Enterprise IT Watch Blog

April 20, 2010  7:00 AM

Going to Interop? Get ready to do your homework

Michael Morisy Michael Morisy Profile: Michael Morisy

I spoke with Interop’s general manager Lenny Heymann yesterday, and asked him straightforward what he recommend attendees do to make sure they get the most of the upcoming conference. His answer would send shivers down school boys’ spines everywhere: “Do your homework.” And while I was hoping for some secret path to networking enlightenment in Las Vegas next week (maybe a smoke-filled hotel backroom where Cisco, HP and ProCurve join hands to provide the be all, end all?) I suppose it’s solid advice, even if it’s not too inspiring. But I’d love to hear how you do your pre-conference homework, and what you’d like IT Knowledge Exchange to bring back when we venture forth with the SearchNetworking team next week to Las Vegas’ shiny sands and networking enlightenment.

Join in the discussion below, in the IT Knowledge Exchange member forums (and get your points!) or e-mail me directly at Michael@ITKnowledgeExchange.com. I’d love to hear from you, particularly if you’re going and would like me to throw some free swag your way in return for your own conference wisdom.

April 19, 2010  10:39 PM

Guide to the future of Enterprise-Class Networking

Michael Morisy Michael Morisy Profile: Michael Morisy

Earlier this month, Rivka Little, site editor for SearchNetworking, wrote a guest post about evolving networks and how  it’s no longer enough to move bits from one end of the tube to the other: Today’s networking professionals need to master virtualization while becoming captains of the cloud. The former is so new it’s not yet in my spell check yet and the latter’s so ill defined you might as well have “Make it so” as the modern networking professional’s prime directive.

What’s a poor bit jockey to do? We at IT Knowledge Exchange feel your pain, and so we’re trying to pull together the best resources to help keep you at the top of your game today with an eye towards what you’ll need to succeed tomorrow, kicking off with our in-depth, on the ground coverage of Interop Las Vegas.

IT Knowledge Exchange’s Interop Las Vegas 2010 Coverage

Also, be sure to check out SearchNetworking’s coverage on The Network Hub blog.

Enough learning, how about some doing.

The ultimate networking professionals toolbelt:

Wondering if you’re using the right tools to make your job as easy as possible? I asked the IT Knowledge Exchange community for their recommendation, and they responded with their top networking tools and utilities. Entries included:

  • Wireshark
  • TCPview
  • Tasklist

And many more. Read the blog post on building the ultimate network security and troubleshooting toolkit.

Frequently Asked Questions about Networking:

Still have unanswered questions? See what others are asking about networking or ask your own IT question in our forums!

For a deeper dive, we’ve picked out some top reading recommendations, including reader reviews from IT Knowledge Exchange community members and bloggers, to help you really understand that obtuse topic your project lead wants you to master by last Monday.

Books on Enterprise Networking:

Have another suggestion for this list? E-mail me at Michael@ITKnowledgeExchange.com or leave it in the comments.

Want to connect directly with experts? Read their blogs to hear straight from the horse’s mouth: The pioneers, chearleaders and critics of cloud computing are often just a click away, and we’ve helped to organize the best of the best.

Top Networking Bloggers:

The list is a work in progress, so leave a message in the comments if you know of a blog to add.

What else would make this guide useful to you? Let me know in the comments or e-mail me directly at Michael@ITKnowledgeExchange.com with any additions, corrections or suggestions.

April 16, 2010  10:27 AM

Frequently Asked Questions (FAQ) in Networking

Michael Morisy Michael Morisy Profile: Michael Morisy

As part of Networking Month on IT Knowledge Exchange, we’ve been highlighting networking questions in the community, and I thought it might be interesting to put together a FAQ on the most asked networking questions and most viewed questions:

April 15, 2010  6:20 AM

See All, Know All INSIDE Your Network: Security Situational Awareness

Guest Author Profile: Guest Author

Today’s guest post is from Pete Schlampp, vice president of marketing and product management at Solera Networks.

The Identity Theft Resource Center (ITRC), the organization that tracks data breaches, reports 211 data breaches so far in 2010, and 26 of these involve financial services companies. According to ITRC, many incidents actually occurred in 2009 but are just now being brought to light. Waiting weeks and months or longer to discover network breaches hardly seems acceptable. Even worse, the majority of these breaches involve an unknown number of records exposed. Why? Because there is no way to “replay the tape” and see exactly what was stolen or touched. Existing tools only record metadata and signature matches. Without good situational awareness we’re dealing with the equivalent of digital hearsay.

Demands for better situational awareness-knowing and seeing what’s happening inside the network-has led to new technologies and the commercialization of tools that increase the resolution of what can be seen and known by security engineers. Technically, the ability to record network traffic and carve it into perceptible chunks has been around for years. Ask a network troubleshooter about tcpdump and wireshark and they’ll gush like a carpenter over his favorite hammer. Network Forensics companies have taken these technologies and created more robust, accessible, and maintainable tools. At the same time, costs to store and process one hour of GigE network traffic has dropped from tens of thousands of dollars to hundreds in the past five years. The Network Forensics space is rapidly evolving and highly differentiated. Performance, scalability, and the analytical applications available can vary widely.

A recent survey indicates that many network security professionals don’t yet understand the need for Network Forensics and what it can do for them to provide situational awareness. Using security tools based on signatures developed to block known security threats or those based on a collection of metadata spewed off of “dumb” network devices, security engineers aren’t equipped to know even simple details like who is on the network; what applications are being used; and what content is being transferred. This lack of perception forces enterprises and government organizations into reacting to security threats instead of proactively policing their networks and stopping threats before damage can occur. Improved situational awareness can lead to better security and higher resiliency against the backdrop of increasingly advanced and persistent threats. As security engineers become enlightened through situational awareness, they know and see exactly what’s happening on the network and can control it.

Wikipedia defines situational awareness, or SA as “the perception of environmental elements within a volume of time and space, the comprehension of their meaning, and the projection of their status in the near future.” In the world of physical security, we think of SA as seeing, hearing, and otherwise sensing the world around us. Major advancements in SA came about with the advent of CCTV and the ability to remotely “see” what was happening, both live and in the past. On the network we’re not responding to incidents in real time because we’re neither able to see them nor have we been able to go back in time and replay events to understand the current situation better.

Without situational awareness, IT security teams respond to incidents in the same way a fire department responds to fires – a bystander calls up to report the problem. By far, the most typical way for an incident on the network to be discovered is by a third party or employee notifying IT that something strange has happened: for instance intellectual property has been found outside the network, a server is running slowly, or a bad actor is bragging about their success. The 2009 Verizon Business Data Breach Investigations Report finds that over 80% of network breaches are discovered either by third parties or by employees going about their regular work activities – not by our existing automated security devices. Because of this, incidents are discovered late, lack data and detail, and lead to higher costs to organizations, industries and individuals.

Network security teams that make the shift to improved situational awareness are empowered with the insight that true security comprises. Stop reacting to security issues and start seeing the problems and knowing what to do about them before an incident can become a network security issue. New tools, particularly network forensics appliances from companies like Solera Networks and our competitors, can reduce the occurrence of network breaches, augment understanding of network alerts and incidents, and enable security teams to recognize exactly what data may have been compromised, so they can proceed consciously and confidently to provide better security.

April 14, 2010  2:19 PM

Building the ultimate network security and troubleshooting utility belt

Michael Morisy Michael Morisy Profile: Michael Morisy

After writing about the importance of network forensics in securing your corporate front lines, I thought it might be helpful to pull together some of the top tools for actually helping protect and maintain your network. Have a suggestion to add to our list? E-mail me at Michael@ITKnowledgeExchange.com or update our community WikiContinued »

April 14, 2010  10:20 AM

Network forensics: Putting the CSI in Cisco

Michael Morisy Michael Morisy Profile: Michael Morisy

Networks are the corporate crime scenes of today. Just ask Google, TJX, or any one of the thousands of companies that have seen their networks turned against them. IT professionals need to step up their game when it comes to dusting for digital prints.

Fortunately, they’ve got a set of tools that (almost) makes CSI look amateur, and some of the best tools have fallen into the domain of networking professionals, according to Gartner’s John Pescatore (bio)

“We have a broader array of tools called data forensics, and one half of that is network forensics and the other half is computer forensics, which you can put on every PC and server. The network products have the major major advantage of it’s very expensive to put software on everybody’s PC and server, and people … can very often disable that software,” he told the IT Watch Blog recently in an interview. “The network tools are more widely used because of those advantages.”

Rather than watching every bit on every computer, network tools watch the choke points: They can see what users are downloading and uploading, e-mailing and IM’ing, and even record all that data for later playback, like a closed circuit television camera or omniscient network DVR.

But just like CSI, today most of the security lapses aren’t discovered until somebody turns up dead or, in corporate terms, the customers start complaining and stuff starts breaking.
Continued »

April 9, 2010  7:00 AM

The network evolution: Virtualization and the cloud force new strategies

Guest Author Profile: Guest Author

Today’s guest post comes from Rivka Little, site editor of SearchNetworking.com and my former colleague from my day’s in TechTarget’s networking group. I asked her if she’d be willing to write a guest post for this month’s look at all things networking, and she agreed, taking on challenging topic of how networks are going to matter as we enter the age of the cloud, virtualization and other technologies that promise to push IT out of the office. You can read more of Rivka’s reporting and analysis at The Network Hub blog.

The network has been forgotten. At least that seemed to be the case over the last couple of years amid the hubbub surrounding server virtualization and cloud computing.

But stark realities have brought the network back into focus. Server virtualization and cloud computing aim to dynamically deliver applications and data — provisioning and de-provisioning resources on demand. There is no doing that without a new kind of network.

Networking teams are no longer solely responsible for architecting, implementing, securing and managing LANs and WANs. Now they find themselves implementing unified data center fabrics that converge storage and data center networks so that applications can flow freely from its resting state through to the WAN and LAN.

Networking teams also find themselves responsible not only for routing and switching between physical machines, but deep within the server. They are managing traffic both within the server between virtual machines and among physical servers in multiple data centers.

This will eventually lead to the creation of virtualized network components that sit atop of physical switches and routers. Among SearchNetworking readers surveyed in 2009, 40% said managing virtualization would be a top priority for the networking team in 2010.

Networking pros will also use these virtualization management skills in building out cloud computing networks. Network architects find themselves building both private clouds and hybrid clouds that interconnect private data center resources with those in public facilities.

Among SearchNetworking members, 35% say their companies are considering building an internal cloud in 2010 while another 30 percent say their networking resources will be affected by supporting external cloud services.

The shift to the cloud model will require users to push intelligence away from the data center core and into the layers of the network. Enterprises will seek intelligent edge switches with baked in access control, security, visibility and management. Routers and switches will act as servers that have built-in application-specific firewalls and bandwidth management. This type of manageability will mean the ability to burst up and shrink down bandwidth according to application demand.

Finally, all this shifting in technology comes along with a serious change in culture for networking teams. More than ever before, IT organization silos are fading and networking, systems and storage teams are pressed to work together to enable unified fabrics, virtualization and cloud computing networks. As this transition occurs, networking pros will have to make their voices heard and claim their central role. That shouldn’t be too difficult as networking technology has already surfaced as the lifeline of these emerging technologies.

April 7, 2010  9:47 PM

The top technical books for networking professionals

Michael Morisy Michael Morisy Profile: Michael Morisy

Looking to boost your networking career, or simply bone up on the latest trends and topics in your field? You’ve come to the right place: I’ve polled analysts, authors, IT pros of all stripes and, of course, our very own member community.

Top reads so far (click the title for more information):

Continued »

April 1, 2010  7:00 AM

Your guide to the networking blogosphere

Michael Morisy Michael Morisy Profile: Michael Morisy

If the Internet really is a series of tubes, it’s network engineers who keep those tubes running. But how, exactly, do you keep it running today while keeping an eye on what you’ll need tomorrow? Get the experts’ opinions from our picks of the top networking blogs. Know of a great networking blog we’ve missed? Sound off in the IT Knowledge Exchange forums, where other IT professionals are chiming in with their thoughts.

Editorial Blogs

Independent/Analyst Blogs

User Blogs

Vendor(ish) Blogs

March 30, 2010  6:00 AM

SQL attacks come from the darndest places

Michael Morisy Michael Morisy Profile: Michael Morisy

SQL injection attacks are a constant thorn in the side of security practitioners, claiming the dubious distinction of being the attack vector for the largest U.S. ID theft case ever. And while tools are arriving on the scene to help businesses root out potential problems before the bad guys do, there’s plenty of attack vectors just waiting to be exploited. The latest case? An image floating around the web showing a, er, creative license plate cover designed to foil traffic cameras:

Will it work? Unlikely (see commentary on Gizmodo), but it’s a good reminder that attacks can come from the darnedest places. It’s also a nice throwback to the classic SQL injection comic from XKCD:

As if “smoker doors“, weaponized e-mail and your own PC weren’t enough to keep you worried.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: