Ping is one of those protocols that no one thinks about until it isn’t working and you’re trying to quickly troubleshoot connectivity between devices. Officially known as ICMP, ping is one of the older RFCs and is most used for its echo requests and replies for troubleshooting networks. Some administrators simply block all ICMP everywhere on their network. Is this for everyone? Is this necessary? With everyone’s network having its own constraints and security policies, hopefully this post can provide some insight into the thought process behind monitoring for ping.
Read moreBlog
How to improve response time for life-critical network events with Plixer Scrutinizer
The healthcare industry has been on red alert for more than a year now. Workloads have doubled and the amount of time required to maintain the network is in direct relation with this trend. Now, more than ever, beyond-perfect response times are a requirement, otherwise lives are on the line. Plixer’s healthcare customers use Scrutinizer to ensure they have a constant, real-time source of truth for the most common and most frustrating issues. This blog will focus on how to mitigate network slowdowns, improve overall visibility, and improve DNS visibility, one of the top challenges the healthcare industry faces today.
Read moreThe harsh truth about the next cyberattack
I don’t know about you, but it seems like there’s news of some big data breach every other month. The hard truth is that no one can really predict the next cybersecurity meltdown. There is no doubt in my mind that it will happen again (and again…). Over the past 15-plus years, the one thing stuck out as being effective was the idea of always evaluating your security posture.
Read moreMonitoring Microsoft Teams traffic with Plixer Scrutinizer
The modern workplace is filled with companies working largely over inter-office messaging systems. These tools often leverage several different functions aside from chatting, such as video conferencing and file sharing. What was once just a small tool could now potentially be sucking down your office’s bandwidth. In this blog post, we’ll take a look at Microsoft Teams. Since this tool is now coming included in Microsoft Office’s standard line-up, its presence is becoming more and more common on corporate networks.
Read more5 ways of verifying security risks and avoiding false positives
I think I can safely assume that everyone knows the cautionary tale of the boy who cried wolf. If you don’t, the moral is the more you say something is wrong when nothing is wrong, the more likely it is no one will believe you when something actually is wrong. In the network security world, no one wants a security solution that cries wolf. Hidden within dozens of false positives, there could be one issue lurking, waiting to cause a lot of trouble on your network.
Read moreHow human negligence affects network security
As enterprises adjust to the new normal and remote work, they are bracing for potential attacks resulting from employee carelessness. Bad habits, such as leaving devices unattended while on the VPN, can pose serious risks to the business. This blog will discuss how human negligence affects network security and provide some examples of how some threat vectors impacts organizations.
Read moreForensic investigation of endpoints using NetFlow
This blog will go over how to use some of the features in Plixer Scrutinizer v19.0, such as the host index and IP groups functionality, to quickly define your endpoints and reduce the time it takes to find suspicious hosts. Recently we have seen an uptick in customers looking to use this functionality to its fullest to help speed up incident response.
Read moreHow can I load balance my NetFlow traffic across multiple collectors?
Do you find that you are constantly modifying NetFlow configurations to balance collector workloads? The latest release of Scrutinizer introduces an option to load balance the collector workload across multiple, distributed-collector clusters by automatically modifying Plixer Replicator profiles based on the number of exporters and flow volume processed at each collector.
Read moreTracking the SUNBURST exploit with metadata
Updated: 1/6/2021
On 12/13/20, cybersecurity company FireEye published research for the SUNBURST exploit, which is affecting companies using SolarWinds software. Since the news broke, we have been experimenting with ways that Plixer’s NDR solution, Scrutinizer, can help our customers determine the impact SUNBURST may have had on their networks.
Read moreDefining top talkers with Flexible NetFlow and AVC
I was recently on a call with a customer who wanted to know which applications use the most bandwidth during working hours—i.e. their top talkers. This gave me a great opportunity to review a specific feature of Flexible NetFlow and AVC integration. I’ve decided to build a small lab with a simple network configuration where I could set up a couple of VLANs, a trunk communication between L2 and L3 devices, and couple of devices. The end goal is to define what host under what VLAN is using what application the most.
Read more