Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Gaining insight into security devices, SCADA networks

Monitoring security with StealthWatch from Lancope
Network/Systems Management Alert By Denise Dubie , Network World , 12/08/2008
Denise Dubie
Sign up for this newsletter now!

Senior Editor Denise Dubie guides you through the latest developments in management tools and services.

  • Share/Email
  • Tweet This
  • Comment
  • Print

There is no shortage of data that can be collected across complex distributed networks, but often network managers are challenged to extract meaningful information from the volumes of metrics pulled out of multiple proprietary systems.

For Matthew Shoemaker, network/systems engineer at Georgia's Henry County Water and Sewage Authority (HCWSA) near Atlanta, the need to centralize data across intrusion detection systems (IDS) was magnified by his organization's dependence also on SCADA (Supervisory Control and Data Acquisition) systems. Shoemaker says he went in search of technology that would help him centralize data collection from security systems, monitor network traffic and troubleshoot unknown threats.

"We were looking for a centralized way to look into network traffic, provisioning and diagnosis. We had a lot of IDS boxes, and it got to be too much to handle. There was no correlation of the information we were collecting, so it wasn't necessarily useful to us," Shoemaker explains.

Not only did he need to pull together data from disparate IDS appliances, but also Shoemaker wanted to get a better look at HCWSA's SCADA environment. Mostly Shoemaker had concerns over security with the SCADA systems.

"SCADA equipment manufacturers are proprietary so I needed something that could pull that proprietary information into the centralized repository," he says.

That's when Shoemaker learned of StealthWatch from Lancope. StealthWatch is software packaged on appliances that are distributed across a network, near a core switch or data center router. Upon installation, it performs a benchmark of normal traffic behavior and continuously monitors for changes. The product does not sit in line of network traffic, but passively monitors conversations between hosts and clients. Administrators can tap into the appliances via a Web-based interface or use the management console to configure, monitor and generate reports from multiple distributed appliances.
Sometimes called network behavior analysis technology, products like StealthWatch can learn normal patterns of an environment and then alert network managers when anomalies occur. That capabilities helped Shoemaker determine that Lancope was right for HCWSA's varied environment.

Denise Dubie is senior editor with Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Partner Content

Blue Stripe Software

www.bluestripe.com/

Improving Application Performance Troubleshooting

Diagnosing why an application is slow is hard, at times taking days or weeks to isolate and resolve. This paper explains the challenges involved using current management tools, provides a 'wish list' for application management and analysis, and explains the need for an application system-wide approach that monitors entire applications, not components.

Download Whitepaper

Virtual Vigilance: Managing Application Performance in Virtual Environments

This paper highlights the impact of virtualization on application performance.  "Managing Application Performance in Virtual Environments" states: "Best-in-Class organizations are predominately taking actions around improving visibility across both physical and virtual systems, assessing the business impact of application performance and understanding interdependencies of applications in virtualized environments."

Download Whitepaper

Application Service Requests: The Missing Link for Pragmatic ITSM

Forrester Research analyst Glenn O'Donnell and BlueStripe co-founder Vic Nyman discuss a breakthrough approach to application problem management. Learn the new approach for ITSM problem management, which provides: Rapid isolation of application slow-downs to specific components for quick problem resolution, 24/7 monitoring for proactive notification of potential issues before end users are impacted and much more.

Register for Webcast

Comments (3)
Login
Forgot your account info?

Insights indeed...but at a considerable $$$$By Schratboy on December 9, 2008, 10:44 amNotwithstanding the challenges of managing a level 1, 2 and 3 process control implementations, I'm sure Lancope's monitoring solution provided helpful visibility...

Reply | Read entire comment

Not if you already own Lancope By Anonymous on December 9, 2008, 11:44 amThis really speaks to getting more bang for your buck. You don't need to justify an additional spend if you're not using the product to it's fullest extent. Quite...

Reply | Read entire comment

Looks like the author hasBy payday loan bc on June 25, 2009, 3:34 pmLooks like the author has broad information in the subject matter. Thanks you for the news. payday loans canada payday loans canada payday loans canada payday loans...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Partner Content

Blue Stripe Software

www.bluestripe.com/

Improving Application Performance Troubleshooting

Diagnosing why an application is slow is hard, at times taking days or weeks to isolate and resolve. This paper explains the challenges involved using current management tools, provides a 'wish list' for application management and analysis, and explains the need for an application system-wide approach that monitors entire applications, not components.

Download Whitepaper

Virtual Vigilance: Managing Application Performance in Virtual Environments

This paper highlights the impact of virtualization on application performance.  "Managing Application Performance in Virtual Environments" states: "Best-in-Class organizations are predominately taking actions around improving visibility across both physical and virtual systems, assessing the business impact of application performance and understanding interdependencies of applications in virtualized environments."

Download Whitepaper

Application Service Requests: The Missing Link for Pragmatic ITSM

Forrester Research analyst Glenn O'Donnell and BlueStripe co-founder Vic Nyman discuss a breakthrough approach to application problem management. Learn the new approach for ITSM problem management, which provides: Rapid isolation of application slow-downs to specific components for quick problem resolution, 24/7 monitoring for proactive notification of potential issues before end users are impacted and much more.

Register for Webcast