Story image

Network blind spots and what you should do about them

03 Jun 2016

Organisations need to be proactive when it comes network blind spots to help overcome potential threats, according to Ixia, who says network blind spots are often where organisations see issues arise.

The company says issues such as outages, performance issues, security threats, and compliance problems often occur when blindspots popup in an organisation’s network.

“Network blind spots happen when an IT department is unable to see what’s happening on the network. They can occur for any number of reasons, such as poor architecture or inadequate monitoring infrastructure,” Stephen Urquhart, general manager ANZ, Ixia, says.

“These blind spots can lead to unplanned outages, angry customers, and security breaches. Organisations should be aware of the most common causes so they can regain network visibility,” he warns.

Ixia has found eight common causes behind network blind spots:

1. Lack of monitoring access. Monitoring tools need to provide an end-to-end view of what is happening in the network. This includes both physical and virtualised networks.

2. SPAN port shortages. Switched port analysers (SPAN) are often in short supply for monitoring purposes. They can also be easily misconfigured, resulting in incorrect or missing data captures.

3. SPAN port overloading. SPAN ports can drop packets if the switch CPU gets overloaded. This can drastically reduce the effectiveness of performance and security monitoring.

4. Monitoring virtualised environments. According to Gartner, up to 80% of data centre traffic is server-to-server, versus client-to-server. This creates excessive virtual machine traffic in virtualised data centres. This traffic may never be observed in regular monitoring.

5. Siloed IT teams. Security, networking, and compliance teams often don’t work together or share data. This leads to errors in decision making and poor compliance policies.

6. Rogue IT. Users adding their own ethernet switches, access points (i.e. mobiles), offsite data storage, or add other elements to the network can subvert company security policies and cause major blind spots.

7. Addition of new network equipment. Failure to record who owns new equipment that is added to the network can cause blind spots, especially when equipment gets lost or forgotten but is still functioning. Lost equipment causes wider security vulnerabilities that need to be addressed.

8. New equipment complexity. The more equipment introduced the more complex the overall IT system becomes. If the IT system is too complex it won’t be used and may be forgotten.

“If any of these blind spots apply to an organisation’s IT system, it is important to respond in a proactive manner, rather than waiting for a system breach,” Urquhart says.

“Companies should implement visibility architecture at the foundation, when assembling their network, to improve system visibility.

“Being proactive with the installation, maintenance and ongoing training related to IT infrastructure helps overcome potential threats, providing greater security and peace of mind to businesses,” he says.

Check Point announces integration with Microsoft Azure
The integration of Check Point’s advanced policy enforcement capabilities with Microsoft AIP’s file classification and protection features enables enterprises to keep their business data and IP secure, irrespective of how it is shared. 
Blockchain: New Zealand needs to get up to speed
"The technology can traverse every business domain and can have far reaching impacts on society as we know it."
Why AI will be procurement’s greatest ally
"AI can help identify emerging suppliers, technologies and products in specific categories."
Five key ways an IT professional can keep their body and mind healthy
Sitting in the same place facing an artificially lit screen for 6-8 hours a day can have a negative impact on your overall health if you don’t offset it with diet and exercise.
Are AI assistants teaching girls to be servants?
Have you ever interacted with a virtual assistant that has a female-based voice or look, and wondered whether there are implicitly harmful gender biases built into its code?
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Commission warns Spark for misleading in-contract customers
The warning follows an investigation into representations Spark made on its website and in emails in August and September 2018.
Optic Security Group celebrates Axis accolade
Auckland-based business security systems provider Fortlock has picked up an award at Axis Communications’ annual Oceania Axis Partner Summit 2019.