Last Thursday I enjoyed speaking at the winter CloudCon Israel conference. Net Optics partner in Israel RDT was supporting me with a team demonstrating at the expo booth. The conference was arranged by @fogelmania with a very large number of attendees. The day was very cloudy, one of those rare true winter days (see picture). It was a natural setup for a cloud conference.
Several days ago Jon Oltsik posted a blog regarding network security monitoring, explaining that some of the missing components for identifying and combatting sophisticated attacks in progress are “Granular detail about the network -- network behavior, payload analysis, packet analysis, application-layer analysis, network performance, etc. from layers 2 through 7 of the OSI stack.”
I cannot agree more. At Net Optics we categorize “granular detail about the network” as Network Intelligence: set of technologies that builds on the concepts and capabilities of network monitoring and network traffic monitoring: Packet Capture, Deep Packet Inspection (DPI) and Business Intelligence (BI). Network Intelligence examines IP data that cross communications networks by identifying the protocol elements used and extracting packet content and metadata for analysis of data relationships and communications patterns.
Network Intelligance requires Network Monitoring which requires Network Traffic Monitoring. Network Security monitoring is a subset of Network Intelligance.
Network Intelligence is critical for many applications and use cases including security. It can be used to capture and feed information for security and compliance, network management and instrumentation, bandwidth management, traffic shaping, policy management, lawful interception and more. It is currently being incorporated into a wide range of applications by vendors who provide technology solutions to enterprises, Communications Service Providers (CSPs), governments and even SMB.
In Jon’s opinion, network monitoring pure-plays like Net Optics “are missing a big opportunity if they don't look long and hard at a network security monitoring play”. I don’t completely agree and here’s why:
The ability to provide Network Intelligence and actionable information / analytics requires many capabilities, each at high level of sophistication that can be found with multiple technologies: wire speed tapping (inline or out of band), supporting multiple types of traffic in wirespeed, ensuring data integrality and 100% visibility just to name several challenges within the first two layers of the ISO model. Then there’s a need to construct streams, follow the flows, filter and strip, DPI and deduplicate etc. In other words, there are many requires that need to be met and challenges that should be mastered.
At Net Optics, our mission is to deliver total visibility of network traffic. Obviously, we must meet the requirements that I mentioned above but there’s always a need for best of breed, well-specialized solution providers. The network Intelligence vendors provide the following applications, by leveraging Net Optics capabilities technology and solutions:
- Network Problem Determination and Analysis
- Accounting / Traffic Report Generation / Usage-based Billing
- Security / Intrusion Prevention & Detection
- Service Assurance and Service Level Monitoring (SLM)
- Network and Capacity Planning
- Lawful Interception (LI)
I'm sure that we will continue to see solution convergence, but at as the solution requirements of Network Security Monitoring, Network Traffic Monitoring and Network Monitoring are becoming more specific and difficult, we will see specialized vendors focusing on those areas. We will continue to partner with those vendors, solving challenges of Network Traffic Monitoring, 1G->10G->40G->100G migration and load balancing with total visibility.
Advances in military technology have long contributed to technological innovation in the civilian workplace and in our everyday lives. Whether it is something as wide-reaching and landscape-altering as the World Wide Web, or a daily consumer convenience like GPS systems in our cars, technologies funded by and created for the armed forces are often a step ahead of what’s next for the rest of us.
No greater case can be made for the intersection of these two worlds than security. Just as matters of national security must be safeguarded against intrusion, businesses large and small depend on equally stringent security measures to keep the personal and private data of millions safe from cyber-attack. Compliance is the word of the day. The government is cracking down on businesses that don’t properly protect their customers’ information – and rewarding those that do.
Senator Richard Blumenthal of Connecticut recently introduced the Personal Data Protection and Breach Accountability Act, which proposes the introduction of regulations imposed on companies that store online data for more than 10,000 people. Companies that don’t adhere to the proposed guidelines could be subject to prison time, customer litigation or a hefty $1M fine. Conversely, medical practices and electronic medical record hosting providers that comply with HIPAA regulations, for example, are entitled to stimulus funds.
As organizations move their data to cloud and virtual environments, network security is rapidly becoming the most important piece of the compliance puzzle. The Net Optics Phantom Virtual Tap, which will be on display at MilCom this week, is a digital bodyguard, watchfully surveying the new, virtual world our data lives in. Visibility into network traffic and the ability to monitor that traffic closely is the building block of a truly secure network.
If you’re planning to be in attendance, come visit Net Optics and see the Phantom Virtual Tap for yourself at booth #1315. We’d also like to know what your greatest cloud and virtual network security concerns are. Keep an eye on the blog for information about and links to our network security survey later this week.