by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : January and February 2017
The idea of government employees or contractors accessing sensitive data or deliberately halting network operations may seem unbelievable. But it happens—and it happens quite frequently. A 2015 report from Meritalk2 found 45 percent of agencies experienced insider threats and almost 30 percent lost data as a result of those incidents. Of course, not all those incidents are deliberate. Some happen simply because users fail to follow approved policies, leading to breaches like using unsecured connections and clicking on malicious links. Recent years have seen an explosion of technologies like cloud, mobility and sensors, along with the push toward digital government and virtualization. These advances make these threats and potential breaches even more difficult to pinpoint. Internal network visibility is critical, yet the Meritalk study found nearly half of agencies can’t tell how or if a document has been inappropriately shared and about one-third can’t tell what data has been lost. The key, says Jim Duffy, senior networking analyst at 451 Research, is to develop and enforce policies to determine who is on the network, who is allowed to be on the network, what devices are allowed on the network, and specific role-based access for users and groups of users. “The IT department has to be able to notice if someone is trying to get into an area of the network they aren’t authorized to get into, or that packets coming from a certain destination are trying to infiltrate a specific IT device like a server or another switch, or that somebody has brought in a rogue program and is trying to introduce it onto the network,” says Duffy. Network monitoring tools—especially those providing lateral (east-west) visibility and behavioral anomaly detection—are critical to protecting the network within the perimeter. For insider threat detection and prevention, these capabilities are as important as others required for network visibility outside the perimeter. Shutterstock.com The Challenge of Insider Threats Some of the greatest network threats come from within an agency. CHANGING PRIORITIES AND TECHNOLOGIES have made full network visibility more difficult than ever before. Here are four areas in which the tools and processes have advanced significantly. Improved Packet Capture, Store and Analysis: Imagine your network was breached 20 minutes ago. Wouldn’t it be useful if you could go back in time 20 minutes to examine what happened, find the root cause, fix the problem, and better prepare for the next event? Today’s packet capture tools can do just that. Think of these tools as a “network visibility DVR.” They can capture and analyze network traffic, and provide valuable statistics and other information to help you drill down to find root cause of events. Better Network Instrumentation: The types of instrumentation organizations use to monitor network state, performance, traffic, usage and devices on the network varies dramatically. It typically includes some combination of agents and probes. Recent advances in instrumentation now help you monitor virtual environments much like physical environments. This is especially useful for workloads in the cloud—something that has been virtually impossible until recently. More Robust Packet Brokers: Today’s network packet brokers—basically watchdogs that distribute the right data to the right tools—are evolving to address today’s issues, such as virtualization, increases in network speed, and the bi-directional information flow. Modern packet brokers can also eliminate redundant data while retaining original data packets; perform deep packet inspection, SSL decryption and data masking. Streaming Analytics: Like big data analytics, these solutions analyze large amounts of information from multiple sources—and they do so in real time. They can monitor live network traffic as it flows. In some cases, they can also replace—or at least augment—SNMP polling. With the ability to monitor network traffic in real time, streaming analytics can serve as the basis for real-time analysis and action. ADVANCES IN NETWORK VISIBILITY TECHNOLOGIES 2 https://www.meritalk.com/insidejob GameChanger SPONSORED REPORT IMPROVE CYBERSECURITY WITH NETWORK VISIBILITY NETWORK VISIBILITY FOR COMPLEX NETWORKS
November and December 2016