Tuesday, August 26, 2014

An upset in the hype cycle battle

If you are one to enjoy the big promises and excitement around high tech, the recent Gartner report of the Hype Cycle for Emerging Technologies featured an exciting battle between two hype heavyweights: Big Data and The Internet of Things.

The free special report, has been published for 20 years chronicling the advancement of technologies across a roller coaster curve through periods ranging from the Innovation Trigger to the Peak of Inflated Expectations, dropping down through the Trough of Disillusionment and finally up the Slope of Enlightenment to the Plateau of Productivity. While these regions might sound a bit subjective, they do take into account that not all technologies progress at the same rate, and not every hyped technology even makes it to a point of productivity.

Big Data still has a long ride ahead of it down the backside of Inflated Expectations, with a projected 5-10 years until it reaches the Plateau. Gartner sees progress is being made, stating:
“While interest in big data remains undiminished, it has moved beyond the peak because the market has settled into a reasonable set of approaches, and the new technologies and practices are additive to existing solutions.”
Those projections until maturity are fluid. In 2012 and 2013, the analysts thought the Internet of Things had more than 10 years to reach productivity, but this year that was shortened to 5-10 years. Gartner says it's already "becoming a vibrant part of our, our customers' and our partners' business and IT landscape."

Monday, August 25, 2014

Infographic: Continuous monitoring key for federal cybersecurity

In response to the 2013 Executive Order 13636 on Improving Critical Infrastructure Cybersecurity, the framework published in 2014 by NIST addresses improving resilience to cyber incidents and reducing cyber threats. While one solution can’t fit all, a core component of the framework is continuous monitoring. 

Scroll through the infographic below to see why continuous monitoring is so important as well as how Uplogix has a different approach that makes real continuous monitoring possible. 

Or, download the full white paper it's based on now. After all, you can’t protect against threats unless you know reliably what’s happening in the IT infrastructure. 

Thursday, August 21, 2014

High resolution network device monitoring

As the summer season winds down, let's pull an analogy from a summer tradition: the great American road trip. Driving across the vast Western US, miles can go by without seeing another car, let alone an exit. You enjoy the scenery, only infrequently needing to consult a map because hours can pass before anything changes with your route. Then, later on in the trip you pull into a large city, trying to find your hotel for the night. If you consulted your map at the same rate as when you were on the open road, you'd miss the destination for sure. Instead, you are actively on the lookout—constantly checking the map, street signs and looking for landmarks to ensure you are ready to react when it's time.

This is kind of like monitoring in network management. Centralized monitoring tools poll remote devices over the network, generating traffic and a load on the managed devices. To lower this impact, sampling frequencies are decreased, sacrificing how quickly you'll know there is a problem when it occurs.

With network-independent, local connections to devices over the console port, Uplogix takes a default sampling interval down to every 30 seconds from a standard 15 minutes, or more. The high-resolution monitoring conducted by an Uplogix LM means that problems can be detected and recovered before SLAs kick in and the customer calls. This combination of monitoring frequency and depth with reliable automation of most level-1 runbook steps is like having an administrator with a crash cart plugged into network devices 24/7.

The clear benefit is increased uptime and decreased time for problem resolution—whether the issue is solved automatically, or the initial troubleshooting steps are taken automatically within minutes of the problem. In this situation, technicians at the NOC start working on the problem not from step one, but deeper into the runbook with the both the confidence that earlier steps did not resolve the issue, and knowing exactly where the problem lies because Uplogix has updated their dashboard and ticketing systems automatically.

In a multi-vendor network, issues often kick off a chain of finger pointing as everyone tries to isolate the problem and find out who is to blame. With local monitoring of devices, Uplogix can tell exactly where the issue is (with the carrier, in the network stack or downstream), ending the finger pointing and reducing what has been called the Mean-Time-to-Innocence—that period of time nobody likes when everyone is hoping someone else is to blame.

Check out our website for more information about Uplogix high resolution monitoring.

Friday, August 15, 2014

The challenge of continuous monitoring

In today’s environment of advanced persistent threats it is essential for organizations to have near real-time knowledge of their enterprise IT infrastructure so responses to external and internal threats can be made swiftly.

A successful continuous monitoring program provides visibility into assets, and leverages use of automated data feeds to quantify risk, ensure effectiveness of security controls, and implement prioritized remedies. A well-designed and well-managed continuous monitoring program can effectively transform an otherwise static cybersecurity process into a dynamic process providing essential security protection. 

The following is an excerpt from the Uplogix Solution Guide, Enhancing Cybersecurity in Federal Networks with Continuous Monitoring. Download the entire guide.

The challenge of continuous monitoring
Unfortunately there is no one single continuous-monitoring-in-a-box solution for critical infrastructure owners and operators. We have an ever-evolving patchwork of tools and processes focused on allowing organizations to view the health of the connected environment.

Continuous monitoring sounds like a simple solution to combat cyber-intruders. In theory with unlimited technology, funding and human talent, the challenge would easily be addressed. An organization would simply configure its networks and applications to automatically report in real-time all their connections and other various bytes of machine-generated data to logs for analysis, continuously analyze this data and wait for the signals of cyber-intruders to show up.

However, in the real world, where real technical, budgetary and human resource constraints exist, organizations face significant challenges to continuously monitor their infrastructure successfully. This is especially true at the federal government agency level, where networks produce an astounding amount of data and log files quickly grow exponentially in size.

The most valuable intelligence continuous monitoring can provide is situational awareness. Situational awareness is a term that refers to knowing what is around you, where it’s going, what it’s doing and how it might affect you. Situational awareness is important in work that involves significant consequences, such as military operations, piloting aircraft or managing a large enterprise. In cyberdefense, situational awareness is a prerequisite for meaningful action. After all, if you don’t understand what is happening, how can you make the right decision?

Continuous monitoring is, at its most elementary level, inwardly focused on activities such as vulnerability assessment and patch management. The strategic goal is to provide situational awareness of systems and their potential vulnerabilities. Yet simply knowing a problem exists doesn’t offer protection. One has to be able to act correctly and in time to keep up with the evolving threat and minimize risk.

When screening and evaluating available technology solutions, agencies should think about continuous monitoring as both an organizational and a technology challenge. They should seek a solution that increases situational awareness and enables an automated response.

Next time - how Uplogix enables continuous monitoring by operating from within...