How Can I Reduce Network Security Risk – Part 2

时间： 2022-03-03 来源：Keysight

技术问答

选型帮助

研发客服

商务客服

Step 2 of reducing network security risk is about finding intrusions on your network and quickly remediating those issues. The faster you find the problem, the safer you are. This is extremely important as the Ponemon Institute finds every year that it takes way too long to identify breaches on the network. For example, the 2021 Ponemon Institute Cost of A Data Breach report found that it took businesses an average of 287 days to identify and contain a data breach. This is over 2/3 of a year – which is plenty of time for a bad actor to find what they want and then exfiltrate that data.

While part 1 of the plan is to prevent as many intrusions as possible, SOMETHING is going to unfortunately make it past your defenses. Call it Murphy's law, call it Chaos Theory, call it whatever you want but something unpleasant is going to happen – whether you know it or not. This is when you need threat hunting activities.

However, for any threat hunting tool to be effective, it needs to see ALL of the data. Seeing part(s) of the data isn't good enough. The tool needs everything, or it will miss intrusions. This is why you need to deploy taps at critical points across your network and then aggregate and filter that content so that your security tools (IDS, DLP, SIEM, etc.) get exactly the right data at the right time so that they properly flag any anomalies or suspicious activities. The tap and packet broker combination give you the visibility you need so that your security tools are as successful as possible.

At the same time, you also need lossless visibility. You don't want to add just any packet broker. Depending upon their design, some packet brokers drop packets – i.e. they "lose" data. You could be missing up to 60% of your security threats and not even know it.

One fundamental reason is the way data is processed. A popular method is to use a CPU to process higher end data features, like deduplication. However, the CPU can become overloaded and drop packets, or miss certain types of data packets. This is where you need a packet broker that uses FPGA chips to process the data at line rate. This design decision becomes even more important as network speeds transition from 10GB to 40 and 100GB. Data loss at these speeds becomes a serious architecture vulnerability.

Rest assured, KEYSIGHT taps, bypass switches and NPBs provide the visibility and confidence you need that you are seeing EVERYTHING in your network - every bit, byte and packet. Once you have this level of visibility, threat hunting tools and security information and event management (SIEM) systems can proactively look for indicators of compromise (IOC).

发送到邮箱 |
+1 赞 0
收藏
评论 0
| 转发至：

本文由董慧转载自Keysight，原文标题为:How Can I Reduce Network Security Risk – Part 2，本站所有转载文章系出于传递更多信息之目的，且明确注明来源，不希望被转载的媒体或个人可与我们联系，我们将立即进行删除处理。

全部评论（0）

暂无评论

Keysight‘s Taps, Bypass Switches, And NPBs Can Help Find Your Security Vulnerability Before Hackers

Keysight Technologies has taps, bypass switches, and NPBs provide the visibility and confidence you need that you are seeing EVERYTHING in your network. They can find your security vulnerability before hackers find it for you.

厂牌及品类发布时间 : 2022-01-22

Keysight‘s TAPS and NPBs Meet NERC CIP Standards For Threat Visibility＆Detection for Critical Infrastructure

The NERC Critical Infrastructure Protection (CIP) standards include regulatory elements that make collecting and archiving network traffic more important. This article introduces NERC CIP standards for threat visibility＆detection for critical infrastructure.

厂牌及品类发布时间 : 2022-03-26

Keysight Unveils Industrial Visibility Solutions for Electric Utility Market to Meet Monitoring Requirements Worldwide

Keysight announced a new series of Industrial Visibility solutions, which include a network packet broker and taps that enable electric utilities to meet North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) monitoring requirements.

厂牌及品类发布时间 : 2021-10-25

Keysight（是德科技） 75-Ohm 射频微波测试附件技术资料

型号- 85036E

商品及供应商介绍 - KEYSIGHT - 2016年05月13日 PDF 英文下载

Total Visibility Anywhere Network TAPs provide the details that SPAN ports don't

技术文档 - KEYSIGHT - 10-17-19 PDF 英文下载

Flex Tough Taps: Keysight Industrial Solutions DATA SHEET

型号- RK-TPAT-8TAP-T,TPT-MM-LC-OM1-70-4-T,955-0176,TPT-MM-LC-OM5-70-4-T,955-0175,TPAT-CU3-T

数据手册 - KEYSIGHT - September 21, 2021 PDF 英文下载

What Can You Do to Strengthen Your Network?

This blog suggested a simple 3-point plan that can strengthen your network, Keysight offers many solutions that could be beneficial.

设计经验发布时间 : 2022-03-08

QUICK REFERENCE GUIDE TO TAPS

型号- 705-0014-001,IBPDUO-1X10-LR,TP-100-LR-85-60,IBP-8000,DUO-PWRAC,TPX-10-SR-50-60,TPVHD-100-LR-85-50,TP-PSM4-85-70-MTP,TP-1-SX-50-50,TPPCH-100-LR-85-70,TP-1-SX-50-90,IBP100G-DCPS,IBPVHD-CH-DC,RK-FLEX-ID-24,TPPCH-10-SR-50-70,DBM-250,TPVHD-10-SR-50-50,TPX-40-SR-50-50-MTP,IBPVHD-PWR-DC,MIBP100G-LR4,IBPDUO-1X10-SR,705-0012-0001,705-0012-001,DBM-100,RK-8V2-BPL,DUO10G-VHD-FAN-ASSY,TPVHD-100-LR-85-60,DBM-300,TPX-10-SR-50-50,I2BP-40G-SR-50-Q,TPX-40-SR-50-70-MTP,TP-1-SX-50-80,IBP100G-CH-AC,TP-100-LR-85-70,TPVHD-10-SR-50-60,TPX-40-SR-50-50-BD,IBPVHD-PWR-AC,RK-FLEX-24,IM-21-BYP,TPX-10-SR-50-80,TPPCH-100-LR-85-50,IBPDUO-2X10-SR,TP-1-SX-50-70,TPVHD-100-LR-85-70,IBP100G-CH-DC,LIC-IM-21-AR,TPPCH-10-SR-50-50,TPX-100-SR-50-50-MTP,TP-100-LR-85-80,TPVHD-10-SR-50-70,IBP-8000-DC,IBPDUO-2X10-LR,RK-8V2,TP-100-LR-85-50,TP-40-SR-50-70-MR4,RK-FLEX-8,IBP100G-ACPS,TPS-100-LR-85-50,TPX-10-SR-50-70,MIBP100G-SR4,TP-1-SX-50-60,IM-21-BATT,DBM-200,MTP-SM-Y- CBL,IBP100G-FAN-ASSY,TP-100-LR-85-90,IBPVHD-CHONLY-AC,TPX-100-SR-50-70-MTP,IBPVHD-CH-AC

快速参考指南 - KEYSIGHT - Rev C - 2020/08/29 PDF 英文下载

Federal Agency Fortifies Its Network Against Cyberattacks

型号- VISION ONE,VISION ONE SERIES

成功案例 - KEYSIGHT - July 30, 2020 PDF 英文下载

Keysight（是德科技）网络可视化产品选型指南

目录- Network Visibility Products Introduction Network Packet Brokers Bypass Switche Network Taps Cloud Visibility Visibility Central Management

型号- VISION EDGE OS,VISION 400,VISION EDGE 1S,VISION EDGE 10S,VISION EDGE 100,IBYPASS 100G,VISION 7816,VISION EDGE 40,VISION X,VISION ONE,VISION E400S,IBYPASS VHD,IBYPASS DUO,TRADEVISION,IBYPASS 4 COPPER

选型指南 - KEYSIGHT - December 15, 2022 PDF 英文下载

Why integrated bypass switches should not be used within an NPB for inline deployments？

Bypass Switches are in-line devices that provide fail-safe protection for in-line security and monitoring devices. Keysight offers products to support requirements for high availability, failure modes, speeds, and different media types.

设计经验发布时间 : 2021-11-28

Leading Healthcare Provider Eliminates Millions in HIPAA Compliance Fines with Keysight Security Visibility Fabric

型号- VISION ONE

成功案例 - KEYSIGHT - July 6, 2022 PDF 英文下载

Ixia Flex Taps TECHNICAL OVERVIEW

型号- TP-PACK-24-SM70,RK-FLEX-24,TP-PACK-24-SM50,TP-PACK-16-MM70,TP-100-LR-85-60,TP-PACK-16-SM70,TP-1-SX-62-80,TP-PACK-16-SM50,TPX-10-SR-50-80,TPX-10-SR-50-60,OS1,TP-1-SX-50-70,TP-1-SX-50-50,OS2,OM1,TP-1-SX-50-90,OM3,OM2,OM4,TPX-100-SR-50-50-MTP,TPX-40-SR-50-50-MTP,TP-1-SX-62-60,TP-100-LR-85-80,TP-100-LR-85-50,TP-1-SX-62-70,TP-1-SX-62-90,TPX-10-SR-50-70,TPX-10-SR-50-50,TP-1-SX-50-60,TPX-40-SR-50-70-MTP,TP-1-SX-50-80,TP-PACK-24-MM50,TP-PACK-24-MM70,TP-100-LR-85-90,TP-1-SX-62-50,TPX-40-SR-50-50-BD,TP-PACK-16-MM50,TP-100-LR-85-70,TPX-100-SR-50-70-MTP

商品及供应商介绍 - KEYSIGHT - June 26, 2020 PDF 英文下载