Blogosphere


Network Security: 5 Key Questions a True Solution Should Address

posted Dec 2, 2010, 2:47 AM by Marc Delongie

    Over half of the industries linked to national security have suffered cyber attacks on their networks, according to a new Symantec study. Yet only one-third of critical industries "feel extremely prepared" for cyber-related attacks. 71 percent of network security operations managers said that their companies have inadequate cyber security protection, according to another recent report.

 Why is this? The truth is IDS/IPS systems and other security solutions fail to provide network engineers with the details they need to locate and correct the source of an attack. Without detailed network analysis, security solutions are incomplete. A network recorder is one of the most common tools used today to record all the data throughout a cyber attack. With this approach, post-event analysis exposes the attacker, method, and damage.

 Firewalls and other perimeter defenses do not provide enterprise networks with the protection they need from viruses, DoS attacks, and other forms of malware. Especially in the age of mobile users, laptops, and wireless networking, the danger facing networks often comes from the inside.

 The recent Stuxnet worm showed it is possible for attackers to carry out a "first strike" through a cyber attack. With the entire attack recorded, organizations are more likely to prevent similar attacks from happening in the future.

 Here are five key questions a true cyber security solution should address:

 

  1. Who was the intruder?
  2. How did the intruder penetrate security?
  3. What damage has been done?
  4. Did anything get left behind?
  5. Did you capture sufficient information to effectively analyze and reproduce the attack?
While data recorders will not prevent a zero-day cyber-attack, the information they provide can lead to an informed and efficient security posture within an organization. It is more important than ever that organizations arm themselves with knowledge about cyber security and specific solutions before they become the next victim of a malicious attack.

Why Apdex

posted Nov 29, 2010, 1:33 AM by Marc Delongie   [ updated Nov 29, 2010, 1:37 AM ]

Network management needs an agreed-upon standard to reflect the level of satisfaction of the end-user for their experience with everyday applications. One of the emerging terms to describe this is Quality of Experience or QoE. As reflected in polls and articles in CIO and other such publications, managers are looking for better methods to quantify and improve IT2. The myriad of metrics provided by various measurement tools must be prioritized and understood according to the application’s business value.
Often ignored and buried behind the “transactions per second” numbers are the customers for our applications – human beings! Are they generally happy or upset? Have they become so accustomed to such poor responsiveness that it goes unreported while productivity suffers? Can our network and application subsystems (servers, databases, switches, and other infrastructure) react fast enough to keep up with more experienced users?
We need to be able to measure the user experience in a consistent manner. We can do this by sorting through the numbers we already have in a new way, or deploying next generation application performance monitoring (APM) tools that take measurements, even if they are proprietary, and then output a well understood industry-wide performance reporting metric. Apdex normalizes the various metrics already available into a single number from 1 to 0 that reflects end-user satisfaction ranging from satisfied to tolerating to frustrating. Anything less than satisfied can lead to loss in productivity and from there, the network analyst, be it an engineer or manager, must identify the probable cause.
The emerging tools that provide Apdex information gather performance data in a variety of ways – from agents embedded in the client to packet-shaping appliances to pro-active testing, to packet capture.

Support for Video Conferencing

posted Nov 26, 2010, 1:05 AM by Marc Delongie

Article from NetworkWorld


We are on the cusp of a leap forward in the ability of session border controllers (SBCs) to support real-time, business-to-business (B2B) video conferencing and telepresence in addition to VoIP. An SBC's job is to control the signaling and media streams needed to set up, conduct, and end telephone calls--and other forms of interactive media "calls".We recently interviewed four SBC vendors to gather their views on the issues and time line for SBCs to support video conferencing "calls" in the same flexible way they support VoIP today. The upshot is that supporting video conferencing is complex, but vendors are working on it and plan to be ready when B2B videoconferencing catches on.

We interviewed representatives from Metaswitch, Acme Packet, Edgewater Networks, and Ingate. Tori Downes of Metaswitch told us of their support for video conferencing: "We are implementing now for deployment soon." Tori's view is that customers are not yet clamoring for B2B video conferencing support, but she thinks the demand is growing, and believes Metaswitch's SBC lineup will be ready for the anticipated need.

Video conferencing traffic behavior and requirements are more complex and place more demands on the network than VoIP.

In contrast to a single stream per voice call, video conferencing sessions can involve two or three streams delivering a mix of video, audio, and data. There are issues of conference registration and virtual room creation, far-end camera and presenter control, NAT firewall traversal, and QoS--and transcoding is often required to convert from one video format to another. Also, video conferencing is bandwidth intensive, and to prevent video traffic from consuming more bandwidth than needed, video flow rates should be configurable across the network to match the destination data rate near the source in a process called trans-rating.

This long list of functions can, and in some cases will, live within an SBC.

Typical of new technologies, video conferencing vendors use a plethora of solutions and standards that do not interoperate. This is a problem and an opportunity for SBC vendors, who can turn their devices into havens of interoperability, for example between H.323 and SIP protocols. This interoperability is especially important in environments that support end points using many vendor solutions.

Standards bodies like the SIP Forum are working to drive commonality, but Ingate's Steve Johnson, a SIP Forum member, warns that if these efforts drag, "it will be the Wild West for a long time." Given the slow speed with which standards bodies historically operate and markets gravitate to standards, SBC vendors who can offer interoperability may be ahead of the game in multivendor environments.

SBC vendors who aim to support the emerging market for inter-enterprise video conferencing and video conferencing within enterprises sporting multi-vendor video conferencing deployments should be working overtime to build features that will make life easy for customers. Vendors serving enterprises with homogeneous video conferencing solutions need not peddle hard to support a variety of scenarios.

Jonathan Zarkower of Acme Packet predicts that due to the innate complexity of video conferencing: "Hosted service providers will play a bigger role for video than they did for voice. We will see network-based services to facilitate interworking, and also federating to manage bandwidth use, integrate presence, and match the right pipes with bandwidth requirements."

So stay tuned--innovation is afoot among SBC vendors who support video conferencing.

Latest Project

posted Nov 25, 2010, 11:45 PM by Marc Delongie

The latest project is somewhat different from the others I've done. We decided to start and fund a project of our own. This does not mean that we don't take on other projects, but my focus will be slightly shifted. The project is called Byond Network. Although I have to correct myself immediately, it is not a real project, because that one project has a begin and no end. And I haven't plan an end yet; I'm not planning to do it either.

Byond Network is -as it name suggest- build around the Network. I still love this quote from Scott McNeally:" The Network is the Computer". We take the Network as the medium to work on and with that we will solve different problems that companies struggle with: in the first place application performance, network troubelshooting, VOIP and VIOIP analysis, and more. We have also the opportunity to resell a product in the BeLux that is one of the tools we use in our consultancy.

At this very moment I don't have access to the new site, but this will not take long... stay tuned...

1-4 of 4