Академический Документы
Профессиональный Документы
Культура Документы
management consoles and ensure all and services, and other 21st century n Use intelligent packet capture
tools work together to provide the technologies have created blind spots n Set policy and behavior thresholds
requisite visibility. that prevent full visibility. This makes n Employ security analytics
1
https://www.sans.org/reading-room/whitepapers/incident/incident-response-capabilities-2016-2016-incident-response-survey-37047
SPONSORED REPORT
Shutterstock.com
These advances make these threats and networking analyst at 451 Research, and prevention, these capabilities are as
potential breaches even more difficult is to develop and enforce policies to important as others required for network
to pinpoint. Internal network visibility determine who is on the network, who visibility outside the perimeter.
2
https://www.meritalk.com/insidejob
SPONSORED CONTENT
going dark, as the practice of pervasive example, the behavior pattern within FIND THE RIGHT PARTNERS TO
encryption is often called. One of the the network is more important than ever ENSURE DEFENSE IN DEPTH
biggest issues is dealing with the loss of before. It can provide more detailed Improving cybersecurity these days
the network traffic visibility necessary to information about the flow of information clearly requires a new approach. That
fully protect agency data and networks. For within the network, even though the approach must combine traditional cyber
example, the FBI has repeatedly voiced information is actually encrypted. technologies like deep packet inspection
concerns about how law enforcement is With the right technology, IT staff and next-generation firewalls with newer
sometimes less effective because it cant can analyze the packet metadata, or the innovations to help gain dimensional
interpret fully encrypted traffic. information collected from the network depth against the challenges of an ever
Besides the lack of visibility, pervasive about what is happening within the increasing world of pervasive encryption.
encryption is causing more organizations network. For example, an agency can Bringing these security technologies
to remain unaware of persistent and use technologies such as NetFlow or together into a comprehensive Defense
embedded cyber-attacks over long IPFIX to collect data from every network in Depth strategy is best achieved by
periods of time. One thing often thing component and send it in as information partnering with experienced information
leads to another. An innocuous event about actual network traffic to be analyzed. security companiesespecially those
leads to someone discovering something The intelligence of some of todays with specific government expertise.
odd, which leads to another layer of most advanced solutions can also With the right partners, agencies can
security concern. By the time an Incident analyze the IP address attached to the ensure theyre using the most advanced,
Response team is involved, the situation header of each packet and increase effective, cohesive solution possible.
is completely out of hand. tie that into security data being stored
Todays reality really requires elsewhere. Correlating that IP address
agencies to take a second look at whether to a wealth of information within the
their visibility is being impacted, says network can yield critical data, such as
Andrew Benhase, Principal Architect usernames, employee names, physical
with Cisco Systems. Such a high locations of devices, time of login,
percentage of traffic encryption today machine type, posture of the machine http://www.cisco.com/c/en/us/products/
can render some network security and detailed directory information. security/stealthwatch/index.html