Original Entry by : Tim Nichols
It seems that every vendor has their own definition of what a microburst is. As per normal, vendor’s definitions are heavily influenced by what they can and can’t measure. At the macro level there’s broad agreement that a microburst is a “short period of time when a burst of network traffic occurs that is significantly higher than normal” – but how shorter period of time and how much higher than normal are areas where opinions start to differ.
To make any sense of this question it’s important to understand what causes a microburst and what impact they can have on your business systems.
Posted in Financial Services, Low Latency Monitoring, Network visibility | No Comments » Read More
Original Entry by : Tim Nichols
PC World published an interesting article last week that explores the relationship between bandwidth, the cloud and business ROI. We’re increasingly finding ourselves pulled into cloud projects (both before they go live and after they’ve gone wrong) so we’ve had a chance to build up our own intelligence on the topic.
The basic premise of the PC World argument is pretty straightforward – cloud computing has the potential to deliver huge operational cost savings to organizations IF (and this is the big IF) they can get a handle on the bandwidth demands. Their argument is that cloud implementations are failing because organizations aren’t listening to the needs of the network and, as a result, are finding that their apps are failing to deliver acceptable levels of user experience, their back ups are timing out and their databases are getting out of synch.
Posted in Network visibility | No Comments » Read More
Original Entry by : Tim Nichols
Ten-gig networking has become mainstream a lot faster than anyone thought it would, largely driven by the tumbling cost of 10-gig ports. One of the communities that’s been caught napping in this price storm is the monitoring vendor community. Sure, every one of them has launched at least one ‘ten-gig capable’ system, but there are some serious questions as to whether they can really perform at 10Gbps. You only have to look at last quarter’s NSS labs results to see there’s a serious problem with scalability here.
Posted in Network visibility | No Comments » Read More
Original Entry by : Tim Nichols
The National Cyber Security Summit in London last week provided some real food for thought. It’s a conference that we’ve actively supported over the last two years as we passionately believe international collaboration is one of the keys to successfully addressing the challenge of national cyber security.
This year’s stand out speaker was Major General Jonathan Shaw, head of the defence cyber operations group at the MoD. The MoD have taken responsibility for allocating the UK governments 650 million pound investment in national cyber security infrastructure and are thus under the national microscope.
Posted in Cyber Security Monitoring | No Comments » Read More
Original Entry by : Tim Nichols
Booz Allen Hamilton recently produced an interesting research paper looking at the cyber threats faced by financial services. As an organisations focusing on vertical segments that have the fastest infrastructure and the most to lose if as and when it all goes wrong, it’ll be of no surprise that we’re very interested in banks.
Posted in Cyber Security Monitoring, Financial Services | No Comments » Read More
Original Entry by : Tim Nichols
Two contrasting studies have been published in the last few days that caught our attention
First, The Ponemon Institute published a piece of research that explores the true cost of a data breach, looking specifically at the impact on brands and company reputations. We’ve long been of the opinion that organisations radically underestimate the real cost of data leakage, and as a result tend to under invest in the tools to prevent, identify and remediate security issues, so it was fascinating to see an organisation attempt to quantify ‘true cost’.
Posted in Cyber Security Monitoring | No Comments » Read More
Original Entry by : Tim Nichols
We stumbled across an interesting blog post from Brian Krebs (KrebsonSecurity) this week titled APT: Persistence Pays Off that struck a chord with us. The blog argues that the safest way for an organisation to behave in today’s world is to assume that their security defenses have been breached and to operate accordingly. Brian argues that any organisation that doesn’t think that they’ve been breached isn’t paying close enough attention. It’s certainly an interesting perspective.
The article highlights the case of an international hedge fund that discovered (after a phone call from a friendly stranger) that they had at least 15 compromised PCs within their organisation and had absolutely no knowledge or visibility of the highly sensitive information that was leaking. The reality is that any company that has valuable intellectual property is a target for cyber attacks.
Posted in Cyber Security Monitoring | No Comments » Read More
Original Entry by : Tim Nichols
At the beginning of the month we were invited to participate in Mondo Visione’s panel discussion on trading market surveillance. It was a fascinating discussion with participants from Millennium IT, b-next and Katten Muchin Rosenman. You can watch key videos from the participants here.
Posted in Financial Services, Low Latency Monitoring | No Comments » Read More
Original Entry by : Tim Nichols
We’ve just announced the results of our 2011 Network Visibility Monitor and, in reality, the results really weren’t all that surprising. We’ve known for a while that corporations are struggling to get the levels of visibility that they need into their 10Gb/s network segments and are concerned that the tools that they’ve invested in may not be up to the job. What was surprising to us was just how bad things are and how vocal respondents were prepared to be.
Posted in Cyber Security Monitoring, General | No Comments » Read More
Original Entry by : Tim Nichols
We’re delighted today to announce the release of Endace Security Manager 6.0, the latest incarnation of our high-performance Network Intrusion Detection System
ESM 6.0 is an important release and, for the first time, sees SNORT move from being a native feature of OSm (our Operating System for Monitoring) into a virtual container on the Endace System. This means that ESM (which includes the SNORT image) will sit alongside third-party applications hosted in the Endace Application Dock. It of course retains its place as a core feature of our Application Suite which is included as part of the base configuration for all Endace Systems.
Over the last couple of years there has been much debate inside the community about the performance impact associated with ‘virtualising’ SNORT (as opposed to a running it natively) and the engineering team here in New Zealand have worked extremely hard to optimise our implementation. We are extremely pleased with the results and can announce that the impact on SNORT performance is officially ‘negligible’.
Posted in Cyber Security Monitoring | No Comments » Read More