SlideShare uma empresa Scribd logo
1 de 16
Baixar para ler offline
Inside the Outbreaks - Provision Your Network Against Threats
ABOUT THE AUTHOR
Bob Shaw, President and CEO, Net Optics Inc.
As President and Chief Executive Officer of Net Optics since 2001, Bob Shaw is responsible for conceiving and implementing corporate
vision and strategy to position Net Optics as the leading provider of intelligent access and monitoring architecture solutions in both
physical and virtual environments. Under Shaw’s guidance, Net Optics has achieved consistent double-digit growth, launched more than
35 new products, acquired over 8000 customers, and expanded its global presence in over 81 countries. The company has been included
in the elite Inc. 5000 list of highest performing companies four years in a row; won Best of FOSE honors; received the coveted Red Herring
Top 100 North America Award for promise and innovation, the Best Deployment Scenario Award for Network Visibility, and many other
accolades. Shaw’s leadership experience spans startups to Fortune 200 organizations, where he held Senior Vice Presidential executive
positions. Shaw earned both a Bachelor of Arts degree in Business and a Bachelor of Science degree in Economics from Geneva College
in Pennsylvania.
Net Optics is a registered trademark of Net Optics, Inc. Additional company and product names may be trademarks or
registered trademarks of the individual companies and are respectfully acknowledged. Copyright 1996-2013 Net Optics, Inc.
All rights reserved.
1
1
1
0
0
0
0
1
1
1
0
0
0
1
0
1
1
0
0
0
1
1
0
1
0
1
0
1
0
1
0
0
1
0
1
1
1
0
1
1
0
0
0
1
1
1

1
0
0
0
1
1
1
0
0
0
1
0
1
1
0
0
0
1
1
0
1
0
1
0
1
0
1
0
0
1
0
1
1
1
0
1
1
0
0
0
1
1
1

1
0
0
0
1
1
1
0
0
0
1
0
1
1
0
0
0
1
1
0
1
0
1
0
1
0
1
0
0
1
0
1
1
1
0
1
1
0
0
0
1
1
1

1
0
0
0
1
1
1
0
0
0
1
0
1
1
0
0
0
1
1
0
1
0
1
0
1
0
1
0
0
1
0
1
1
1
0
1
1
0
0
0
1
1
1

A MONITORING-CENTRIC ARCHITECTURE
IS VITAL TO SUCCESS —
AND SURVIVAL
Protecting the network demands robust monitoring
that is actually built into the network architecture.
Ongoing network vulnerability invites attack and
intrusion, putting data at constant risk, wasting
resources and endangering the social fabric.
Shocking revelations of governmental spying on
private citizens and businesses open yet another
front in the fight for data integrity. The overriding
truth is that the technology for stealing data and
eavesdropping is not only bounding ahead—it is
already so widespread and available that practically
anyone can obtain and use it.
OUCH!

The security industry has armed the network
until it practically bristles, but mapping and
managing these solutions is itself complex,
which creates a new set of risks. A snapshot
of recent attacks underscores the need for
scalable, unbreakable network and applications.

PINTEREST STICK

AM
SP

KA-CHING:

THE BITCOIN
HEIST

In a social engineering attack
using email and password reset,
$1.2 million of this popular digital
currency, stored in the cloud, was
stolen in two attacks four days
apart. Total visibility would have
allowed administrators to see
whose files were invaded and
when.

Victimized users who had linked
their Pinterest accounts to Twitter
and Facebook found themselves
trumpeting tweets and wall posts
for smarmy work-at-home schemes
to their friends.

NERVOUS
TWITTERS

2

3

1

3

“Extremely sophisticated”
crooks may have gained
access to 250,000 users’
email addresses, usernames,
session tokens and passwords
in February 2013. Twitter has
reset passwords and revoked
session tokens, hopefully not
a token response to a massive
attack.

Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
CRACKS
IN ADOBE

4
PINCHING
ZAPPOS

5
4

All the feet shopping the largest shoe
selection on the planet couldn’t chase
down the thief who hauled away details of
24 million customers, including their names
and addresses, along with the last four digits
of their credit cards and encrypted versions
of their passwords.

PA

S SWORDS

5

After one of the decade’s worst hacks, the
passwords of as many as 150 million users
of Acrobat Reader and other Adobe apps
may be up for auction on a global black
market. The hackers can also distribute
Adobe apps that appear genuine with
nasty malware hidden inside.

The cloud, which is itself rapidly evolving, needs better
security solutions if it is to fulfill its potential. Managing
networks with multiple IP domains has become a
challenge, as services are increasingly hosted both
on and off premises. We need granular, well-managed
network and applications monitoring that covers power
consumption, user behavior and anything else that
affects security, stability and productivity.
MONITORING WEARS
THE WHITE HAT
Organizations are realizing that robust monitoring
is not only the core of a successful defense, it
can actually prevent them from getting into
trouble in the first place. Proactive monitoring
and visibility avoid the cost, the waste, and the
loss of customers that accompany a breach.
Social media apps are creating some of the largest
and highest impact vulnerabilities. Not surprisingly,
Facebook emerges as a major target. In fact, a
hacker cadre in Eastern Europe recently invaded
Apple, Facebook and Twitter in hopes of gaining
intellectual property to sell to the highest bidder.
A major lawsuit 6 accused the developers of 20 apps,
including Facebook, Foursquare, Yelp, Twitter, and
the games Angry Birds and Cut the Rope of being
gateways to theft.

Apps can pummel your network

Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
Developers of popular mobile apps casually invade
address books for names, phone numbers, email
addresses, job titles and even birthdays from
countless unaware users. Information hawked
can fetch 60 cents to several dollars per contact.
The lawsuit seeks not only to halt sneaky data
har vesting but also to compensate injured
parties and make an example of the perps.
In another New York Times article 7, hackers
from China (working for the People’s Liberation
Army) set new bars for brazenness by resuming
data thefts from American companies after
three months of token silence following their
exposure. U.S. officials had assumed, rather
ingenuously, that a “naming and shaming” strategy
would bring about a government crackdown.
However, the hackers are now back on the
attack from their twelve -stor y building in
Shanghai. Victims include defense contractors
like Lockheed Martin, who had contracts and
blueprints stolen after a computer break-in.

Coca-Cola was also a victim, as was the U.S.
power grid via Schneider Electric, which
maintains “detailed blueprints” on more than
half the oil and gas pipelines in North America.
If that is not nerve-wracking enough, think about
511,000 out of 2.3 million Android apps capable
of churning out unauthorized payments and
changing user settings.8 Such apps allow hackers
to track user phone numbers, modify
bookmarks, and inundate a user with pesky ads.
According to a TrustGo report, 77 percent of all
apps available in China had posed a high risk
for security breaches as recently as 2012, and
you maybe sure that figure has been revised
upward by now. But even those unsettling
calculations fall short of the reality, according
to Bluebox Security, which claims that a full 99
percent of Android apps are open to takeover!9
A four-year-old flaw in app verification becomes
a welcome mat allowing applications to be
converted into trojans.
HOW TO STAY AHEAD
OF THE HAVOC
Employee apps also open a major portal that hackers
can come marching though into the workplace. The
term “shadow apps” refers to applications—many
of them personal—that employees download onto
their own devices in the workplace, unbeknownst to
the IT department. Also, video traffic from websites
such as YouTube or Netflix can consume as much as
half your corporate bandwidth! How do you handle
that without chasing employees out the door?
By giving your network the ability to monitor and
prioritize traffic so that business applications always
take precedence in bandwidth consumption over
games and movies.

Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
DEFENSE IN DEPTH:
MONITORING-CENTRIC ADVANCED SDN AND
NPB TECHNOLOGY
ARCHITECTURE
GAINING A TRUE

A monitoring-centric architecture with robust
application awareness delivers quantifiable value in
terms of security, performance, compliance and ROI.
This architecture ensures that the right data gets to
the right tools for accurate assessment and analysis
with decisive resolution.
Such an architecture is necessarily agnostic; a
dynamic, standards-based and modular concept
that offers the freedom to design the network using
whatever resources best fit needs and budget. In
fact, that architecture is now within reach, and it’s the
advent of Software-Defined Networking (SDN) that
makes it possible.

Now, the increased visibility, intelligence, and agility
of SDN is helping enterprises handle security threats,
by increasing agility and encouraging automation.
SDN, in conjunction with Network Packet Brokers
(NPBs) can pull together a true Defense in Depth
wherein strategies combine, cascade and join
multiple security solutions to work in concert
transparently. This approach is gaining traction with
major vendors. Each component addresses specific
risk factors and attack vectors. Network Packet
Brokers can integrate multiple products and systems
seamlessly so that multiple products can focus their
combined strengths upon an attacking entity. This
is the most effective way to provision the network
with an advanced, available and agile defense.
NETWORK PACKET BROKERS —
THE PATH TO PEAK PERFORMANCE
Network Layer

Instrumentation and Tool Layer
Visibility Layer
Security
Monitoring

NETWORK PACKET BROKERS (NPB)
Performance
Monitoring

SDN CONTROLLER
Automated
Provisioning

Defense
in Depth

High
Availability

Centralized Management

As networks and data centers scale, NPBs leverage network monitoring and security tools to control large, complex environments.

Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
SPEEDING THE
RIGHT DATA TO THE
RIGHT TOOLS
An NPB such as a Network Montoring Switch lets
the IT team’s security engineers aggregate and
filter the data, then provide it instantaneously
to the appropriate security tool. To optimize
network defense, only actionable “data of interest”
should go to these tools. Adding NBPs lowers
the complexity of managing information suboptimally, while improving insight via total
visibility. Now, and going forward, visibility
is absolutely critical to obtaining accurate
information about the state of the network and
the threats it faces, from any source.

SDN ENABLES
A ROBUST,
AGILE DEFENSE
ARCHITECTURE
SDN allows organizations to add applications more
easily, streamline processes, reduce complexity,
improve efficiency and provide a better user
experience.
By uncoupling the security/monitoring/switch
control from the data planes (the control plane
decides where traffic is sent, while the data plane
actually forwards that traffic to the selected
destination), administrators gain tighter control of
network traffic flow than ever before and can shift
traffic to performance management tools when
they start to detect problems.
BLOCKING THE
ATTACKS
When administrators can shape traffic with
agility and precision from their centralized
control consoles, they can quickly change
rules to prioritize or even block packets particularly important in a cloud or multi-tenant
environment. (Plus, they can manage traffic
loads using economical off-the-shelf switches
and conduct switching across multi-vendor
hardware and ASICs.) A centralized control
plane offers the freedom and flexibility to
introduce new applications without the
complexity of configuring individual devices.

SDN enables the streamlined automation
and provisioning of monitoring applications and
tools based on real-time traffic behavior. It
makes for end-to-end network monitoring with
easy implementation and operation. Joining
an SDN controller with Network Packet Brokers
and a customer’s chosen security solutions
creates a precise and agile threat defense.
NPBs, with their ability to “chain” solutions,
integrate multiple systems, and distribute
traffic, provide the ideal means for a dynamic
response. Under attack, such a defense lets
administrators send orders redirecting data
to forensics tools to expose and analyze the
attack. Now networks can respond instantly
to threats, as opposed to implementing a
static series of behaviors.

Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
OPTIMIZING VISIBILITY FOR A
PROACTIVE, POWERFUL DEFENSE
Such capabilities as filtering and load balancing “supercharge” your defense strategy by ensuring that
monitoring tools receive data in the most readable form and optimize their function. NPBs allow tighter,
granular control of traffic thanks to a spectrum of sophisticated inline capabilities, including:
FILTERING

ACCESS

It’s crucial that only “traffic of interest” be
delivered to the tool for analysis. This avoids
waste of CPU and memory on irrelevant data.

NPBs ensure that data doesn’t get into the
wrong hands, letting the IT team specify which
users or groups have access, as well as logging
who made changes and when.

LOAD BALANCING
Overburdened tools lay the network open to
intrusion or failure. Load balancing keeps
session data together and distributes the
load among multiple tools.
PACKET DE-DUPLICATION
Removal of duplicate or redundant packets
can increase tool productivity by 50 percent.
MPLS STRIPPING
Most tools cannot deal with MPLS-tagged
packets. Stripping MPLS headers lets a tool
perform its primary task of keeping data secure.

AUTOMATION
Automated provisioning lowers the need for
manual configuration with its risk of error.
It reduces network complexity and helps
enable compliance.
STANDARDIZATION
Industry standards expand the universe of
devices supportable by network tools without
costly customization.
PUT THE ADVANTAGE ON YOUR SIDE
Ensure that your defense finds breaches instantly and quarantines packets

Design all critical
networks as HA (High
Availability) so key links
stay up and running
while a breach is
resolved.

Use remote, edge
and core monitoring
tools to spot strange
patterns of behavior
and potential security
breaches.

3

Watch virtual/
cloud servers. Very
few virtual networks
are even monitored,
let alone watched by
security tools.

4

Be aware that
remote and edge locations
are particularly vulnerable,
since organizations
generally concentrate
security efforts on the
core or data center.

Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
The world of networking is one of ongoing revolution
driven by technology innovation, by escalating user
numbers, and by proliferating applications. However,
along with this progress come unrelenting threats and
outrageous attackers who will exploit any vulnerability
they find to rob and disable businesses and personal users.
To protect the network and its applications, a pervasive,
proactive, scalable, and agile monitoring architecture
is essential; one that provides total visibility from data
center to remote end user.
Now, the robust capabilities of SDN, combined with
the flexibility and scalability of NPBs are the foundation
of a smart, cost-effective defense strategy that combats
threats while maintaining high performance. This
monitoring-centric architecture embodies a proactive
defense that can locate and resolve threats while
minimizing consequences if a breach does occur.
Today, we are well positioned to gain the advantage,
fortifying the network to defend itself and to preserve
the integrity of the user experience.

REFERENCES
1. “OMG This Is So Cool! Pinterest Hack Feeds Spam to Twitter and 	
Facebook” by Paul Roberts, Naked Security, September 12, 2012
2. “What MPSs Can Learn from the Great Bitcoin Heist of 2013” by 	
Michale Brown, eFolder, November 11, 2013
3. “The Worst Data Breaches (so far)” by Ellen Messmer, NetworkWorld, 	
April 9, 2013
4. “24 million Zappos customers’ data hacked” by Bruce Tyson, Helium, 	
January 18, 2012
5. “Number of Adobe Accounts Hacked Now Up to 150M, Check Yours” 	
by DL Cade, PetaPixel, November 7, 2013
6. “Mobile Apps Take Data Without Permission” by Nicole Perlroth and 	
Nick Bilton, NY Times, February 12, 2012
7. “Hackers From China Resume Attacks on U.S.Targets” by David 	
E.Sanger and Nicole Perlroth, May 20, 2013
8. “A Quarter of Android Apps Pose High Risk to Security” by James 	
Dohnert, V3.co.uk, January 2013
9. “Security Firm Claims 99 Percent of Android Apps Open to Takeover” 	
by Michael Lee, ZDnet July 4, 2013
Net Optics, Inc.
5303 Betsy Ross Drive
Santa Clara, CA 95054
USA
+1 (408) 737-7777
twitter.com/netoptics
www.netoptics.com

Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.

Mais conteúdo relacionado

Mais de LiveAction Next Generation Network Management Software

Mais de LiveAction Next Generation Network Management Software (18)

Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...
Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...
Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...
 
Phantom Virtualization Tap Plus RSA NetWitness Add Up to Exceptional Gains in...
Phantom Virtualization Tap Plus RSA NetWitness Add Up to Exceptional Gains in...Phantom Virtualization Tap Plus RSA NetWitness Add Up to Exceptional Gains in...
Phantom Virtualization Tap Plus RSA NetWitness Add Up to Exceptional Gains in...
 
Cisco1000v Net Optics Solution Brief
Cisco1000v Net Optics Solution BriefCisco1000v Net Optics Solution Brief
Cisco1000v Net Optics Solution Brief
 
Infographic: Aim Straight at Your Application Performance Issues
Infographic: Aim Straight at Your Application Performance IssuesInfographic: Aim Straight at Your Application Performance Issues
Infographic: Aim Straight at Your Application Performance Issues
 
The New Intelligent Network: Building a Smarter, Simpler Architecture
The New Intelligent Network: Building a Smarter, Simpler ArchitectureThe New Intelligent Network: Building a Smarter, Simpler Architecture
The New Intelligent Network: Building a Smarter, Simpler Architecture
 
Security-Centric Networking
Security-Centric NetworkingSecurity-Centric Networking
Security-Centric Networking
 
Big Data is on a Collision Course With Your Network - Are You Ready?
Big Data is on a Collision Course With Your Network - Are You Ready?Big Data is on a Collision Course With Your Network - Are You Ready?
Big Data is on a Collision Course With Your Network - Are You Ready?
 
Is the Network Tap Mightier Than the Sword
Is the Network Tap Mightier Than the SwordIs the Network Tap Mightier Than the Sword
Is the Network Tap Mightier Than the Sword
 
The Secret to Surviving the Network Deluge
The Secret to Surviving the Network DelugeThe Secret to Surviving the Network Deluge
The Secret to Surviving the Network Deluge
 
Conquering Data Monitoring Challenges in the Realm of Derivatives Trading Sys...
Conquering Data Monitoring Challenges in the Realm of Derivatives Trading Sys...Conquering Data Monitoring Challenges in the Realm of Derivatives Trading Sys...
Conquering Data Monitoring Challenges in the Realm of Derivatives Trading Sys...
 
Lawful Interception in Virtual Environments
Lawful Interception in Virtual EnvironmentsLawful Interception in Virtual Environments
Lawful Interception in Virtual Environments
 
High-Availability Security Monitoring Using Bypass Switches
High-Availability Security Monitoring Using Bypass SwitchesHigh-Availability Security Monitoring Using Bypass Switches
High-Availability Security Monitoring Using Bypass Switches
 
What is a virtual tap?
What is a virtual tap?What is a virtual tap?
What is a virtual tap?
 
Tap Into the Health of Your Network
Tap Into the Health of Your NetworkTap Into the Health of Your Network
Tap Into the Health of Your Network
 
Load Balancing Monitoring Access - Solutions for Network Monitoring Access Pe...
Load Balancing Monitoring Access - Solutions for Network Monitoring Access Pe...Load Balancing Monitoring Access - Solutions for Network Monitoring Access Pe...
Load Balancing Monitoring Access - Solutions for Network Monitoring Access Pe...
 
Compliance Challenges in a Virtualized Environment
Compliance Challenges in a Virtualized EnvironmentCompliance Challenges in a Virtualized Environment
Compliance Challenges in a Virtualized Environment
 
Network Security in a Virtualized Environment
Network Security in a Virtualized EnvironmentNetwork Security in a Virtualized Environment
Network Security in a Virtualized Environment
 
Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...
Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...
Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...
 

Último

Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?SANGHEE SHIN
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum ComputingGDSC PJATK
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 

Último (20)

Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?Do we need a new standard for visualizing the invisible?
Do we need a new standard for visualizing the invisible?
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Introduction to Quantum Computing
Introduction to Quantum ComputingIntroduction to Quantum Computing
Introduction to Quantum Computing
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 

Inside the Outbreaks - Provision Your Network Against Threats

  • 2. ABOUT THE AUTHOR Bob Shaw, President and CEO, Net Optics Inc. As President and Chief Executive Officer of Net Optics since 2001, Bob Shaw is responsible for conceiving and implementing corporate vision and strategy to position Net Optics as the leading provider of intelligent access and monitoring architecture solutions in both physical and virtual environments. Under Shaw’s guidance, Net Optics has achieved consistent double-digit growth, launched more than 35 new products, acquired over 8000 customers, and expanded its global presence in over 81 countries. The company has been included in the elite Inc. 5000 list of highest performing companies four years in a row; won Best of FOSE honors; received the coveted Red Herring Top 100 North America Award for promise and innovation, the Best Deployment Scenario Award for Network Visibility, and many other accolades. Shaw’s leadership experience spans startups to Fortune 200 organizations, where he held Senior Vice Presidential executive positions. Shaw earned both a Bachelor of Arts degree in Business and a Bachelor of Science degree in Economics from Geneva College in Pennsylvania. Net Optics is a registered trademark of Net Optics, Inc. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged. Copyright 1996-2013 Net Optics, Inc. All rights reserved.
  • 3. 1 1 1 0 0 0 0 1 1 1 0 0 0 1 0 1 1 0 0 0 1 1 0 1 0 1 0 1 0 1 0 0 1 0 1 1 1 0 1 1 0 0 0 1 1 1 1 0 0 0 1 1 1 0 0 0 1 0 1 1 0 0 0 1 1 0 1 0 1 0 1 0 1 0 0 1 0 1 1 1 0 1 1 0 0 0 1 1 1 1 0 0 0 1 1 1 0 0 0 1 0 1 1 0 0 0 1 1 0 1 0 1 0 1 0 1 0 0 1 0 1 1 1 0 1 1 0 0 0 1 1 1 1 0 0 0 1 1 1 0 0 0 1 0 1 1 0 0 0 1 1 0 1 0 1 0 1 0 1 0 0 1 0 1 1 1 0 1 1 0 0 0 1 1 1 A MONITORING-CENTRIC ARCHITECTURE IS VITAL TO SUCCESS — AND SURVIVAL Protecting the network demands robust monitoring that is actually built into the network architecture. Ongoing network vulnerability invites attack and intrusion, putting data at constant risk, wasting resources and endangering the social fabric. Shocking revelations of governmental spying on private citizens and businesses open yet another front in the fight for data integrity. The overriding truth is that the technology for stealing data and eavesdropping is not only bounding ahead—it is already so widespread and available that practically anyone can obtain and use it.
  • 4. OUCH! The security industry has armed the network until it practically bristles, but mapping and managing these solutions is itself complex, which creates a new set of risks. A snapshot of recent attacks underscores the need for scalable, unbreakable network and applications. PINTEREST STICK AM SP KA-CHING: THE BITCOIN HEIST In a social engineering attack using email and password reset, $1.2 million of this popular digital currency, stored in the cloud, was stolen in two attacks four days apart. Total visibility would have allowed administrators to see whose files were invaded and when. Victimized users who had linked their Pinterest accounts to Twitter and Facebook found themselves trumpeting tweets and wall posts for smarmy work-at-home schemes to their friends. NERVOUS TWITTERS 2 3 1 3 “Extremely sophisticated” crooks may have gained access to 250,000 users’ email addresses, usernames, session tokens and passwords in February 2013. Twitter has reset passwords and revoked session tokens, hopefully not a token response to a massive attack. Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
  • 5. CRACKS IN ADOBE 4 PINCHING ZAPPOS 5 4 All the feet shopping the largest shoe selection on the planet couldn’t chase down the thief who hauled away details of 24 million customers, including their names and addresses, along with the last four digits of their credit cards and encrypted versions of their passwords. PA S SWORDS 5 After one of the decade’s worst hacks, the passwords of as many as 150 million users of Acrobat Reader and other Adobe apps may be up for auction on a global black market. The hackers can also distribute Adobe apps that appear genuine with nasty malware hidden inside. The cloud, which is itself rapidly evolving, needs better security solutions if it is to fulfill its potential. Managing networks with multiple IP domains has become a challenge, as services are increasingly hosted both on and off premises. We need granular, well-managed network and applications monitoring that covers power consumption, user behavior and anything else that affects security, stability and productivity.
  • 6. MONITORING WEARS THE WHITE HAT Organizations are realizing that robust monitoring is not only the core of a successful defense, it can actually prevent them from getting into trouble in the first place. Proactive monitoring and visibility avoid the cost, the waste, and the loss of customers that accompany a breach. Social media apps are creating some of the largest and highest impact vulnerabilities. Not surprisingly, Facebook emerges as a major target. In fact, a hacker cadre in Eastern Europe recently invaded Apple, Facebook and Twitter in hopes of gaining intellectual property to sell to the highest bidder. A major lawsuit 6 accused the developers of 20 apps, including Facebook, Foursquare, Yelp, Twitter, and the games Angry Birds and Cut the Rope of being gateways to theft. Apps can pummel your network Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
  • 7. Developers of popular mobile apps casually invade address books for names, phone numbers, email addresses, job titles and even birthdays from countless unaware users. Information hawked can fetch 60 cents to several dollars per contact. The lawsuit seeks not only to halt sneaky data har vesting but also to compensate injured parties and make an example of the perps. In another New York Times article 7, hackers from China (working for the People’s Liberation Army) set new bars for brazenness by resuming data thefts from American companies after three months of token silence following their exposure. U.S. officials had assumed, rather ingenuously, that a “naming and shaming” strategy would bring about a government crackdown. However, the hackers are now back on the attack from their twelve -stor y building in Shanghai. Victims include defense contractors like Lockheed Martin, who had contracts and blueprints stolen after a computer break-in. Coca-Cola was also a victim, as was the U.S. power grid via Schneider Electric, which maintains “detailed blueprints” on more than half the oil and gas pipelines in North America. If that is not nerve-wracking enough, think about 511,000 out of 2.3 million Android apps capable of churning out unauthorized payments and changing user settings.8 Such apps allow hackers to track user phone numbers, modify bookmarks, and inundate a user with pesky ads. According to a TrustGo report, 77 percent of all apps available in China had posed a high risk for security breaches as recently as 2012, and you maybe sure that figure has been revised upward by now. But even those unsettling calculations fall short of the reality, according to Bluebox Security, which claims that a full 99 percent of Android apps are open to takeover!9 A four-year-old flaw in app verification becomes a welcome mat allowing applications to be converted into trojans.
  • 8. HOW TO STAY AHEAD OF THE HAVOC Employee apps also open a major portal that hackers can come marching though into the workplace. The term “shadow apps” refers to applications—many of them personal—that employees download onto their own devices in the workplace, unbeknownst to the IT department. Also, video traffic from websites such as YouTube or Netflix can consume as much as half your corporate bandwidth! How do you handle that without chasing employees out the door? By giving your network the ability to monitor and prioritize traffic so that business applications always take precedence in bandwidth consumption over games and movies. Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
  • 9. DEFENSE IN DEPTH: MONITORING-CENTRIC ADVANCED SDN AND NPB TECHNOLOGY ARCHITECTURE GAINING A TRUE A monitoring-centric architecture with robust application awareness delivers quantifiable value in terms of security, performance, compliance and ROI. This architecture ensures that the right data gets to the right tools for accurate assessment and analysis with decisive resolution. Such an architecture is necessarily agnostic; a dynamic, standards-based and modular concept that offers the freedom to design the network using whatever resources best fit needs and budget. In fact, that architecture is now within reach, and it’s the advent of Software-Defined Networking (SDN) that makes it possible. Now, the increased visibility, intelligence, and agility of SDN is helping enterprises handle security threats, by increasing agility and encouraging automation. SDN, in conjunction with Network Packet Brokers (NPBs) can pull together a true Defense in Depth wherein strategies combine, cascade and join multiple security solutions to work in concert transparently. This approach is gaining traction with major vendors. Each component addresses specific risk factors and attack vectors. Network Packet Brokers can integrate multiple products and systems seamlessly so that multiple products can focus their combined strengths upon an attacking entity. This is the most effective way to provision the network with an advanced, available and agile defense.
  • 10. NETWORK PACKET BROKERS — THE PATH TO PEAK PERFORMANCE Network Layer Instrumentation and Tool Layer Visibility Layer Security Monitoring NETWORK PACKET BROKERS (NPB) Performance Monitoring SDN CONTROLLER Automated Provisioning Defense in Depth High Availability Centralized Management As networks and data centers scale, NPBs leverage network monitoring and security tools to control large, complex environments. Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
  • 11. SPEEDING THE RIGHT DATA TO THE RIGHT TOOLS An NPB such as a Network Montoring Switch lets the IT team’s security engineers aggregate and filter the data, then provide it instantaneously to the appropriate security tool. To optimize network defense, only actionable “data of interest” should go to these tools. Adding NBPs lowers the complexity of managing information suboptimally, while improving insight via total visibility. Now, and going forward, visibility is absolutely critical to obtaining accurate information about the state of the network and the threats it faces, from any source. SDN ENABLES A ROBUST, AGILE DEFENSE ARCHITECTURE SDN allows organizations to add applications more easily, streamline processes, reduce complexity, improve efficiency and provide a better user experience. By uncoupling the security/monitoring/switch control from the data planes (the control plane decides where traffic is sent, while the data plane actually forwards that traffic to the selected destination), administrators gain tighter control of network traffic flow than ever before and can shift traffic to performance management tools when they start to detect problems.
  • 12. BLOCKING THE ATTACKS When administrators can shape traffic with agility and precision from their centralized control consoles, they can quickly change rules to prioritize or even block packets particularly important in a cloud or multi-tenant environment. (Plus, they can manage traffic loads using economical off-the-shelf switches and conduct switching across multi-vendor hardware and ASICs.) A centralized control plane offers the freedom and flexibility to introduce new applications without the complexity of configuring individual devices. SDN enables the streamlined automation and provisioning of monitoring applications and tools based on real-time traffic behavior. It makes for end-to-end network monitoring with easy implementation and operation. Joining an SDN controller with Network Packet Brokers and a customer’s chosen security solutions creates a precise and agile threat defense. NPBs, with their ability to “chain” solutions, integrate multiple systems, and distribute traffic, provide the ideal means for a dynamic response. Under attack, such a defense lets administrators send orders redirecting data to forensics tools to expose and analyze the attack. Now networks can respond instantly to threats, as opposed to implementing a static series of behaviors. Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
  • 13. OPTIMIZING VISIBILITY FOR A PROACTIVE, POWERFUL DEFENSE Such capabilities as filtering and load balancing “supercharge” your defense strategy by ensuring that monitoring tools receive data in the most readable form and optimize their function. NPBs allow tighter, granular control of traffic thanks to a spectrum of sophisticated inline capabilities, including: FILTERING ACCESS It’s crucial that only “traffic of interest” be delivered to the tool for analysis. This avoids waste of CPU and memory on irrelevant data. NPBs ensure that data doesn’t get into the wrong hands, letting the IT team specify which users or groups have access, as well as logging who made changes and when. LOAD BALANCING Overburdened tools lay the network open to intrusion or failure. Load balancing keeps session data together and distributes the load among multiple tools. PACKET DE-DUPLICATION Removal of duplicate or redundant packets can increase tool productivity by 50 percent. MPLS STRIPPING Most tools cannot deal with MPLS-tagged packets. Stripping MPLS headers lets a tool perform its primary task of keeping data secure. AUTOMATION Automated provisioning lowers the need for manual configuration with its risk of error. It reduces network complexity and helps enable compliance. STANDARDIZATION Industry standards expand the universe of devices supportable by network tools without costly customization.
  • 14. PUT THE ADVANTAGE ON YOUR SIDE Ensure that your defense finds breaches instantly and quarantines packets Design all critical networks as HA (High Availability) so key links stay up and running while a breach is resolved. Use remote, edge and core monitoring tools to spot strange patterns of behavior and potential security breaches. 3 Watch virtual/ cloud servers. Very few virtual networks are even monitored, let alone watched by security tools. 4 Be aware that remote and edge locations are particularly vulnerable, since organizations generally concentrate security efforts on the core or data center. Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.
  • 15. The world of networking is one of ongoing revolution driven by technology innovation, by escalating user numbers, and by proliferating applications. However, along with this progress come unrelenting threats and outrageous attackers who will exploit any vulnerability they find to rob and disable businesses and personal users. To protect the network and its applications, a pervasive, proactive, scalable, and agile monitoring architecture is essential; one that provides total visibility from data center to remote end user. Now, the robust capabilities of SDN, combined with the flexibility and scalability of NPBs are the foundation of a smart, cost-effective defense strategy that combats threats while maintaining high performance. This monitoring-centric architecture embodies a proactive defense that can locate and resolve threats while minimizing consequences if a breach does occur. Today, we are well positioned to gain the advantage, fortifying the network to defend itself and to preserve the integrity of the user experience. REFERENCES 1. “OMG This Is So Cool! Pinterest Hack Feeds Spam to Twitter and Facebook” by Paul Roberts, Naked Security, September 12, 2012 2. “What MPSs Can Learn from the Great Bitcoin Heist of 2013” by Michale Brown, eFolder, November 11, 2013 3. “The Worst Data Breaches (so far)” by Ellen Messmer, NetworkWorld, April 9, 2013 4. “24 million Zappos customers’ data hacked” by Bruce Tyson, Helium, January 18, 2012 5. “Number of Adobe Accounts Hacked Now Up to 150M, Check Yours” by DL Cade, PetaPixel, November 7, 2013 6. “Mobile Apps Take Data Without Permission” by Nicole Perlroth and Nick Bilton, NY Times, February 12, 2012 7. “Hackers From China Resume Attacks on U.S.Targets” by David E.Sanger and Nicole Perlroth, May 20, 2013 8. “A Quarter of Android Apps Pose High Risk to Security” by James Dohnert, V3.co.uk, January 2013 9. “Security Firm Claims 99 Percent of Android Apps Open to Takeover” by Michael Lee, ZDnet July 4, 2013
  • 16. Net Optics, Inc. 5303 Betsy Ross Drive Santa Clara, CA 95054 USA +1 (408) 737-7777 twitter.com/netoptics www.netoptics.com Inside the Outbreaks: Provision Your Network Against the Growing Swarm of Threats.