Skip to content
May 3 12

Trusted Third Parties and their Connections – Maintenance Nightmare!

The top three questions that we ask our clients are:

  1. Do you know your network perimeter?
  2. Do you have a list of managed connections?
  3. Are your network connections conformant with the Security Policy?

And the answers to all the questions are always YES, YES and YES. And it should be! After all, a networking team’s idealistic situation is to define the network perimeter and assert security compliance on each of the actively managed connection on the network. They perform a security “trapeze” act by constantly managing an active list of connections and monitoring the traffic on their network.

But when IPsonar runs its network discovery solution, we find a delta of 10-20% between what is known to the networking team versus what is connected to the network. Interestingly, this delta mostly consists of trusted third parties connections. Even though the networking team is confident about a list of managed connections, they may not be aware of unsecured trusted third party connections that infiltrate their network. When you do not know what’s out there, how do you even manage it?

At any given time, you can have multiple customers/partners/third parties connecting to your network. They may have followed the security policy but one mistake, one improper configuration, and your entire network becomes visible to them (or vice-versa). The intent was not malicious, but the result is definitely a start of networking team’s nightmare. Most vulnerabilities come from the unknowns in your network – and a trusted third party non-secure connection definitely falls under the category of unknowns. It is very important to issue and instate a “Third Party Network Security” policy, but it is more imperative to know about the third party connections and finally, crucial to secure the third party connections.

 

 

Leave a comment
Apr 10 12

Don’t Blame The Insiders…

According to the “2010 Data Breach Investigation Report” By Verizon, 48% of data breaches are caused by insiders – that’s literally half of the culprits of your data breaches! But before you panic, the report also stated that within the data breaches, 48% of breaches occur due to privilege misuse.

Goods news: Insiders are our allies. Bad news: their decisions or actions are not.

Does that mean that the insiders are the criminals that are causing deliberate data breaches? No, it does not. Insiders, in most cases, may not adhere to company’s security policies and add an unmanaged connection which may lead to data breach. The intent is not malicious, but unfortunately, the repercussions are.

Even though the security policy is strictly implemented and insiders are well educated on its conformance, how does the security team ensure that the “known” devices are the only devices existing in their network? Or no “unknown” devices have infiltrated the network? From a network security perspective, a “known” device is a managed device whereas an “unknown” device is a device that does not appear on any actively managed lists.

Imagine you have a database of all known devices in your network. Now someone in your South American manufacturing plant decides that the company-accepted wireless is too expensive or too cumbersome to install and calls their local ISP to set it up. Even though you keep track of all known devices in your network, how would you come about knowing this new wireless device installed in a remote plant?

Similarly, assume that your company is 100% Cisco house. All your known managed routers are Cisco routers. However, someone at the China office decides to cut some costs and add a non-conformant router.

In both cases, the insider did not have a malicious intent, but the new connection is now an “unknown” in your network. You need to know about it, you need to manage it, Period.

“Discover What’s Hiding In Your Network” – IPsonar will show you exactly that – the “unknowns” lurking in your network and the “knowns” that you are currently managing.  IPsonar concentrates on the importance of “known” vs. “unknown”. Discovering a “known” device is not exciting, as you already know about the existence of the device. However, discovering an unknown device would definitely lead to managing the security leaks.

Leave a comment
Nov 16 10

New Version of IPsonar Features Customer-Driven Enhancements

The latest version of IPsonar is out today, and it includes enhancements across the components of our product, including discovery & scanning, reporting and visualization and analysis.

Lumeta has added Secure Socket Layer (SSL) Certificate identification to our Device Discovery capabilities. This new capability will collect a variety of information SSL certificates across our customers’ large, complex networks where managing those certificates can pose a significant challenge.

The release also advances the Lumeta Network Index, IPsonar’s integrated network risk scorecard and provides rich comparison reporting capabilities allowing users to compare any two reports, highlighting the differences between reports.

In this latest version of the product, Lumeta also continues our commitment provide network situational awareness through our innovative visual analytic capabilities. Many in the industry know Lumeta from our company’s origins with the Internet Mapping Project, research we continue today. In this latest release, Lumeta has advanced the interactivity of IPsonar’s enterprise network mapping capabilities. With the ability to create & save user-defined layouts, users can group and label nodes on the map for easy reference and segmentation of the data.

If it’s been a while since you’ve considered what active network discovery and network situational awareness could mean to the network you’re responsible for, we hope you’ll contact us today for a demonstration of this latest version of IPsonar.

Leave a comment
Nov 1 10

How IF-MAP Works

Understanding IF-MAP from InfobloxInc on Vimeo.

Lumeta technology partner and fellow Trusted Computing Group member Infoblox recently released this promotional video showcasing how IF-MAP works.

In 2008, Lumeta the first vendor to specifically join the TCG in order to support the IF-MAP standard. Lumeta announced the availability of our IPsonar IF-MAP client in 2009 and we continue to support it today.

IF-MAP allows Lumeta IPsonar to interoperate with a host of network management and security solutions to deliver an automated, continuous solution. To bring visibility to network security management, Lumeta IPsonar provides rich network and security information into all networked devices and connectivity in support of large-scale cybersecurity operations. The automation that the TNC/IF-MAP standard demonstrates allows network security personnel to act on network conditions in real-time based on pre-defined policies.

Leave a comment
Aug 24 10

Lumeta Top 5 Vulnerabilities

Courtesy of NY Metro Infragard: https://www.nym-infragard.us/cms/

Leave a comment
« Older Entries