In a new series of blogs, we will go over some recent data breaches and how metadata analysis could have helped with the detection and mitigation of certain events.Read more
With the dramatic shift to work from home, Plixer has been working with people all over the globe to visualize VPN traffic in a variety of different ways. I wanted to take some time to capture what the top five most common use cases I have been asked for are along with some examples of what the reports look like.Read more
I was working with a customer last week who had configured NetFlow on four of their Cisco routers. They had applied basically the same configuration to each of the routers, but only saw exported flows from three of them arrive at the collector.Read more
Who has the time, right?
You might laugh but the truth is, in the past few weeks you have become the guru of everything VPN on your company’s network. Questions are coming in left and right, and with a little time you have been able to dig into the data to find out who were your top VPN users, what applications they were using, and how your VPNs have been holding up.Read more
I’ve had the opportunity to work alongside two completed VeloCloud deployments over the past 6 months. This blog covers what I’ve learned about the setup and prerequisites within VMware’s VeloCloud interface and Plixer’s Scrutinizer interface for metadata/IPFIX analysis via flow collection. Once setup is complete, I will highlight how Plixer’s Scrutinizer platform uses that data to demystify the process of bandwidth allocation for carrier and edge selection.Read more
We’re all feeling it.
As a confident NetOps leader, you’ve made sure your business continuity plan had allowances for remote workers but BAM: in the blink of an eye, your company’s work-from-home policies became mandatory for everyone and your battleship of a plan now feels like it’s taking on water.Read more
In our first roundup post of the decade, I’ve included interesting articles whose topics include hacking satellites, the difference in mindset between technologists and policy makers, and what happens to your private health information when a pharmacy is acquired.Read more
We’ve all had days when we think to ourselves, “Man, I wish I could just work from home in my PJs.” Recently, as companies are allowing more employees to work remotely, VPN security is a greater concern and there is a growing need to monitor VPN tunnels.Read more
Almost every organization is equipped with VPNs to support a remote workforce these days. Often, secure VPNs use a no-split secure tunnel, tunneling all remote workstation traffic through the security control the business has supplied. A less secure VPN option is a split-tunnel. With this method, non-business traffic routes normally within the remote network, but often with less security.
Detecting VPN traffic on the network is a use case I hear daily from school systems ranging from primary schools all the way up through large universities. One of the biggest concerns for a security or network engineer is tracking potentially unwanted traffic on the network. This could be something harmless but forbidden like video games, or a major threat like the latest APT that was just uncovered. This is why we implement strict ACLs and segregated VLANs on the network, and why we look at things like Deep Packet Inspection (DPI) as well as SSL DPI to help us gain insight into encrypted traffic. This blog aims to go over a couple technologies you probably already have at your fingertips and how you can use IPFIX/NetFlow analytics to track this nefarious behavior.