How Can I Reduce Network Security Risk – Part 2
Step 2 of reducing network security risk is about finding intrusions on your network and quickly remediating those issues. The faster you find the problem, the safer you are. This is extremely important as the Ponemon Institute finds every year that it takes way too long to identify breaches on the network. For example, the 2021 Ponemon Institute Cost of A Data Breach report found that it took businesses an average of 287 days to identify and contain a data breach. This is over 2/3 of a year – which is plenty of time for a bad actor to find what they want and then exfiltrate that data.
While part 1 of the plan is to prevent as many intrusions as possible, SOMETHING is going to unfortunately make it past your defenses. Call it Murphy's law, call it Chaos Theory, call it whatever you want but something unpleasant is going to happen – whether you know it or not. This is when you need threat hunting activities.
However, for any threat hunting tool to be effective, it needs to see ALL of the data. Seeing part(s) of the data isn't good enough. The tool needs everything, or it will miss intrusions. This is why you need to deploy taps at critical points across your network and then aggregate and filter that content so that your security tools (IDS, DLP, SIEM, etc.) get exactly the right data at the right time so that they properly flag any anomalies or suspicious activities. The tap and packet broker combination give you the visibility you need so that your security tools are as successful as possible.
At the same time, you also need lossless visibility. You don't want to add just any packet broker. Depending upon their design, some packet brokers drop packets – i.e. they "lose" data. You could be missing up to 60% of your security threats and not even know it.
One fundamental reason is the way data is processed. A popular method is to use a CPU to process higher end data features, like deduplication. However, the CPU can become overloaded and drop packets, or miss certain types of data packets. This is where you need a packet broker that uses FPGA chips to process the data at line rate. This design decision becomes even more important as network speeds transition from 10GB to 40 and 100GB. Data loss at these speeds becomes a serious architecture vulnerability.
Rest assured, KEYSIGHT taps, bypass switches and NPBs provide the visibility and confidence you need that you are seeing EVERYTHING in your network - every bit, byte and packet. Once you have this level of visibility, threat hunting tools and security information and event management (SIEM) systems can proactively look for indicators of compromise (IOC).
- |
- +1 赞 0
- 收藏
- 评论 0
本文由董慧转载自Keysight,原文标题为:How Can I Reduce Network Security Risk – Part 2,本站所有转载文章系出于传递更多信息之目的,且明确注明来源,不希望被转载的媒体或个人可与我们联系,我们将立即进行删除处理。
相关研发服务和供应服务
相关推荐
Keysight‘s Taps, Bypass Switches, And NPBs Can Help Find Your Security Vulnerability Before Hackers
Keysight Technologies has taps, bypass switches, and NPBs provide the visibility and confidence you need that you are seeing EVERYTHING in your network. They can find your security vulnerability before hackers find it for you.
原厂动态 发布时间 : 2022-01-22
Keysight‘s TAPS and NPBs Meet NERC CIP Standards For Threat Visibility&Detection for Critical Infrastructure
The NERC Critical Infrastructure Protection (CIP) standards include regulatory elements that make collecting and archiving network traffic more important. This article introduces NERC CIP standards for threat visibility&detection for critical infrastructure.
原厂动态 发布时间 : 2022-03-26
Keysight Unveils Industrial Visibility Solutions for Electric Utility Market to Meet Monitoring Requirements Worldwide
Keysight announced a new series of Industrial Visibility solutions, which include a network packet broker and taps that enable electric utilities to meet North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) monitoring requirements.
原厂动态 发布时间 : 2021-10-25
What Can You Do to Strengthen Your Network?
This blog suggested a simple 3-point plan that can strengthen your network, Keysight offers many solutions that could be beneficial.
设计经验 发布时间 : 2022-03-08
Flex Tough Taps: Keysight Industrial Solutions DATA SHEET
型号- RK-TPAT-8TAP-T,TPT-MM-LC-OM1-70-4-T,955-0176,TPT-MM-LC-OM5-70-4-T,955-0175,TPAT-CU3-T
QUICK REFERENCE GUIDE TO TAPS
型号- 705-0014-001,IBPDUO-1X10-LR,TP-100-LR-85-60,IBP-8000,DUO-PWRAC,TPX-10-SR-50-60,TPVHD-100-LR-85-50,TP-PSM4-85-70-MTP,TP-1-SX-50-50,TPPCH-100-LR-85-70,TP-1-SX-50-90,IBP100G-DCPS,IBPVHD-CH-DC,RK-FLEX-ID-24,TPPCH-10-SR-50-70,DBM-250,TPVHD-10-SR-50-50,TPX-40-SR-50-50-MTP,IBPVHD-PWR-DC,MIBP100G-LR4,IBPDUO-1X10-SR,705-0012-0001,705-0012-001,DBM-100,RK-8V2-BPL,DUO10G-VHD-FAN-ASSY,TPVHD-100-LR-85-60,DBM-300,TPX-10-SR-50-50,I2BP-40G-SR-50-Q,TPX-40-SR-50-70-MTP,TP-1-SX-50-80,IBP100G-CH-AC,TP-100-LR-85-70,TPVHD-10-SR-50-60,TPX-40-SR-50-50-BD,IBPVHD-PWR-AC,RK-FLEX-24,IM-21-BYP,TPX-10-SR-50-80,TPPCH-100-LR-85-50,IBPDUO-2X10-SR,TP-1-SX-50-70,TPVHD-100-LR-85-70,IBP100G-CH-DC,LIC-IM-21-AR,TPPCH-10-SR-50-50,TPX-100-SR-50-50-MTP,TP-100-LR-85-80,TPVHD-10-SR-50-70,IBP-8000-DC,IBPDUO-2X10-LR,RK-8V2,TP-100-LR-85-50,TP-40-SR-50-70-MR4,RK-FLEX-8,IBP100G-ACPS,TPS-100-LR-85-50,TPX-10-SR-50-70,MIBP100G-SR4,TP-1-SX-50-60,IM-21-BATT,DBM-200,MTP-SM-Y- CBL,IBP100G-FAN-ASSY,TP-100-LR-85-90,IBPVHD-CHONLY-AC,TPX-100-SR-50-70-MTP,IBPVHD-CH-AC
Keysight(是德科技)网络可视化产品选型指南
目录- Network Visibility Products Introduction Network Packet Brokers Bypass Switche Network Taps Cloud Visibility Visibility Central Management
型号- VISION EDGE OS,VISION 400,VISION EDGE 1S,VISION EDGE 10S,VISION EDGE 100,IBYPASS 100G,VISION 7816,VISION EDGE 40,VISION X,VISION ONE,VISION E400S,IBYPASS VHD,IBYPASS DUO,TRADEVISION,IBYPASS 4 COPPER
Ixia Flex Taps TECHNICAL OVERVIEW
型号- TP-PACK-24-SM70,RK-FLEX-24,TP-PACK-24-SM50,TP-PACK-16-MM70,TP-100-LR-85-60,TP-PACK-16-SM70,TP-1-SX-62-80,TP-PACK-16-SM50,TPX-10-SR-50-80,TPX-10-SR-50-60,OS1,TP-1-SX-50-70,TP-1-SX-50-50,OS2,OM1,TP-1-SX-50-90,OM3,OM2,OM4,TPX-100-SR-50-50-MTP,TPX-40-SR-50-50-MTP,TP-1-SX-62-60,TP-100-LR-85-80,TP-100-LR-85-50,TP-1-SX-62-70,TP-1-SX-62-90,TPX-10-SR-50-70,TPX-10-SR-50-50,TP-1-SX-50-60,TPX-40-SR-50-70-MTP,TP-1-SX-50-80,TP-PACK-24-MM50,TP-PACK-24-MM70,TP-100-LR-85-90,TP-1-SX-62-50,TPX-40-SR-50-50-BD,TP-PACK-16-MM50,TP-100-LR-85-70,TPX-100-SR-50-70-MTP
Ixia Copper Taps DATA SHEET
型号- RK-3V2-BPL,TP-CU3-ZD,PWR12-350-8L,TP-CU3-ZD-DC,RK-3V2,RK-12V2,TP-CU3-ST
现货市场
服务
提供是德(Keysight),罗德(R&S)测试测量仪器租赁服务,包括网络分析仪、无线通讯综测仪、信号发生器、频谱分析仪、信号分析仪、电源等仪器租赁服务;租赁费用按月计算,租赁价格按仪器配置而定。
提交需求>
配备KEYSIGHT网络分析仪,可测量无线充电系统发射机/接收机线圈的阻抗,电感L、电阻R、电感C以及品质因数Q,仿真不同充电负载阻抗下的无线充电传输效率。支持到场/视频直播测试,资深专家全程指导。
实验室地址: 深圳 提交需求>
授权代理品牌:集成电路
授权代理品牌:分立元件
授权代理品牌:接插件及结构件
授权代理品牌:部件、组件及配件
授权代理品牌:电源及模块
授权代理品牌:电子材料
授权代理品牌:仪器仪表及测试配组件
授权代理品牌:电工工具及材料
授权代理品牌:机械电子元件
授权代理品牌:加工与定制
我要提问
登录 | 立即注册
提交评论