As an additional bonus, filters can be applied to the maps that allow only the packets that are relevant to a specific appliance be sent. This increases the efficiency of the appliance by allowing it to process only the subset of data necessary to perform its task.
  • Install extra ports for future needs - Intelligent TAPs, such as the SmartNA-X from Network Critical, (www.networkcritical.com) provide permanent, highly dense banks of ports that are securely locked down when not in use. Note that when installing an appliance, either directly or through the use of a TAP, it is necessary to break the link. Finding a service window for this type of deployment is often difficult given the 7/24/365 nature of networks. One simple option is to install a permanent TAP with extra ports when a new link comes on line. With the TAP already in place, the need to break the link to install appliances is eliminated. Installing a TAP with extra ports provides flexibility to add appliances and to change deployments as needed without taking the network link out of service. If security is an issue, the un-used ports can be locked out by the administrator. Therefore, no one can access the network data via un-used ports without an admin level password.
  • Load Balancing - Packet Brokers, high density, high bandwidth capable visibility devices equally distribute data from high speed links to multiple lower speed appliances. For networks that are transitioning from 1Gbps link speeds to 10Gbps speeds, load balancing allows the utilization of less expensive, legacy lower speed appliances to manage links. This saves the cost of purchasing new, high speed appliances for the new links. Further, many appliances are capable of managing only up to 8Gbps. For example, Load Balancing would allow five 8Gbps appliances to manage the combined data from four 10Gbps links.

The days of the tool belt TAP are behind us. There are many sophisticated features integrated in TAPs that can increase efficiency and lower costs when deploying appliances for security, analysis, compliance or performance. But wait…there is more!! We only covered four of the many helpful features presented by TAPs like the SmartNA-X and Packet Brokers like the SmartNA-X HD. Go to www.networkcritical.com to take a deep dive into a TAP data sheet or user guide and learn about many other helpful features not covered here.

Posted: 08/09/2016 18:23:42 by Network Critical with 0 comments

Global Security, Local Education: Data Connectors, Atlanta, 15 September 2016


This is a quick one to let our readers know that Network Critical will be attending the Data Connectors Conference in Atlanta next month. The event will take place at the Hyatt Regency Atlanta, and will be held on Thursday September 15th.

Data Connectors conferences are one of the premier technology security events, focused on the latest products and best practices available in an educational environment. You will find local product sources & seminars and have the opportunity to meet with representatives from many of the top security companies.

The Network Critical team will be demonstrating our TAP and Packet Broker technology and their ability to simplify the connection of security and performance tools to networks. While Network Critical is a global developer of network access technologies, we believe that these local events are important and valuable venues to meet with network engineers and designers.

So, if you are near Atlanta on the conference date, please feel free to contact us at marketing-team@networkcritical.com and arrange an appointment!

If you are interested in finding out more information on this or other Data Connectors events, their website details are as follows: www.dataconnectors.com/event/atlanta/

Posted: 06/09/2016 11:19:10 by Network Critical with 0 comments

PCI - Required for Retail, Beneficial for All

PCI DSS stands for Payment Card Industry Data Security Standard. The PCI Security Standards Council is a global organization that maintains, evolves and promotes Payment Card Industry standards for the safety of cardholder data across the globe. According to their website, the organization was founded in 2006 by American Express, Discover, JCB International, MasterCard and Visa Inc. The founding credit card companies share equally in governance and execution of the PCI card payment standards.

The PCI standards establish a set of data security and password standards that are prescribed for retail operations and audited by the Council. However, it is interesting that, while many of the compliance requirements are specifically pointed at retailers settling credit card payments, the foundation of the standards document is that of best practices for sound data security.

“A strong perimeter is necessary for any organization regardless of the data set it holds,” says Michael Kemp, co-founder of Xiphos Research, a Birmingham, UK-based security consulting firm. Some of these requirements include establishing firewalls, effective patch management, anti-virus, encryption, continuous vulnerability management, maintaining an information security policy and implementing strong access control measures. While the specific goal of these particular standards is to protect cardholder data, these measures are applicable to any IT organization that is tasked with protecting sensitive information.

The term “Cardholder Data” used widely in the standard could be adopted to represent any sensitive information with which a company operates. It could be cardholder data or customer social security numbers or patient medical records. Mr. Kemp also suggests, “Simply browsing through the list of PCI requirements will give a CIO, CSO or CTO a lot of ideas for improving a company’s security perimeter and internal processes.” Businesses should employ a reasonable prioritization based on the list of current risks, confidentiality profile of the data, company public profile and operational needs.

Firewalls and security appliances need to be connected to network links. They need to see and respond to data flows in order to protect against unauthorized access or attempted breaches. Often these appliances need to be connected in-line so that the protection provided is done in real time. It does little good for a breach to be alarmed and reported if it is not stopped in its tracks. Having a report when the damage is done is like locking the barn door after all the cows are already roaming in the pasture.

Connecting multiple appliances to network links can have negative effects on network reliability and availability. However, there is an alternative that can provide multiple specialized security appliances to connect to the same link without impacting network availability. The more in-line appliances that are attached to a link, the greater the mathematical probability that the network link will eventually fail. For example, one link with one device boasting 99.999 reliability will degenerate to 99.980 as soon as a second device that is also 99.999 is attached. This does not look like a big deal in theory, but when the network fails because an appliance goes down, it becomes a big deal very quickly.

SmartNA-X™ provides the physical ports necessary to connect multiple appliances. They are also equipped with bypass switch technology that allows network data to flow even if one of the appliances goes down or out of service. The SmartNA-X™ in-line TAPs provide and receive a heartbeat from the attached device. If the device stops sending heartbeat packets, the SmartNA-X™ will bypass the appliance and maintain network availability. Certain models will also allow for redundant bypass service so back-up appliances can be put into service when the primary goes down.

In summary, PCI DSS can be an excellent guideline for developing a data security process. Certification and annual audits are important for retail merchants and others who are processing credit cards. For other data security needs, the benefits of the standards can be received without the headaches and costs of the audits. One final note, while PCI DSS can be a valuable base line, don’t forget that there is no rule to say you cannot go beyond the standard: adding your own ideas, policies and equipment to develop the highest security profile possible for your business and your customers.

Posted: 02/09/2016 12:38:50 by Network Critical with 0 comments