search youtube arrow-left arrow-right quote close hamburger Twitter facebook linkedin page-header-bottom arrow right arrow left

Author: Jake

Jake Bergeron is currently one of Plixer's Sr. Solutions Engineers - He is currently responsible for providing customers with onsite training and configurations to make sure that Scrutinizer is setup to their need. Previously he was responsible for teaching Plixer's Advanced NetFlow Training / Malware Response Training. When he's not learning more about NetFlow and Malware detection he also enjoys Fishing and Hiking.
Security Operations

Detecting IP spoofing with Plixer Scrutinizer and Beacon

Posted on - by Jake

A common tactic for bad actors to get a foothold into the network is to leverage IP spoofing to either:

  1. Gain access to a network using a valid IP address
  2. To man-in-the-middle a known service, allowing them to eavesdrop/intercept traffic

Regardless of the intention, IP spoofing can be a hard problem to track down if you don’t have proper monitoring in place. Today I will go over how this tactic can easily be detected and alarmed on using Scrutinizer and Beacon. This solution provides full endpoint device profiling as well as network traffic monitoring.

Read more
VPN traffic monitoring

Detecting VPN traffic on the network

Posted on - by Jake

Detecting VPN traffic on the network is a use case I hear daily from school systems ranging from primary schools all the way up through large universities. One of the biggest concerns for a security or network engineer is tracking potentially unwanted traffic on the network. This could be something harmless but forbidden like video games, or a major threat like the latest APT that was just uncovered. This is why we implement strict ACLs and segregated VLANs on the network, and why we look at things like Deep Packet Inspection (DPI) as well as SSL DPI to help us gain insight into encrypted traffic. This blog aims to go over a couple technologies you probably already have at your fingertips and how you can use IPFIX/NetFlow analytics to track this nefarious behavior.

Read more

Network Operations

Network capacity planning fundamentals

Posted on - by Jake

Are we properly utilizing these expensive WAN links? That is probably a question you have asked yourself on more than one occasion when you get a bill from your provider. While MPLS/Broadband connectivity both have pros and cons, wouldn’t it be great if you had a tool to see if they were properly being utilized or if load is increasing over time? How about rather than just seeing in/out bits/s, you could determine what application is consuming the link? Stay tuned and see how it works!

Read more

Network Operations

Securing third-party VPN access

Posted on - by Jake

We all know that VPN monitoring is something every network and security engineer should be familiar with, but with the recent uptick of changes in companies work-from-home policies, IT departments are struggling to scale up to the VPN demands. Let’s be 100% honest about this: most networks weren’t designed to handle the demand we are seeing right now.

Read more

Security Operations

Current industry trends I saw at RSA 2020

Posted on - by Jake

RSA 2020 was last week and like every year I have attended, there was a whirlwind of new technologies and methodologies being presented by the vendors I spoke with. Continue on to see what things we learned and how Plixer can help solve problems facing today’s customers.

Read more
Network Operations

I installed Scrutinizer 100 times and here’s what I learned

Posted on - by Jake

As a Presales Engineer, I spend a good portion of my time helping with Scrutinizer installs and helping troubleshoot unique use cases for end users. In my 7 years of doing this, I’ve noticed a lot of commonality between installs even in disparate environments. I hope to add more to this list as time goes on and trends in the industry evolve further.

Read more
Performance Management

Monitoring QoS for application troubleshooting

Posted on - by Jake

Network and security teams collect flow and metadata to provide an accurate account of applications traversing the network. Another aspect of troubleshooting poor application performance is ensuring that QoS is being used properly. This blog will go over how collecting NetFlow/IPFIX data can easily help monitor and alarm on any new or existing QoS issues.

Read more
Security Operations

How to streamline your network monitoring workflows with API integrations

Posted on - by Jake

In this industry, I’ve seen a common trend of buying best-in-breed solutions that are built for one or a few things instead of the jack-of-all trade solutions. While I believe this idea is generally a good one, it often leaves end users with the task of learning multiple interfaces and leaves you with only using a fraction of the product you purchased.  As a sales engineer at Plixer, part of my role is working with customers to streamline their workflows using not just our solution, but others they have purchased as well. This blog will go over a couple types of integrations that we have and will hopefully spark something that you can use on your network.

Read more
Security Operations

Using your network as a sensor

Posted on - by Jake

I spent a lot of time talking to customers at RSA 2019 and a message that resonated with a lot of them was using your network as a sensor. I believe this is because SOC analysts often dig through log data or full packet capture—but then overlook network metadata because it isn’t available to them or they don’t know how to properly use it. This blog will give you a high-level view of what you might be missing out on by not collecting and analyzing network metadata such as IPFIX/NetFlow.

Read more

Download the new Gartner Network Detection and Response Market Guide
+